{"id":22413,"name":"org.eclipse.platform:org.eclipse.core.runtime","ecosystem":"maven","repository_url":"https://github.com/eclipse-platform/eclipse.platform","issues_count":42,"created_at":"2025-06-07T02:53:08.629Z","updated_at":"2025-06-07T02:53:08.629Z","purl":"pkg:maven/org.eclipse.platform:org.eclipse.core.runtime","metadata":{"id":4923112,"name":"org.eclipse.platform:org.eclipse.core.runtime","ecosystem":"maven","description":"Core Runtime","homepage":"https://projects.eclipse.org/projects/eclipse.platform","licenses":"Eclipse Public License - v 2.0","normalized_licenses":["EPL-2.0"],"repository_url":"https://github.com/eclipse-platform/eclipse.platform","keywords_array":[],"namespace":"org.eclipse.platform","versions_count":28,"first_release_published_at":"2017-03-30T12:27:33.000Z","latest_release_published_at":"2025-03-08T08:27:07.000Z","latest_release_number":"3.33.0","last_synced_at":"2025-06-05T04:39:53.956Z","created_at":"2022-07-27T02:03:29.382Z","updated_at":"2025-06-05T04:39:53.956Z","registry_url":"https://central.sonatype.com/artifact/org.eclipse.platform/org.eclipse.core.runtime/","install_command":null,"documentation_url":"https://appdoc.app/artifact/org.eclipse.platform/org.eclipse.core.runtime/","metadata":{},"repo_metadata":{"uuid":"470955049","full_name":"eclipse-platform/eclipse.platform","owner":"eclipse-platform","description":null,"archived":false,"fork":false,"pushed_at":"2023-03-13T14:07:05.000Z","size":129057,"stargazers_count":14,"open_issues_count":107,"forks_count":32,"subscribers_count":20,"default_branch":"master","last_synced_at":"2023-03-13T14:35:50.355Z","etag":null,"topics":["eclipse","java"],"latest_commit_sha":null,"homepage":"https://www.eclipse.org/eclipse/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"epl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"logo_url":null,"metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-03-17T10:56:08.000Z","updated_at":"2023-03-11T02:30:40.000Z","dependencies_parsed_at":"2022-07-12T16:32:41.397Z","dependency_job_id":null,"html_url":"https://github.com/eclipse-platform/eclipse.platform","commit_stats":null,"repository_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-platform%2Feclipse.platform","tags_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-platform%2Feclipse.platform/tags","manifests_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-platform%2Feclipse.platform/manifests","owner_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eclipse-platform","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":108921946,"host_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names"},"owner_record":{"login":"eclipse-platform","name":"Eclipse Platform","uuid":"95248176","kind":"organization","description":"Eclipse Platform is a framework for rich client applications in Java, powering the Eclipse IDE and other toolsets","email":"platform-dev@eclipse.org","website":"https://www.eclipse.org/eclipse/","location":null,"twitter":"EclipseJavaIDE","company":null,"avatar_url":"https://avatars.githubusercontent.com/u/95248176?v=4","repositories_count":21,"last_synced_at":"2023-03-03T19:42:33.659Z","metadata":{"has_sponsors_listing":false},"owner_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eclipse-platform"},"tags":[{"name":"v20020429vk_new_layout","sha":"7add98028fe9c15828fcf9257242d993f925010c","kind":"commit","published_at":"2002-04-26T19:56:46.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020429vk_new_layout","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020429vk_new_layout"},{"name":"v20020426vk_new_layout","sha":"0b885ad2db4b8a680d9738372e68e9a2b08da4a7","kind":"commit","published_at":"2002-04-26T14:35:50.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020426vk_new_layout","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020426vk_new_layout"},{"name":"v20020416fix1","sha":"fb31e1035e5afa49b6a272ef5bf3be512bab1a6c","kind":"commit","published_at":"2002-04-25T19:15:15.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020416fix1","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020416fix1"},{"name":"v20020425","sha":"8588bccd2dfad9a60b22eb364c4ce0e5d9d57ee8","kind":"commit","published_at":"2002-04-25T14:35:52.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020425","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020425"},{"name":"Root_vk_new_build_layout","sha":"8588bccd2dfad9a60b22eb364c4ce0e5d9d57ee8","kind":"commit","published_at":"2002-04-25T14:35:52.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/Root_vk_new_build_layout","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/Root_vk_new_build_layout"},{"name":"v20020423","sha":"fd195ffe689b0094f211b25e60729593b24da2a0","kind":"commit","published_at":"2002-04-23T12:18:48.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020423","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020423"},{"name":"v20020418","sha":"9fbb7d96454402aa081c419ca4e4a78f9f77db95","kind":"commit","published_at":"2002-04-18T15:17:03.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020418","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020418"},{"name":"v20020411","sha":"b0896554082fe79ff6d92a121fdd9555fdde2101","kind":"commit","published_at":"2002-04-11T19:05:34.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020411","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020411"},{"name":"v20020409a","sha":"5e0d9f56ccab5c2c3a47efcebcda215c45b97de5","kind":"commit","published_at":"2002-04-09T21:14:56.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020409a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020409a"},{"name":"v20020409","sha":"2bb304f00855e877455c5ffab76aaf062bd4c15c","kind":"commit","published_at":"2002-04-09T16:04:46.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020409","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020409"},{"name":"v20020402","sha":"f30e41248609adc1e359e0bc43fe4dd3aa6e752d","kind":"commit","published_at":"2002-04-02T13:53:44.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020402","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020402"},{"name":"fragmentsVersion","sha":"92dd0a5af51f251bb4ee7ffe2c3708c1f3779731","kind":"commit","published_at":"2002-03-29T17:08:16.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/fragmentsVersion","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/fragmentsVersion"},{"name":"v20020327_vk_reconciled","sha":"59fc5e1fcca345371ec7af6f0cf583c27797f399","kind":"commit","published_at":"2002-03-27T16:32:38.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020327_vk_reconciled","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020327_vk_reconciled"},{"name":"v20020327_ce_intermediate","sha":"d208168e7297bb0efa25962d1c73f18e38bd2a10","kind":"commit","published_at":"2002-03-27T15:50:36.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020327_ce_intermediate","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020327_ce_intermediate"},{"name":"v20020326","sha":"497642aab5d9f2c6d7ae193176973de75a1e2308","kind":"commit","published_at":"2002-03-26T01:46:57.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020326","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020326"},{"name":"v20020321","sha":"0a654ae091d5edf29c88b4145eda816d91a12ec5","kind":"commit","published_at":"2002-03-21T17:51:44.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020321","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020321"},{"name":"rtp_first_working_version","sha":"5d386da448496ffddcad0aff46887e82d164524f","kind":"commit","published_at":"2002-03-19T18:20:10.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/rtp_first_working_version","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/rtp_first_working_version"},{"name":"v20020320","sha":"c229e4aff64afc3010e791145dcb95e1fc368ebc","kind":"commit","published_at":"2002-03-18T20:53:40.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020320","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020320"},{"name":"v20020318","sha":"34d88f2c9bfce718632629d584e3b8c0ab0ca5d1","kind":"commit","published_at":"2002-03-17T22:13:16.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020318","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020318"},{"name":"v20020314","sha":"f2b27c55349bb61e027cbc54a07ff8c6409e1cc8","kind":"commit","published_at":"2002-03-14T14:31:46.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020314","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020314"},{"name":"v20020312","sha":"66d74e7a13a7196b1ad5fcab55515241ffafeb3f","kind":"commit","published_at":"2002-03-12T15:17:49.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020312","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020312"},{"name":"rtp_ant_rework","sha":"bc7ad435a4431a16560c4207df31cc997a5fb011","kind":"commit","published_at":"2002-03-12T14:48:07.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/rtp_ant_rework","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/rtp_ant_rework"},{"name":"v20020308","sha":"88ad917de355c043bcb432e8cb71627876ce6c4a","kind":"commit","published_at":"2002-03-08T13:48:25.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020308","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020308"},{"name":"v20020305","sha":"082f196ecff0d34054d40c66574d95e3c24b3956","kind":"commit","published_at":"2002-03-05T15:57:59.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020305","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020305"},{"name":"v20020228","sha":"854bc27702d8e3243b5db0c1c91c92ffc2b0d1f2","kind":"commit","published_at":"2002-02-27T20:33:01.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020228","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020228"},{"name":"v20020226","sha":"33916e08e39e862646d3c78852ab6b2ce253418a","kind":"commit","published_at":"2002-02-26T02:52:08.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020226","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020226"},{"name":"v20020214","sha":"367a9194739b9aaa5aafe1fb13c747f57835e575","kind":"commit","published_at":"2002-02-14T16:40:41.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020214","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020214"},{"name":"v20020213","sha":"9b1b1e2f4d1ef9cfe2733380f7d03a36514486f7","kind":"commit","published_at":"2002-02-13T21:40:25.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020213","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020213"},{"name":"v20020212a","sha":"45a748095fdc8783f06f8973def456f1ad32643a","kind":"commit","published_at":"2002-02-12T23:44:01.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020212a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020212a"},{"name":"v20020212","sha":"4b3d1f8f1591712fbbc6e03f716b774104c8415c","kind":"commit","published_at":"2002-02-12T15:52:19.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020212","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020212"},{"name":"v20020208","sha":"e825b0a03b26adf943aec8302ff5ac441b5b4eac","kind":"commit","published_at":"2002-02-09T00:17:17.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020208","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020208"},{"name":"v20020206_encode-decode","sha":"296a15847a85279c850c86dae41a1755829497e6","kind":"commit","published_at":"2002-02-06T18:20:26.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020206_encode-decode","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020206_encode-decode"},{"name":"INTERNAL_REFACTORING_IN_PROGRESS_DO_NOT_LOAD_v20020205","sha":"3ba3ecf6b626eef8908cc1d7d67ba6b8cee1f05a","kind":"commit","published_at":"2002-02-05T16:09:16.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/INTERNAL_REFACTORING_IN_PROGRESS_DO_NOT_LOAD_v20020205","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/INTERNAL_REFACTORING_IN_PROGRESS_DO_NOT_LOAD_v20020205"},{"name":"v20020204","sha":"aa241e6aa3ecfd6e8eef4a8535180e8f3e08b0c1","kind":"commit","published_at":"2002-02-04T05:25:41.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020204","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020204"},{"name":"v20020205","sha":"f0b429a625423784f35e40b40c9faa4b3e278e50","kind":"commit","published_at":"2002-01-31T17:11:02.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020205","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020205"},{"name":"v20020129","sha":"40c7ffd761374f07b718354601ee33638e6a7d87","kind":"commit","published_at":"2002-01-29T16:42:27.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020129","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020129"},{"name":"v20020124","sha":"0bf7fa6f254ad7cb6378c02a25d3bea76dfcf9d6","kind":"commit","published_at":"2002-01-24T21:35:08.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020124","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020124"},{"name":"v20020123","sha":"f1b9de1522f69e0df01cdb4ccae8dfb3fed74532","kind":"commit","published_at":"2002-01-23T22:02:57.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020123","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020123"},{"name":"v20020122b","sha":"cd704943bfe64d4938eb37719cdde20495c3f1f1","kind":"commit","published_at":"2002-01-22T20:13:26.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020122b","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020122b"},{"name":"v20020122a","sha":"79c3d10b5c69434014df5cf50abdd18b6b4737a1","kind":"commit","published_at":"2002-01-22T20:06:24.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020122a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020122a"},{"name":"v20020122","sha":"18d8f80da06d95cb5a0426e8b996fffe074da932","kind":"commit","published_at":"2002-01-22T15:04:46.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020122","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020122"},{"name":"v20020115","sha":"52b259e4353733de00c322bd5ea27bb87145bddc","kind":"commit","published_at":"2002-01-15T05:32:15.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020115","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020115"},{"name":"v20020107","sha":"4c68b55347ef9e643028e76ffd00400f5b8a7665","kind":"commit","published_at":"2002-01-07T19:44:44.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020107","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020107"},{"name":"v20020103vk","sha":"994da968bbcafec7a83c08055a52dde667abdae6","kind":"commit","published_at":"2001-12-21T21:06:00.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20020103vk","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20020103vk"},{"name":"v20010103vk","sha":"994da968bbcafec7a83c08055a52dde667abdae6","kind":"commit","published_at":"2001-12-21T21:06:00.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20010103vk","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20010103vk"},{"name":"v20011218","sha":"fa93a6685df5f44b03dbeefb91aa98c504704c93","kind":"commit","published_at":"2001-12-18T16:46:12.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20011218","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20011218"},{"name":"v20011217","sha":"a4025dc2977118fdccdf621d418806712b414b55","kind":"commit","published_at":"2001-12-17T21:50:33.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20011217","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20011217"},{"name":"v20011211","sha":"28477ac51afc9575dfa37faa4313ca19ee205b75","kind":"commit","published_at":"2001-12-11T15:50:48.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20011211","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20011211"},{"name":"v2001211_10","sha":"5b8816d19f9908ce4fff4e31dfc873a255312457","kind":"commit","published_at":"2001-12-11T14:45:47.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v2001211_10","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v2001211_10"},{"name":"v145","sha":"d9502f367acfeea3b3805a8d590d10b472f0ae4b","kind":"commit","published_at":"2001-11-27T17:30:06.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v145","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v145"},{"name":"v213","sha":"da2ed1ffe2c9908568222d4232139e6f0283b86e","kind":"commit","published_at":"2001-11-23T15:37:55.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v213","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v213"},{"name":"v212","sha":"7887ae95006717532eb4ff8b392619d0af342c78","kind":"commit","published_at":"2001-11-22T19:24:24.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v212","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v212"},{"name":"v211","sha":"1371255b5c10b16338253312dbd19195b396e3bc","kind":"commit","published_at":"2001-11-20T15:24:37.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v211","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v211"},{"name":"v20011120","sha":"56a3de2131f93a4307080b654eeae9f1e8d5bd27","kind":"commit","published_at":"2001-11-20T14:58:10.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v20011120","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v20011120"},{"name":"v011113","sha":"55bdc03357330f404f15d016fd2739dd6734b6d2","kind":"commit","published_at":"2001-11-07T17:07:18.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v011113","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v011113"},{"name":"v209","sha":"e79799af547810d6d14883aa80b4a0e3c878543a","kind":"commit","published_at":"2001-11-07T15:39:17.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v209","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v209"},{"name":"v208","sha":"5c95d85c2b5d0c14e98427c7da7204cdd199d5af","kind":"commit","published_at":"2001-11-05T15:32:25.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v208","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v208"},{"name":"v011101","sha":"7f7ef64ed356606eb3992cf6204774dfc7d5c6b4","kind":"commit","published_at":"2001-10-31T19:14:30.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v011101","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v011101"},{"name":"v207","sha":"5f011eef44ee358628bc2ad5d5765f58bd38f3cd","kind":"commit","published_at":"2001-10-31T15:37:27.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v207","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v207"},{"name":"v206","sha":"caca8ac4cda62e8db5786dd0d6d17d07d6be187c","kind":"commit","published_at":"2001-10-24T15:43:27.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v206","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v206"},{"name":"v204","sha":"dcabea7fab3643b12ee150362b20a1e0f7ed10f9","kind":"commit","published_at":"2001-10-11T17:11:46.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v204","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v204"},{"name":"v203","sha":"7e4082bb2b884a5d1ac885c9a5cfd2d828113f14","kind":"commit","published_at":"2001-10-04T16:01:47.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v203","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v203"},{"name":"v202","sha":"2f64acd19178df4f2d0d3655a31467c9a196897d","kind":"commit","published_at":"2001-09-27T19:56:04.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v202","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v202"},{"name":"v201","sha":"1486e4726b81b17b437cc9694b2ff9fe63b1239b","kind":"commit","published_at":"2001-09-24T20:55:08.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v201","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v201"},{"name":"v200","sha":"62cafc140894c295f18054a4b129f31098b47147","kind":"commit","published_at":"2001-09-13T14:23:21.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v200","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v200"},{"name":"r1_v134","sha":"90828c5b458532547980c043541564e864bf8dad","kind":"commit","published_at":"2001-08-29T14:23:02.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/r1_v134","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/r1_v134"},{"name":"v134","sha":"e1adc9e7190ce85288bb82bc6a38ab4e0d8461de","kind":"commit","published_at":"2001-08-29T13:49:09.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v134","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v134"},{"name":"r1_v133","sha":"0b6d59b847143ad56567681571bc9a81a9ae716b","kind":"commit","published_at":"2001-08-28T13:57:51.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/r1_v133","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/r1_v133"},{"name":"v133","sha":"85cc9c5aca6f00b2cf514b71b781e1f23adc08bb","kind":"commit","published_at":"2001-08-27T14:14:33.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v133","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v133"},{"name":"v132","sha":"c0f40eb34c5ce1adc23d08729c6ca98ac1722c9d","kind":"commit","published_at":"2001-08-20T21:14:30.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v132","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v132"},{"name":"v130","sha":"6ef6fa0185cc700281107eae77fee122e3a8a3dd","kind":"commit","published_at":"2001-08-13T20:35:48.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v130","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v130"},{"name":"v129","sha":"6866eff69c30d0434912e25fc2595b1407310973","kind":"commit","published_at":"2001-08-07T13:31:34.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v129","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v129"},{"name":"v128","sha":"9753a203cb82110125227f7af8b91e060fdf9590","kind":"commit","published_at":"2001-07-25T16:25:38.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v128","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v128"},{"name":"v127","sha":"0b5322a78fb0e4b2d0a1fba7e7ef6df85abc45df","kind":"commit","published_at":"2001-07-17T18:45:53.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v127","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v127"},{"name":"v125","sha":"ec05494654d18a1970a98d7ed052a5fdc0d521d6","kind":"commit","published_at":"2001-06-15T19:34:51.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v125","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v125"},{"name":"v124","sha":"c2d1e50f41e4c3b160f8fcdb66e41430676abd1b","kind":"commit","published_at":"2001-06-14T16:26:23.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v124","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v124"},{"name":"v_Eclipse_0_9","sha":"96ae68d41a5dee40eebde66b239e2fd13640c615","kind":"commit","published_at":"2001-06-14T15:33:50.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v_Eclipse_0_9","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v_Eclipse_0_9"},{"name":"v123","sha":"ffd5321438ebf820c4f3a825e0dd176dfef8f104","kind":"commit","published_at":"2001-06-13T15:48:45.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v123","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v123"},{"name":"v122","sha":"e7d52af4a0e84b2a1c19e634ddadbc8a2010eed1","kind":"commit","published_at":"2001-06-09T13:43:13.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v122","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v122"},{"name":"v121","sha":"f8550e8fbca912dc6c7b3f2e274525fee1a688a6","kind":"commit","published_at":"2001-06-08T17:38:39.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v121","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v121"},{"name":"v121a","sha":"4982ca3b17e861a54b1a53481f00de1e3150f7e7","kind":"commit","published_at":"2001-06-08T17:19:28.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v121a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v121a"},{"name":"v120","sha":"5adc409e2b1ac14feef595ef2016e33298924ac2","kind":"commit","published_at":"2001-06-07T16:11:30.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v120","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v120"},{"name":"v120a","sha":"66d22c785d4f11bd0c46536b2114e40e146d8085","kind":"commit","published_at":"2001-06-07T15:40:22.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v120a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v120a"},{"name":"v118","sha":"ff3c3a4f8b1fb0303efa6f410b2705e83857a09e","kind":"commit","published_at":"2001-06-02T04:34:09.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v118","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v118"},{"name":"v117a","sha":"15dff9ce21c869a9d9cbf9d355207d666025e2c8","kind":"commit","published_at":"2001-06-01T17:46:43.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v117a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v117a"},{"name":"v117","sha":"168f2c4678c6b3cb7aeef6d2a46c72f5490163de","kind":"commit","published_at":"2001-06-01T14:53:48.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v117","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v117"},{"name":"v116","sha":"511463b7c28d117073538653b29cbd8037f48246","kind":"commit","published_at":"2001-05-31T12:54:03.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v116","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v116"},{"name":"v114","sha":"cdc624db12b1bc175dbdbeae301a1a88c0185b97","kind":"commit","published_at":"2001-05-29T15:00:05.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v114","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v114"},{"name":"v114a","sha":"4df87e7e21faa413639eb47f1dbc8bd65fa1086b","kind":"commit","published_at":"2001-05-28T21:02:34.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v114a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v114a"},{"name":"v112a","sha":"2da013070317a2a9486c285a5c3820213fc0a5d3","kind":"commit","published_at":"2001-05-23T19:58:38.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v112a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v112a"},{"name":"v112","sha":"2da013070317a2a9486c285a5c3820213fc0a5d3","kind":"commit","published_at":"2001-05-23T19:58:38.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v112","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v112"},{"name":"v110","sha":"e876674d1a9c23263f7df717c771f5bc9c8f1678","kind":"commit","published_at":"2001-05-22T18:33:49.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v110","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v110"},{"name":"v108b","sha":"83f3d907557b50233b0e9d2d58ecbbf0e8807dd6","kind":"commit","published_at":"2001-05-17T18:18:32.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v108b","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v108b"},{"name":"v108a","sha":"c187360532e95132427e9b9238bb390b3f2addff","kind":"commit","published_at":"2001-05-17T16:44:16.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v108a","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v108a"},{"name":"v108","sha":"23d293dca23a53ca8b5b9ac48c67126bfc515b32","kind":"commit","published_at":"2001-05-17T14:25:18.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v108","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v108"},{"name":"v107","sha":"9ad7fcb23f80dbebb793a69609da633e9490b79c","kind":"commit","published_at":"2001-05-14T18:03:31.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v107","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v107"},{"name":"v106","sha":"9ad7fcb23f80dbebb793a69609da633e9490b79c","kind":"commit","published_at":"2001-05-14T18:03:31.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v106","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v106"},{"name":"v105","sha":"fb3d21592e7288019a80eacff74157c8f4e7ec2a","kind":"commit","published_at":"2001-05-11T15:46:14.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v105","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v105"},{"name":"v104","sha":"c782af5db3ce2a39b36bacb4a696e2ebabbc9414","kind":"commit","published_at":"2001-05-07T22:36:40.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v104","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v104"},{"name":"v102","sha":"5c644f0582bd88a9533c8925742c1824feeb7a33","kind":"commit","published_at":"2001-05-02T20:29:29.000Z","download_url":"https://codeload.github.com/eclipse-platform/eclipse.platform/tar.gz/v102","html_url":"https://github.com/eclipse-platform/eclipse.platform/releases/tag/v102"}]},"repo_metadata_updated_at":"2023-03-22T02:45:36.039Z","dependent_packages_count":291,"downloads":null,"downloads_period":null,"dependent_repos_count":144,"rankings":{"downloads":null,"dependent_repos_count":1.4906546266355654,"dependent_packages_count":0.28031058412721294,"stargazers_count":41.31826327223217,"forks_count":27.31231667150537,"docker_downloads_count":null,"average":17.60038628862508},"purl":"pkg:maven/org.eclipse.platform/org.eclipse.core.runtime","advisories":[{"uuid":"GSA_kwCzR0hTQS1qMjRoLXhjcGMtOWp3OM4AA3d2","url":"https://github.com/advisories/GHSA-j24h-xcpc-9jw8","title":"Eclipse IDE XXE in eclipse.platform","description":"### Impact\nxml files like \".project\" are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review  a foreign repository or patch).\n\nVulnerablility was found by static code analysis (SonarLint).\n\nExample `.project` file:\n```\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e \n\u003c!DOCTYPE price [\n\u003c!ENTITY xxe SYSTEM \"http://127.0.0.1:49416/evil\"\u003e]\u003e\n\u003cprojectDescription\u003e\n\t\u003cname\u003ep\u003c/name\u003e\n\t\u003ccomment\u003e\u0026xxe;\u003c/comment\u003e\n\u003c/projectDescription\u003e\n```\n\n### Patches\nSimilar patches including junit test that shows the vulnerability have already applied to PDE (see https://github.com/eclipse-pde/eclipse.pde/pull/667). A solution to platform should be the same: just reject parsing any XML that contains any `DOCTYPE`.\n\n### Workarounds\nNo known workaround. User can only avoid to get/open any foreign files with eclipse. Firewall rules against loss of data (but not against XML bomb).\n\n### References\nhttps://cwe.mitre.org/data/definitions/611.html\nhttps://rules.sonarsource.com/java/RSPEC-2755\nhttps://gitlab.eclipse.org/security/vulnerability-reports/-/issues/8 (Report for multiple projects affected)\n\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2023-11-30T19:52:54.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/eclipse-platform/eclipse.platform/security/advisories/GHSA-j24h-xcpc-9jw8","https://nvd.nist.gov/vuln/detail/CVE-2023-4218","https://github.com/eclipse-emf/org.eclipse.emf/issues/10","https://github.com/eclipse-platform/eclipse.platform.releng.buildtools/pull/45","https://github.com/eclipse-platform/eclipse.platform/pull/761","https://github.com/eclipse-cdt/cdt/commit/c7169b3186d2fef20f97467c3e2ad78e2943ed1b","https://github.com/eclipse-jdt/eclipse.jdt.core/commit/38dd2a878f45cdb3d8d52090f1d6d1b532fd4c4d","https://github.com/eclipse-jdt/eclipse.jdt.ui/commit/13675b1f8a74f47de4da89ed0ded6af7c21dfbec","https://github.com/eclipse-platform/eclipse.platform.swt/commit/bf71db5ddcb967c0863dad4745367b54f49e06ba","https://github.com/eclipse-platform/eclipse.platform.ui/commit/f243cf0a28785b89b7c50bf4e1cce48a917d89bd","https://github.com/eclipse-platform/eclipse.platform/commit/5dc372a0c5002b7f22e5d49eaa1cbf0916455daf","https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/8","https://github.com/eclipse-pde/eclipse.pde/pull/632","https://github.com/eclipse-pde/eclipse.pde/pull/667","https://github.com/advisories/GHSA-j24h-xcpc-9jw8"],"source_kind":"github","identifiers":["GHSA-j24h-xcpc-9jw8","CVE-2023-4218"],"repository_url":"https://github.com/eclipse-platform/eclipse.platform","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"3.30.0","vulnerable_version_range":"\u003c 3.30.0"}],"ecosystem":"maven","package_name":"org.eclipse.jdt:org.eclipse.jdt.ui"},{"versions":[{"first_patched_version":"1.3.100","vulnerable_version_range":"\u003c 1.3.100"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.urischeme"},{"versions":[{"first_patched_version":"3.130.0","vulnerable_version_range":"\u003c 3.130.0"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.ui.workbench"},{"versions":[{"first_patched_version":"3.21.100","vulnerable_version_range":"\u003c 3.21.100"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.ui.ide"},{"versions":[{"first_patched_version":"3.13.0","vulnerable_version_range":"\u003c 3.13.0"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.ui.forms"},{"versions":[{"first_patched_version":"3.31.0","vulnerable_version_range":"\u003c 3.31.0"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.jface"},{"versions":[{"first_patched_version":"4.29.0","vulnerable_version_range":"\u003c 4.29.0"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.platform"},{"versions":[{"first_patched_version":"3.29.0","vulnerable_version_range":"\u003c 3.29.0"}],"ecosystem":"maven","package_name":"org.eclipse.platform:org.eclipse.core.runtime"}],"created_at":"2023-11-30T20:05:58.846Z","updated_at":"2025-05-22T01:11:27.390Z","epss_percentage":0.00029,"epss_percentile":0.06503}],"docker_usage_url":"https://docker.ecosyste.ms/usage/maven/org.eclipse.platform:org.eclipse.core.runtime","docker_dependents_count":80,"docker_downloads_count":12931885,"usage_url":"https://repos.ecosyste.ms/usage/maven/org.eclipse.platform:org.eclipse.core.runtime","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/maven/org.eclipse.platform:org.eclipse.core.runtime/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.eclipse.platform:org.eclipse.core.runtime/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.eclipse.platform:org.eclipse.core.runtime/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.eclipse.platform:org.eclipse.core.runtime/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.eclipse.platform:org.eclipse.core.runtime/related_packages","maintainers":[],"registry":{"name":"repo1.maven.org","url":"https://repo.maven.apache.org/maven2","ecosystem":"maven","default":true,"packages_count":517936,"maintainers_count":0,"namespaces_count":68848,"keywords_count":32053,"github":"maven-central","metadata":{"funded_packages_count":25044},"icon_url":"https://github.com/maven-central.png","created_at":"2022-07-21T16:40:13.074Z","updated_at":"2025-06-07T05:38:09.526Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/namespaces"}},"unique_repositories_count":21,"unique_repositories_count_past_30_days":2,"recent_issues":[{"uuid":"4161865451","node_id":"PR_kwDORx4z787OUc2e","number":7,"state":"open","title":"build(deps): bump the maven group across 14 directories with 16 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-28T22:37:30.000Z","updated_at":"2026-03-28T22:46:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"maven","update_count":16,"packages":[{"name":"org.apache.cxf:cxf-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.5.11"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxrs","old_version":"Fuzzing-SNAPSHOT","new_version":"2.6.11"},{"name":"org.eclipse.jetty:jetty-server","old_version":"11.0.14","new_version":"11.0.24"},{"name":"org.apache.avro:avro","old_version":"Fuzzing-SNAPSHOT","new_version":"1.11.4"},{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.26.100","new_version":"3.29.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"},{"name":"org.apache.hadoop:hadoop-common","old_version":"Fuzzing-SNAPSHOT","new_version":"3.4.0"},{"name":"org.htmlunit:htmlunit","old_version":"2.7.0","new_version":"3.9.0","repository_url":"https://github.com/HtmlUnit/htmlunit"},{"name":"org.eclipse.jetty:jetty-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.56.v20240826"},{"name":"org.eclipse.jetty:jetty-http","old_version":"Fuzzing-SNAPSHOT","new_version":"12.0.31"},{"name":"org.eclipse.jetty.http2:http2-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.53.v20231009"},{"name":"org.bitbucket.b_c:jose4j","old_version":"Fuzzing-SNAPSHOT","new_version":"0.9.6"},{"name":"com.nimbusds:nimbus-jose-jwt","old_version":"9.30.1","new_version":"9.37.4"},{"name":"com.google.guava:guava","old_version":"31.1-jre","new_version":"32.0.0-jre","repository_url":"https://github.com/google/guava"},{"name":"com.google.protobuf:protobuf-java","old_version":"4.0.0-rc-2","new_version":"4.27.5","repository_url":"https://github.com/protocolbuffers/protobuf"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.3","new_version":"2.25.3"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.2","new_version":"2.25.3"},{"name":"org.jboss.xnio:xnio-api","old_version":"3.8.8.Final","new_version":"3.8.14.Final"},{"name":"com.esotericsoftware.yamlbeans:yamlbeans","old_version":"Fuzzing-SNAPSHOT","new_version":"1.17","repository_url":"https://github.com/EsotericSoftware/yamlbeans"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 2 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core and org.apache.cxf:cxf-rt-frontend-jaxrs.\nBumps the maven group with 1 update in the /projects/async-http-client/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server.\nBumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.\nBumps the maven group with 1 update in the /projects/eclipse-equinox/equinox-fuzzer directory: [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform).\nBumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.\nBumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit).\nBumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.\nBumps the maven group with 1 update in the /projects/jose4j/project-parent/fuzz-targets directory: [org.bitbucket.b_c:jose4j](https://bitbucket.org/b_c/jose4j).\nBumps the maven group with 1 update in the /projects/nimbus-jwt/nimbus-jwt-fuzzer directory: [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt).\nBumps the maven group with 2 updates in the /projects/opencensus-java/project-parent/fuzz-targets directory: [com.google.guava:guava](https://github.com/google/guava) and [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf).\nBumps the maven group with 1 update in the /projects/pdfbox/project-parent/fuzz-targets directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/struts/struts2-fuzzer/webapp directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/xnio-api/xnio-fuzzer directory: org.jboss.xnio:xnio-api.\nBumps the maven group with 1 update in the /projects/yamlbeans/project-parent/fuzz-targets directory: [com.esotericsoftware.yamlbeans:yamlbeans](https://github.com/EsotericSoftware/yamlbeans).\n\nUpdates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.11\n\nUpdates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11\n\nUpdates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24\n\nUpdates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4\n\nUpdates `org.eclipse.platform:org.eclipse.core.runtime` from 3.26.100 to 3.29.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0\n\nUpdates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/HtmlUnit/htmlunit/releases\"\u003eorg.htmlunit:htmlunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eHtmlUnit 3.9.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-csp: new lib for CSP\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecommons-logging to 1.3.0, commons-io to 2.15.1, commons-lang3 to 3.14.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor (CVE-2023-49093).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eneko: new HTML named entities parser that is up to 20x faster for common entities and some more fixes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.9.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.8.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: support trailing commas in function parameters.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eupdated CSS3Parser pool implementation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimproved detection onf XML/XHtml content when not content type header is set\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.8.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.7.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eINCOMPATIBLE CHANGE: For this version, the processing of WebWindowListener events got many changes/fixes/improvements.                 The main point was to let this work as stable as possible even if many WebWindowListener are registered.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecssparser: Switched from JavaCC to ParserGeneratorCC (\u003ca href=\"https://github.com/tulipcc/ParserGeneratorCC\"\u003ehttps://github.com/tulipcc/ParserGeneratorCC\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: build system switched to maven\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplementation of CSS pseudo classes :invalid and :valid improved\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eForm.isValid() checks all form elements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDocumentation enhancements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esupport ComputedCSSStyleDeclaration when JS engine is disabled\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHtmlForm.getElements() is now part of the public api\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed a major memory leak\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e'rel' attribute may contain multiple values, we have to split before checking the value\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.7.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.6.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/a599e36ecc0b19a2ea76b73f7f48365fbb87c28a\"\u003e\u003ccode\u003ea599e36\u003c/code\u003e\u003c/a\u003e version 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/d4c11058e71b6ba5eaaf5d9565c1634b4bbeec1e\"\u003e\u003ccode\u003ed4c1105\u003c/code\u003e\u003c/a\u003e core-js 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/51f0eefd545bca2c17f12f237ba228a08aac4f7f\"\u003e\u003ccode\u003e51f0eef\u003c/code\u003e\u003c/a\u003e exclude commons.logging from httpcomponents\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/65986a459f15da0eed1616d91efdd65f99120334\"\u003e\u003ccode\u003e65986a4\u003c/code\u003e\u003c/a\u003e code style\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/1587961cf4043ea776d38683e53470993bc70771\"\u003e\u003ccode\u003e1587961\u003c/code\u003e\u003c/a\u003e lib updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/2a972ced6e7cc147a29c86c0e962f2696f9cc4ed\"\u003e\u003ccode\u003e2a972ce\u003c/code\u003e\u003c/a\u003e htmx 1.9.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/792e8456cd76f7cfd04587d539bd4fa929599000\"\u003e\u003ccode\u003e792e845\u003c/code\u003e\u003c/a\u003e new subproject htmlunit-csp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e07ba67cc1b030f90a2ad9882f271429345b008d\"\u003e\u003ccode\u003ee07ba67\u003c/code\u003e\u003c/a\u003e fix ms driver check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab\"\u003e\u003ccode\u003ee015082\u003c/code\u003e\u003c/a\u003e enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/77aeaa85e1fc69e929858ae700b24528275d8d07\"\u003e\u003ccode\u003e77aeaa8\u003c/code\u003e\u003c/a\u003e another minor neko update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.7...3.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.56.v20240826\n\nUpdates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.31\n\nUpdates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.53.v20231009\n\nUpdates `org.bitbucket.b_c:jose4j` from Fuzzing-SNAPSHOT to 0.9.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://bitbucket.org/b_c/jose4j/commits/tag/jose4j-0.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.nimbusds:nimbus-jose-jwt` from 9.30.1 to 9.37.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f64e094030ab82659dbfaea8c489cc56291539cf\"\u003e\u003ccode\u003ef64e094\u003c/code\u003e\u003c/a\u003e Makes the abstract class BaseJWEProvider public (iss \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/521\"\u003e#521\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ad6fed330a6bc5dbcb343aafd085ffd0d15c07d7\"\u003e\u003ccode\u003ead6fed3\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.35\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/81c7f24cc8a49f0f87c530e50d750bb1db22b4a8\"\u003e\u003ccode\u003e81c7f24\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/24aaaf02edf5d1ae4cc449b3d81a9151f26953dc\"\u003e\u003ccode\u003e24aaaf0\u003c/code\u003e\u003c/a\u003e Bumps jacoco-maven-plugin to 0.8.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ff01cd912fe53ee2946170781fe243564920be94\"\u003e\u003ccode\u003eff01cd9\u003c/code\u003e\u003c/a\u003e Adds new JWKSet.filter method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/9c7ca65e0f85a286b8ed32886f40266075f785c7\"\u003e\u003ccode\u003e9c7ca65\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/61118382fa75f27b29d89f9438361dbd15485c53\"\u003e\u003ccode\u003e6111838\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/11d0767dea84e47cff18236dcfe300845a781fcb\"\u003e\u003ccode\u003e11d0767\u003c/code\u003e\u003c/a\u003e Updates maven-surefire-plugin, removes config workaround for maven-surefire-p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/43118defa2dbf9ef4d3a451f6c45b4021d52f24b\"\u003e\u003ccode\u003e43118de\u003c/code\u003e\u003c/a\u003e Adds JWTClaimsSet.getListClaim method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f50158f96675591b27a327b4597280dfda4aac07\"\u003e\u003ccode\u003ef50158f\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.37\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.4..9.30.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e32.0.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\r\n  \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\r\n  \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-jre\u0026lt;/version\u0026gt;\r\n  \u0026lt;!-- or, for Android: --\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-android\u0026lt;/version\u0026gt;\r\n\u0026lt;/dependency\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-jre/guava-32.0.0-jre.jar\"\u003e32.0.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-android/guava-32.0.0-android.jar\"\u003e32.0.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca href=\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone runtime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar\"\u003efailureaccess-1.0.1.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/docs/\"\u003e32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/docs/\"\u003e32.0.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/diffs/\"\u003e32.0.0-jre vs. 31.1-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/diffs/\"\u003e32.0.0-android vs. 31.1-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/androiddiffs/\"\u003e32.0.0-android vs. 32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003ch4\u003eSecurity fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReimplemented \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e to further address CVE-2020-8908 (\u003ca href=\"https://redirect.github.com/google/guava/issues/4011\"\u003e#4011\u003c/a\u003e) and CVE-2023-2976 (\u003ca href=\"https://redirect.github.com/google/guava/issues/2575\"\u003e#2575\u003c/a\u003e). (feb83a1c8f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eWhile CVE-2020-8908 was officially closed when we deprecated \u003ccode\u003eFiles.createTempDir\u003c/code\u003e in \u003ca href=\"https://github.com/google/guava/releases/tag/v30.0\"\u003eGuava 30.0\u003c/a\u003e, we've heard from users that even recent versions of Guava have been listed as vulnerable in \u003cem\u003eother\u003c/em\u003e databases of security vulnerabilities. In response, we've reimplemented the method (and the very rarely used \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e class, which had a similar issue) to eliminate the insecure behavior entirely. This change could technically affect users in a number of different ways (discussed under \u0026quot;Incompatible changes\u0026quot; below), but in practice, the only problem users are likely to encounter is with Windows. If you are using those APIs under Windows, you should skip 32.0.0 and go straight to \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e which fixes the problem. (Unfortunately, we didn't think of the Windows problem until after the release. And while we \u003ca href=\"https://github.com/google/guava#important-warnings\"\u003ewarn that \u003ccode\u003ecommon.io\u003c/code\u003e in particular may not work under Windows\u003c/a\u003e, we didn't intend to regress support.) Sorry for the trouble.\u003c/p\u003e\n\u003ch4\u003eIncompatible changes\u003c/h4\u003e\n\u003cp\u003eAlthough this release bumps Guava's major version number, it makes \u003cstrong\u003eno binary-incompatible changes to the \u003ccode\u003eguava\u003c/code\u003e artifact\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eOne change could cause issues for Widows users, and a few other changes could cause issues for users in more usual situations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThe new implementations of \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e \u003ca href=\"https://redirect.github.com/google/guava/issues/6535\"\u003ethrow an exception under Windows\u003c/a\u003e.\u003c/strong\u003e This is fixed in \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e. Sorry for the trouble.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eguava-gwt\u003c/code\u003e now \u003ca href=\"https://redirect.github.com/google/guava/issues/6627\"\u003erequires\u003c/a\u003e GWT \u003ca href=\"https://github.com/gwtproject/gwt/releases/tag/2.10.0\"\u003e2.10.0\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThis release makes a binary-incompatible change to a \u003ccode\u003e@Beta\u003c/code\u003e API in the \u003cstrong\u003eseparate artifact\u003c/strong\u003e \u003ccode\u003eguava-testlib\u003c/code\u003e. Specifically, we changed the return type of \u003ccode\u003eTestingExecutors.sameThreadScheduledExecutor\u003c/code\u003e to \u003ccode\u003eListeningScheduledExecutorService\u003c/code\u003e. The old return type was a package-private class, which caused the Kotlin compiler to produce warnings. (dafaa3e435)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.protobuf:protobuf-java` from 4.0.0-rc-2 to 4.27.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.3\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.2 to 2.25.3\n\nUpdates `org.jboss.xnio:xnio-api` from 3.8.8.Final to 3.8.14.Final\n\nUpdates `com.esotericsoftware.yamlbeans:yamlbeans` from Fuzzing-SNAPSHOT to 1.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/EsotericSoftware/yamlbeans/commits/1.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/0ai-Cyberviser/oss-fuzz/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/0ai-Cyberviser/oss-fuzz/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/0ai-Cyberviser%2Foss-fuzz/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4161864691","node_id":"PR_kwDORx4z787OUcud","number":6,"state":"closed","title":"build(deps): bump the maven group across 8 directories with 12 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-28T23:04:15.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-28T22:37:02.000Z","updated_at":"2026-03-28T23:04:16.000Z","time_to_close":1633,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"maven","update_count":12,"packages":[{"name":"org.apache.cxf:cxf-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.5.11"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxrs","old_version":"Fuzzing-SNAPSHOT","new_version":"2.6.11"},{"name":"org.apache.cxf:cxf-rt-transports-http","old_version":"Fuzzing-SNAPSHOT","new_version":"3.1.16"},{"name":"org.apache.tika:tika-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.2.2","repository_url":"https://github.com/apache/tika"},{"name":"org.asynchttpclient:async-http-client","old_version":"Fuzzing-SNAPSHOT","new_version":"2.0.35","repository_url":"https://github.com/AsyncHttpClient/async-http-client"},{"name":"org.eclipse.jetty:jetty-server","old_version":"11.0.14","new_version":"11.0.24"},{"name":"org.apache.avro:avro","old_version":"Fuzzing-SNAPSHOT","new_version":"1.11.4"},{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.26.100","new_version":"3.29.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"},{"name":"org.apache.hadoop:hadoop-common","old_version":"Fuzzing-SNAPSHOT","new_version":"3.4.0"},{"name":"org.htmlunit:htmlunit","old_version":"2.7.0","new_version":"3.9.0","repository_url":"https://github.com/HtmlUnit/htmlunit"},{"name":"org.eclipse.jetty:jetty-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.56.v20240826"},{"name":"org.eclipse.jetty:jetty-http","old_version":"Fuzzing-SNAPSHOT","new_version":"12.0.31"},{"name":"org.eclipse.jetty.http2:http2-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.53.v20231009"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 3 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core, org.apache.cxf:cxf-rt-frontend-jaxrs and org.apache.cxf:cxf-rt-transports-http.\nBumps the maven group with 1 update in the /projects/apache-tika/project-parent/fuzz-targets directory: [org.apache.tika:tika-core](https://github.com/apache/tika).\nBumps the maven group with 2 updates in the /projects/async-http-client/project-parent/fuzz-targets directory: [org.asynchttpclient:async-http-client](https://github.com/AsyncHttpClient/async-http-client) and org.eclipse.jetty:jetty-server.\nBumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.\nBumps the maven group with 1 update in the /projects/eclipse-equinox/equinox-fuzzer directory: [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform).\nBumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.\nBumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit).\nBumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.\n\nUpdates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.11\n\nUpdates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11\n\nUpdates `org.apache.cxf:cxf-rt-transports-http` from Fuzzing-SNAPSHOT to 3.1.16\n\nUpdates `org.apache.tika:tika-core` from Fuzzing-SNAPSHOT to 3.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/tika/blob/main/CHANGES.txt\"\u003eorg.apache.tika:tika-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eRelease 4.0.0-BETA1 - ???\u003c/p\u003e\n\u003cp\u003eBREAKING CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMoved towards default json based configuration (TIKA-4544 and many others).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etika-pipes implementation modules have been reorganized by\nresource (tika-pipes-solr) vs task (tika-pipes-fetcher-solr)\n(TIKA-4543). Note that the file-system pipes components have\nbeen taken out of tika-pipes-core and placed in their own\npf4j module: tika-pipes-file-system.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etika-pipes implementation modules are now pf4j plugins (TIKA-4519).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etika-pipes core classes have been moved to a new module: tika-pipes-core,\nand the FileSystem pipes components have moved (TIKA-4334).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMetadataListFilter has been renamed MetadataFilter, and\nMetadataFilter has been removed (TIKA-4546).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved several modules, including: tika-batch (TIKA-4333), snaps deployment (TIKA-4502),\ndotnet (TIKA-4332), advanced media module (TIKA-4500), tika-dl module (TIKA-4499),\ntika-fuzzing module (TIKA-4506).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHeaders are no longer injected into the body/content of MSG files (TIKA-4345). Please open\na ticket if you need this behavior across email formats.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAPI changes in the EmbeddedStreamTranslator (TIKA-4518).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved DigestingParser (TIKA-4607).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOTHER CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix concurrency bug in TikaToXMP (TIKA-4393)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.3.0 - ???\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eVarious fixes based on regression testing (TIKA-4563).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove zip parsing (TIKA-4650).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd detection of compressed bmp (TIKA-4511).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow per file timeouts in tika-pipes (TIKA-4497).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd matroska detector (TIKA-1180).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow multiple values for many Dublin Core keys (TIKA-4466).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExtract macros by default in tika-app's commandline and gui (TIKA-4472).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apache/tika/commits/3.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.asynchttpclient:async-http-client` from Fuzzing-SNAPSHOT to 2.0.35\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/AsyncHttpClient/async-http-client/commits/async-http-client-project-2.0.35\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24\n\nUpdates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4\n\nUpdates `org.eclipse.platform:org.eclipse.core.runtime` from 3.26.100 to 3.29.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0\n\nUpdates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/HtmlUnit/htmlunit/releases\"\u003eorg.htmlunit:htmlunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eHtmlUnit 3.9.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-csp: new lib for CSP\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecommons-logging to 1.3.0, commons-io to 2.15.1, commons-lang3 to 3.14.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor (CVE-2023-49093).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eneko: new HTML named entities parser that is up to 20x faster for common entities and some more fixes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.9.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.8.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: support trailing commas in function parameters.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eupdated CSS3Parser pool implementation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimproved detection onf XML/XHtml content when not content type header is set\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.8.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.7.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eINCOMPATIBLE CHANGE: For this version, the processing of WebWindowListener events got many changes/fixes/improvements.                 The main point was to let this work as stable as possible even if many WebWindowListener are registered.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecssparser: Switched from JavaCC to ParserGeneratorCC (\u003ca href=\"https://github.com/tulipcc/ParserGeneratorCC\"\u003ehttps://github.com/tulipcc/ParserGeneratorCC\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: build system switched to maven\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplementation of CSS pseudo classes :invalid and :valid improved\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eForm.isValid() checks all form elements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDocumentation enhancements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esupport ComputedCSSStyleDeclaration when JS engine is disabled\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHtmlForm.getElements() is now part of the public api\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed a major memory leak\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e'rel' attribute may contain multiple values, we have to split before checking the value\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.7.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.6.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/a599e36ecc0b19a2ea76b73f7f48365fbb87c28a\"\u003e\u003ccode\u003ea599e36\u003c/code\u003e\u003c/a\u003e version 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/d4c11058e71b6ba5eaaf5d9565c1634b4bbeec1e\"\u003e\u003ccode\u003ed4c1105\u003c/code\u003e\u003c/a\u003e core-js 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/51f0eefd545bca2c17f12f237ba228a08aac4f7f\"\u003e\u003ccode\u003e51f0eef\u003c/code\u003e\u003c/a\u003e exclude commons.logging from httpcomponents\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/65986a459f15da0eed1616d91efdd65f99120334\"\u003e\u003ccode\u003e65986a4\u003c/code\u003e\u003c/a\u003e code style\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/1587961cf4043ea776d38683e53470993bc70771\"\u003e\u003ccode\u003e1587961\u003c/code\u003e\u003c/a\u003e lib updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/2a972ced6e7cc147a29c86c0e962f2696f9cc4ed\"\u003e\u003ccode\u003e2a972ce\u003c/code\u003e\u003c/a\u003e htmx 1.9.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/792e8456cd76f7cfd04587d539bd4fa929599000\"\u003e\u003ccode\u003e792e845\u003c/code\u003e\u003c/a\u003e new subproject htmlunit-csp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e07ba67cc1b030f90a2ad9882f271429345b008d\"\u003e\u003ccode\u003ee07ba67\u003c/code\u003e\u003c/a\u003e fix ms driver check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab\"\u003e\u003ccode\u003ee015082\u003c/code\u003e\u003c/a\u003e enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/77aeaa85e1fc69e929858ae700b24528275d8d07\"\u003e\u003ccode\u003e77aeaa8\u003c/code\u003e\u003c/a\u003e another minor neko update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.7...3.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.56.v20240826\n\nUpdates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.31\n\nUpdates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.53.v20231009\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/0ai-Cyberviser/oss-fuzz/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/0ai-Cyberviser/oss-fuzz/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/0ai-Cyberviser%2Foss-fuzz/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4071113238","node_id":"PR_kwDOCCeu5c7KXZRf","number":5,"state":"closed","title":"build(deps): bump the maven group across 15 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-10T23:41:35.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-13T13:24:34.000Z","updated_at":"2026-04-10T23:41:36.000Z","time_to_close":2456221,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"maven","update_count":17,"packages":[{"name":"org.apache.cxf:cxf-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.5.11"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxrs","old_version":"Fuzzing-SNAPSHOT","new_version":"2.6.11"},{"name":"org.eclipse.jetty:jetty-server","old_version":"11.0.14","new_version":"11.0.24"},{"name":"org.apache.avro:avro","old_version":"Fuzzing-SNAPSHOT","new_version":"1.11.4"},{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.26.100","new_version":"3.29.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"},{"name":"org.apache.hadoop:hadoop-common","old_version":"Fuzzing-SNAPSHOT","new_version":"3.4.0"},{"name":"org.htmlunit:htmlunit","old_version":"2.7.0","new_version":"3.9.0","repository_url":"https://github.com/HtmlUnit/htmlunit"},{"name":"org.eclipse.jetty:jetty-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.56.v20240826"},{"name":"org.eclipse.jetty:jetty-http","old_version":"Fuzzing-SNAPSHOT","new_version":"12.0.31"},{"name":"org.eclipse.jetty.http2:http2-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.53.v20231009"},{"name":"org.bitbucket.b_c:jose4j","old_version":"Fuzzing-SNAPSHOT","new_version":"0.9.6"},{"name":"com.nimbusds:nimbus-jose-jwt","old_version":"9.30.1","new_version":"9.37.4"},{"name":"com.google.guava:guava","old_version":"31.1-jre","new_version":"32.0.0-jre","repository_url":"https://github.com/google/guava"},{"name":"com.google.protobuf:protobuf-java","old_version":"4.0.0-rc-2","new_version":"4.27.5","repository_url":"https://github.com/protocolbuffers/protobuf"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.3","new_version":"2.25.3"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.2","new_version":"2.25.3"},{"name":"org.jboss.xnio:xnio-api","old_version":"3.8.8.Final","new_version":"3.8.14.Final"},{"name":"com.esotericsoftware.yamlbeans:yamlbeans","old_version":"Fuzzing-SNAPSHOT","new_version":"1.17","repository_url":"https://github.com/EsotericSoftware/yamlbeans"},{"name":"org.zeroturnaround:zt-zip","old_version":"Fuzzing-SNAPSHOT","new_version":"1.13","repository_url":"https://github.com/zeroturnaround/zt-zip"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 2 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core and org.apache.cxf:cxf-rt-frontend-jaxrs.\nBumps the maven group with 1 update in the /projects/async-http-client/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server.\nBumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.\nBumps the maven group with 1 update in the /projects/eclipse-equinox/equinox-fuzzer directory: [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform).\nBumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.\nBumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit).\nBumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.\nBumps the maven group with 1 update in the /projects/jose4j/project-parent/fuzz-targets directory: [org.bitbucket.b_c:jose4j](https://bitbucket.org/b_c/jose4j).\nBumps the maven group with 1 update in the /projects/nimbus-jwt/nimbus-jwt-fuzzer directory: [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt).\nBumps the maven group with 2 updates in the /projects/opencensus-java/project-parent/fuzz-targets directory: [com.google.guava:guava](https://github.com/google/guava) and [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf).\nBumps the maven group with 1 update in the /projects/pdfbox/project-parent/fuzz-targets directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/struts/struts2-fuzzer/webapp directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/xnio-api/xnio-fuzzer directory: org.jboss.xnio:xnio-api.\nBumps the maven group with 1 update in the /projects/yamlbeans/project-parent/fuzz-targets directory: [com.esotericsoftware.yamlbeans:yamlbeans](https://github.com/EsotericSoftware/yamlbeans).\nBumps the maven group with 1 update in the /projects/zt-zip/project-parent/fuzz-targets directory: [org.zeroturnaround:zt-zip](https://github.com/zeroturnaround/zt-zip).\n\nUpdates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.11\n\nUpdates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11\n\nUpdates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24\n\nUpdates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4\n\nUpdates `org.eclipse.platform:org.eclipse.core.runtime` from 3.26.100 to 3.29.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0\n\nUpdates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/HtmlUnit/htmlunit/releases\"\u003eorg.htmlunit:htmlunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eHtmlUnit 3.9.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-csp: new lib for CSP\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecommons-logging to 1.3.0, commons-io to 2.15.1, commons-lang3 to 3.14.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor (CVE-2023-49093).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eneko: new HTML named entities parser that is up to 20x faster for common entities and some more fixes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.9.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.8.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: support trailing commas in function parameters.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eupdated CSS3Parser pool implementation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimproved detection onf XML/XHtml content when not content type header is set\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.8.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.7.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eINCOMPATIBLE CHANGE: For this version, the processing of WebWindowListener events got many changes/fixes/improvements.                 The main point was to let this work as stable as possible even if many WebWindowListener are registered.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecssparser: Switched from JavaCC to ParserGeneratorCC (\u003ca href=\"https://github.com/tulipcc/ParserGeneratorCC\"\u003ehttps://github.com/tulipcc/ParserGeneratorCC\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: build system switched to maven\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplementation of CSS pseudo classes :invalid and :valid improved\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eForm.isValid() checks all form elements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDocumentation enhancements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esupport ComputedCSSStyleDeclaration when JS engine is disabled\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHtmlForm.getElements() is now part of the public api\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed a major memory leak\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e'rel' attribute may contain multiple values, we have to split before checking the value\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.7.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.6.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/a599e36ecc0b19a2ea76b73f7f48365fbb87c28a\"\u003e\u003ccode\u003ea599e36\u003c/code\u003e\u003c/a\u003e version 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/d4c11058e71b6ba5eaaf5d9565c1634b4bbeec1e\"\u003e\u003ccode\u003ed4c1105\u003c/code\u003e\u003c/a\u003e core-js 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/51f0eefd545bca2c17f12f237ba228a08aac4f7f\"\u003e\u003ccode\u003e51f0eef\u003c/code\u003e\u003c/a\u003e exclude commons.logging from httpcomponents\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/65986a459f15da0eed1616d91efdd65f99120334\"\u003e\u003ccode\u003e65986a4\u003c/code\u003e\u003c/a\u003e code style\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/1587961cf4043ea776d38683e53470993bc70771\"\u003e\u003ccode\u003e1587961\u003c/code\u003e\u003c/a\u003e lib updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/2a972ced6e7cc147a29c86c0e962f2696f9cc4ed\"\u003e\u003ccode\u003e2a972ce\u003c/code\u003e\u003c/a\u003e htmx 1.9.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/792e8456cd76f7cfd04587d539bd4fa929599000\"\u003e\u003ccode\u003e792e845\u003c/code\u003e\u003c/a\u003e new subproject htmlunit-csp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e07ba67cc1b030f90a2ad9882f271429345b008d\"\u003e\u003ccode\u003ee07ba67\u003c/code\u003e\u003c/a\u003e fix ms driver check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab\"\u003e\u003ccode\u003ee015082\u003c/code\u003e\u003c/a\u003e enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/77aeaa85e1fc69e929858ae700b24528275d8d07\"\u003e\u003ccode\u003e77aeaa8\u003c/code\u003e\u003c/a\u003e another minor neko update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.7...3.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.56.v20240826\n\nUpdates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.31\n\nUpdates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.53.v20231009\n\nUpdates `org.bitbucket.b_c:jose4j` from Fuzzing-SNAPSHOT to 0.9.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://bitbucket.org/b_c/jose4j/commits/tag/jose4j-0.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.nimbusds:nimbus-jose-jwt` from 9.30.1 to 9.37.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f64e094030ab82659dbfaea8c489cc56291539cf\"\u003e\u003ccode\u003ef64e094\u003c/code\u003e\u003c/a\u003e Makes the abstract class BaseJWEProvider public (iss \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/521\"\u003e#521\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ad6fed330a6bc5dbcb343aafd085ffd0d15c07d7\"\u003e\u003ccode\u003ead6fed3\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.35\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/81c7f24cc8a49f0f87c530e50d750bb1db22b4a8\"\u003e\u003ccode\u003e81c7f24\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/24aaaf02edf5d1ae4cc449b3d81a9151f26953dc\"\u003e\u003ccode\u003e24aaaf0\u003c/code\u003e\u003c/a\u003e Bumps jacoco-maven-plugin to 0.8.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ff01cd912fe53ee2946170781fe243564920be94\"\u003e\u003ccode\u003eff01cd9\u003c/code\u003e\u003c/a\u003e Adds new JWKSet.filter method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/9c7ca65e0f85a286b8ed32886f40266075f785c7\"\u003e\u003ccode\u003e9c7ca65\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/61118382fa75f27b29d89f9438361dbd15485c53\"\u003e\u003ccode\u003e6111838\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/11d0767dea84e47cff18236dcfe300845a781fcb\"\u003e\u003ccode\u003e11d0767\u003c/code\u003e\u003c/a\u003e Updates maven-surefire-plugin, removes config workaround for maven-surefire-p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/43118defa2dbf9ef4d3a451f6c45b4021d52f24b\"\u003e\u003ccode\u003e43118de\u003c/code\u003e\u003c/a\u003e Adds JWTClaimsSet.getListClaim method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f50158f96675591b27a327b4597280dfda4aac07\"\u003e\u003ccode\u003ef50158f\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.37\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.4..9.30.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e32.0.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\r\n  \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\r\n  \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-jre\u0026lt;/version\u0026gt;\r\n  \u0026lt;!-- or, for Android: --\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-android\u0026lt;/version\u0026gt;\r\n\u0026lt;/dependency\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-jre/guava-32.0.0-jre.jar\"\u003e32.0.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-android/guava-32.0.0-android.jar\"\u003e32.0.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca href=\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone runtime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar\"\u003efailureaccess-1.0.1.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/docs/\"\u003e32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/docs/\"\u003e32.0.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/diffs/\"\u003e32.0.0-jre vs. 31.1-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/diffs/\"\u003e32.0.0-android vs. 31.1-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/androiddiffs/\"\u003e32.0.0-android vs. 32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003ch4\u003eSecurity fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReimplemented \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e to further address CVE-2020-8908 (\u003ca href=\"https://redirect.github.com/google/guava/issues/4011\"\u003e#4011\u003c/a\u003e) and CVE-2023-2976 (\u003ca href=\"https://redirect.github.com/google/guava/issues/2575\"\u003e#2575\u003c/a\u003e). (feb83a1c8f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eWhile CVE-2020-8908 was officially closed when we deprecated \u003ccode\u003eFiles.createTempDir\u003c/code\u003e in \u003ca href=\"https://github.com/google/guava/releases/tag/v30.0\"\u003eGuava 30.0\u003c/a\u003e, we've heard from users that even recent versions of Guava have been listed as vulnerable in \u003cem\u003eother\u003c/em\u003e databases of security vulnerabilities. In response, we've reimplemented the method (and the very rarely used \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e class, which had a similar issue) to eliminate the insecure behavior entirely. This change could technically affect users in a number of different ways (discussed under \u0026quot;Incompatible changes\u0026quot; below), but in practice, the only problem users are likely to encounter is with Windows. If you are using those APIs under Windows, you should skip 32.0.0 and go straight to \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e which fixes the problem. (Unfortunately, we didn't think of the Windows problem until after the release. And while we \u003ca href=\"https://github.com/google/guava#important-warnings\"\u003ewarn that \u003ccode\u003ecommon.io\u003c/code\u003e in particular may not work under Windows\u003c/a\u003e, we didn't intend to regress support.) Sorry for the trouble.\u003c/p\u003e\n\u003ch4\u003eIncompatible changes\u003c/h4\u003e\n\u003cp\u003eAlthough this release bumps Guava's major version number, it makes \u003cstrong\u003eno binary-incompatible changes to the \u003ccode\u003eguava\u003c/code\u003e artifact\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eOne change could cause issues for Widows users, and a few other changes could cause issues for users in more usual situations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThe new implementations of \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e \u003ca href=\"https://redirect.github.com/google/guava/issues/6535\"\u003ethrow an exception under Windows\u003c/a\u003e.\u003c/strong\u003e This is fixed in \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e. Sorry for the trouble.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eguava-gwt\u003c/code\u003e now \u003ca href=\"https://redirect.github.com/google/guava/issues/6627\"\u003erequires\u003c/a\u003e GWT \u003ca href=\"https://github.com/gwtproject/gwt/releases/tag/2.10.0\"\u003e2.10.0\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThis release makes a binary-incompatible change to a \u003ccode\u003e@Beta\u003c/code\u003e API in the \u003cstrong\u003eseparate artifact\u003c/strong\u003e \u003ccode\u003eguava-testlib\u003c/code\u003e. Specifically, we changed the return type of \u003ccode\u003eTestingExecutors.sameThreadScheduledExecutor\u003c/code\u003e to \u003ccode\u003eListeningScheduledExecutorService\u003c/code\u003e. The old return type was a package-private class, which caused the Kotlin compiler to produce warnings. (dafaa3e435)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.protobuf:protobuf-java` from 4.0.0-rc-2 to 4.27.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.3\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.2 to 2.25.3\n\nUpdates `org.jboss.xnio:xnio-api` from 3.8.8.Final to 3.8.14.Final\n\nUpdates `com.esotericsoftware.yamlbeans:yamlbeans` from Fuzzing-SNAPSHOT to 1.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/EsotericSoftware/yamlbeans/commits/1.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.zeroturnaround:zt-zip` from Fuzzing-SNAPSHOT to 1.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zeroturnaround/zt-zip/blob/master/Changelog.txt\"\u003eorg.zeroturnaround:zt-zip's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e1.13 (2nd May 2018)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible security vulnerability reported by Snyk Security Research Team\u003c/li\u003e\n\u003cli\u003eFixed same-zip bug for transformEntry method\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.12 (1st August 2017)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a resource leakage with ZipInputStream\u003c/li\u003e\n\u003cli\u003eFixed a NoSuchMethodError on Android platforms\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.11 (31st January 2017)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded iterate and unpack methods that accept a Charset\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.10 (28th October 2016)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded user configurable compression level to packEntries()\u003c/li\u003e\n\u003cli\u003eAdded more overloaded methods to the pack() method for convenience\u003c/li\u003e\n\u003cli\u003eBumped embedded Apache Commons from 1.4 to 2.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.9 (20th November 2015)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBumped minimal supported Java version to Java 5\u003c/li\u003e\n\u003cli\u003eAdded support for Java 7 POSIX file permissions\u003c/li\u003e\n\u003cli\u003eAdded ability to create and update byte-array backed ZIP streams\u003c/li\u003e\n\u003cli\u003eAdded ability to specify/replace compression level of ZipEntry\u003c/li\u003e\n\u003cli\u003eAdded BackslashUnpacker for broken (Windows) ZIP archives\u003c/li\u003e\n\u003cli\u003eFixed not closing InputStream after processing each ZipEntrySource\u003c/li\u003e\n\u003cli\u003eFixed buffering when creating and updating ZIP streams\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.8 (7th July 2014)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved dependency on commons-io\u003c/li\u003e\n\u003cli\u003eZipUtil.pack more memory efficient for large directories\u003c/li\u003e\n\u003cli\u003eFixed preserving compressed state of copied entries\u003c/li\u003e\n\u003cli\u003eFixed packing files from a directory based on an accept filter\u003c/li\u003e\n\u003cli\u003eImproved Charset support\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.6-SNAPSHOT (17th September 2012)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eStarted to write a changelog\u003c/li\u003e\n\u003cli\u003eAdded public CI, \u003ca href=\"https://travis-ci.org/\"\u003ehttps://travis-ci.org/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/zeroturnaround/zt-zip/commits/zt-zip-1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/stweil/oss-fuzz/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/stweil/oss-fuzz/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/stweil%2Foss-fuzz/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4055898873","node_id":"PR_kwDOACiwys7Jlyvn","number":5912,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.100 to 3.34.200","user":"dependabot[bot]","labels":["dependencies","backport"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T05:18:24.000Z","updated_at":"2026-03-11T08:15:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.100","new_version":"3.34.200","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.100 to 3.34.200.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.100\u0026new-version=3.34.200)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5912","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5912","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5912/packages"},{"uuid":"4049941582","node_id":"PR_kwDOAG2iAc7JS1C5","number":698,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.100 to 3.34.200","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-10T07:23:48.000Z","updated_at":"2026-03-10T07:26:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.100","new_version":"3.34.200","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.100 to 3.34.200.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.100\u0026new-version=3.34.200)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/cosmos/pull/698","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Fcosmos/issues/698","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/698/packages"},{"uuid":"3710032630","node_id":"PR_kwDOBvbxyc6332Yw","number":496,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-12-09T09:53:01.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-09T09:38:36.000Z","updated_at":"2025-12-09T09:53:02.000Z","time_to_close":865,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/emf-maven-plugin/pull/496","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Femf-maven-plugin/issues/496","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/496/packages"},{"uuid":"3709533370","node_id":"PR_kwDOAG2iAc632L9d","number":666,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-12-09T10:39:10.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-09T07:01:57.000Z","updated_at":"2025-12-09T10:39:11.000Z","time_to_close":13033,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/cosmos/pull/666","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Fcosmos/issues/666","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/666/packages"},{"uuid":"3709274975","node_id":"PR_kwDOHeXpP8631UFM","number":378,"state":"closed","title":"Maven(deps-dev): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-12-10T09:19:27.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-09T05:23:07.000Z","updated_at":"2025-12-10T09:19:36.000Z","time_to_close":100580,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps-dev): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/Vitruv-DSLs/pull/378","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FVitruv-DSLs/issues/378","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/378/packages"},{"uuid":"3707659994","node_id":"PR_kwDOACiwys63v3iX","number":5692,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","backport"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-08T19:06:35.000Z","updated_at":"2025-12-09T13:01:19.916Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5692","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5692","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5692/packages"},{"uuid":"3706210017","node_id":"PR_kwDOACiwys63q6as","number":5677,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-08T12:35:47.000Z","updated_at":"2025-12-09T09:10:48.690Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5677","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5677","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5677/packages"},{"uuid":"2827981756","node_id":"PR_kwDOCg62Ns6oj5O8","number":5628,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","dependabot"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-15T11:21:34.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T06:31:04.000Z","updated_at":"2025-09-15T11:21:34.000Z","time_to_close":17430,"merged_at":"2025-09-15T11:21:34.000Z","merged_by":"cwperks","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=gradle\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/opensearch-project/security/pull/5628","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensearch-project%2Fsecurity/issues/5628","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5628/packages"},{"uuid":"2824124906","node_id":"PR_kwDOLjaDg86oVLnq","number":164,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-12T22:03:34.000Z","updated_at":"2025-09-12T22:03:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/giis-uniovi/modevo/pull/164","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/giis-uniovi%2Fmodevo/issues/164","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/164/packages"},{"uuid":"2815458563","node_id":"PR_kwDODtIEqc6n0H0D","number":1002,"state":"open","title":"build(deps): bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-10T13:03:33.000Z","updated_at":"2025-09-10T13:03:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/apache/axis-axis2-java-core/pull/1002","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Faxis-axis2-java-core/issues/1002","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1002/packages"},{"uuid":"2815309874","node_id":"PR_kwDOBvbxyc6nzjgy","number":461,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-10T13:33:12.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-10T12:19:07.000Z","updated_at":"2025-09-10T13:33:12.000Z","time_to_close":4445,"merged_at":"2025-09-10T13:33:12.000Z","merged_by":"veithen","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/emf-maven-plugin/pull/461","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Femf-maven-plugin/issues/461","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/461/packages"},{"uuid":"2813593785","node_id":"PR_kwDOACiwys6ntAi5","number":5328,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","backport"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-09T23:17:30.000Z","updated_at":"2025-09-09T23:17:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5328","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5328","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5328/packages"},{"uuid":"2809865720","node_id":"PR_kwDOHgExUM6neyX4","number":310,"state":"open","title":"Maven(deps): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T23:13:59.000Z","updated_at":"2025-09-09T01:30:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/Vitruv-Change/pull/310","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FVitruv-Change/issues/310","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/310/packages"},{"uuid":"3396001054","node_id":"PR_kwDOACiwys6nevLN","number":5293,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T23:07:04.000Z","updated_at":"2025-09-09T01:32:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5293","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5293","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5293/packages"},{"uuid":"2806873608","node_id":"PR_kwDOHeXpP86nTX4I","number":287,"state":"open","title":"Maven(deps-dev): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T05:18:48.000Z","updated_at":"2025-09-08T11:59:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps-dev): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/Vitruv-DSLs/pull/287","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FVitruv-DSLs/issues/287","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/287/packages"},{"uuid":"2806598639","node_id":"PR_kwDONLSBqM6nSUvv","number":58,"state":"closed","title":"Maven(deps): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-08T06:55:34.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T02:13:20.000Z","updated_at":"2025-09-08T06:55:34.000Z","time_to_close":16934,"merged_at":"2025-09-08T06:55:34.000Z","merged_by":"arlange","closed_by":null,"dependency_metadata":{"prefix":"Maven(deps): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/EMF-Template/pull/58","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FEMF-Template/issues/58","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/58/packages"},{"uuid":"2672475459","node_id":"PR_kwDONLSBqM6fSr1D","number":47,"state":"open","title":"Maven(deps): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.0 to 3.33.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-17T03:00:37.000Z","updated_at":"2025-07-17T13:20:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.0","new_version":"3.33.100","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.0\u0026new-version=3.33.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/EMF-Template/pull/47","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FEMF-Template/issues/47","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/47/packages"}],"issue_packages":[{"old_version":"3.26.100","new_version":"3.29.0","update_type":"minor","path":null,"pr_created_at":"2026-03-28T22:37:30.000Z","version_change":"3.26.100 → 3.29.0","issue":{"uuid":"4161865451","node_id":"PR_kwDORx4z787OUc2e","number":7,"state":"open","title":"build(deps): bump the maven group across 14 directories with 16 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-28T22:37:30.000Z","updated_at":"2026-03-28T22:46:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"maven","update_count":16,"packages":[{"name":"org.apache.cxf:cxf-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.5.11"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxrs","old_version":"Fuzzing-SNAPSHOT","new_version":"2.6.11"},{"name":"org.eclipse.jetty:jetty-server","old_version":"11.0.14","new_version":"11.0.24"},{"name":"org.apache.avro:avro","old_version":"Fuzzing-SNAPSHOT","new_version":"1.11.4"},{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.26.100","new_version":"3.29.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"},{"name":"org.apache.hadoop:hadoop-common","old_version":"Fuzzing-SNAPSHOT","new_version":"3.4.0"},{"name":"org.htmlunit:htmlunit","old_version":"2.7.0","new_version":"3.9.0","repository_url":"https://github.com/HtmlUnit/htmlunit"},{"name":"org.eclipse.jetty:jetty-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.56.v20240826"},{"name":"org.eclipse.jetty:jetty-http","old_version":"Fuzzing-SNAPSHOT","new_version":"12.0.31"},{"name":"org.eclipse.jetty.http2:http2-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.53.v20231009"},{"name":"org.bitbucket.b_c:jose4j","old_version":"Fuzzing-SNAPSHOT","new_version":"0.9.6"},{"name":"com.nimbusds:nimbus-jose-jwt","old_version":"9.30.1","new_version":"9.37.4"},{"name":"com.google.guava:guava","old_version":"31.1-jre","new_version":"32.0.0-jre","repository_url":"https://github.com/google/guava"},{"name":"com.google.protobuf:protobuf-java","old_version":"4.0.0-rc-2","new_version":"4.27.5","repository_url":"https://github.com/protocolbuffers/protobuf"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.3","new_version":"2.25.3"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.2","new_version":"2.25.3"},{"name":"org.jboss.xnio:xnio-api","old_version":"3.8.8.Final","new_version":"3.8.14.Final"},{"name":"com.esotericsoftware.yamlbeans:yamlbeans","old_version":"Fuzzing-SNAPSHOT","new_version":"1.17","repository_url":"https://github.com/EsotericSoftware/yamlbeans"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 2 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core and org.apache.cxf:cxf-rt-frontend-jaxrs.\nBumps the maven group with 1 update in the /projects/async-http-client/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server.\nBumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.\nBumps the maven group with 1 update in the /projects/eclipse-equinox/equinox-fuzzer directory: [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform).\nBumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.\nBumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit).\nBumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.\nBumps the maven group with 1 update in the /projects/jose4j/project-parent/fuzz-targets directory: [org.bitbucket.b_c:jose4j](https://bitbucket.org/b_c/jose4j).\nBumps the maven group with 1 update in the /projects/nimbus-jwt/nimbus-jwt-fuzzer directory: [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt).\nBumps the maven group with 2 updates in the /projects/opencensus-java/project-parent/fuzz-targets directory: [com.google.guava:guava](https://github.com/google/guava) and [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf).\nBumps the maven group with 1 update in the /projects/pdfbox/project-parent/fuzz-targets directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/struts/struts2-fuzzer/webapp directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/xnio-api/xnio-fuzzer directory: org.jboss.xnio:xnio-api.\nBumps the maven group with 1 update in the /projects/yamlbeans/project-parent/fuzz-targets directory: [com.esotericsoftware.yamlbeans:yamlbeans](https://github.com/EsotericSoftware/yamlbeans).\n\nUpdates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.11\n\nUpdates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11\n\nUpdates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24\n\nUpdates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4\n\nUpdates `org.eclipse.platform:org.eclipse.core.runtime` from 3.26.100 to 3.29.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0\n\nUpdates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/HtmlUnit/htmlunit/releases\"\u003eorg.htmlunit:htmlunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eHtmlUnit 3.9.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-csp: new lib for CSP\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecommons-logging to 1.3.0, commons-io to 2.15.1, commons-lang3 to 3.14.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor (CVE-2023-49093).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eneko: new HTML named entities parser that is up to 20x faster for common entities and some more fixes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.9.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.8.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: support trailing commas in function parameters.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eupdated CSS3Parser pool implementation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimproved detection onf XML/XHtml content when not content type header is set\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.8.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.7.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eINCOMPATIBLE CHANGE: For this version, the processing of WebWindowListener events got many changes/fixes/improvements.                 The main point was to let this work as stable as possible even if many WebWindowListener are registered.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecssparser: Switched from JavaCC to ParserGeneratorCC (\u003ca href=\"https://github.com/tulipcc/ParserGeneratorCC\"\u003ehttps://github.com/tulipcc/ParserGeneratorCC\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: build system switched to maven\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplementation of CSS pseudo classes :invalid and :valid improved\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eForm.isValid() checks all form elements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDocumentation enhancements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esupport ComputedCSSStyleDeclaration when JS engine is disabled\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHtmlForm.getElements() is now part of the public api\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed a major memory leak\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e'rel' attribute may contain multiple values, we have to split before checking the value\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.7.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.6.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/a599e36ecc0b19a2ea76b73f7f48365fbb87c28a\"\u003e\u003ccode\u003ea599e36\u003c/code\u003e\u003c/a\u003e version 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/d4c11058e71b6ba5eaaf5d9565c1634b4bbeec1e\"\u003e\u003ccode\u003ed4c1105\u003c/code\u003e\u003c/a\u003e core-js 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/51f0eefd545bca2c17f12f237ba228a08aac4f7f\"\u003e\u003ccode\u003e51f0eef\u003c/code\u003e\u003c/a\u003e exclude commons.logging from httpcomponents\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/65986a459f15da0eed1616d91efdd65f99120334\"\u003e\u003ccode\u003e65986a4\u003c/code\u003e\u003c/a\u003e code style\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/1587961cf4043ea776d38683e53470993bc70771\"\u003e\u003ccode\u003e1587961\u003c/code\u003e\u003c/a\u003e lib updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/2a972ced6e7cc147a29c86c0e962f2696f9cc4ed\"\u003e\u003ccode\u003e2a972ce\u003c/code\u003e\u003c/a\u003e htmx 1.9.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/792e8456cd76f7cfd04587d539bd4fa929599000\"\u003e\u003ccode\u003e792e845\u003c/code\u003e\u003c/a\u003e new subproject htmlunit-csp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e07ba67cc1b030f90a2ad9882f271429345b008d\"\u003e\u003ccode\u003ee07ba67\u003c/code\u003e\u003c/a\u003e fix ms driver check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab\"\u003e\u003ccode\u003ee015082\u003c/code\u003e\u003c/a\u003e enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/77aeaa85e1fc69e929858ae700b24528275d8d07\"\u003e\u003ccode\u003e77aeaa8\u003c/code\u003e\u003c/a\u003e another minor neko update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.7...3.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.56.v20240826\n\nUpdates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.31\n\nUpdates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.53.v20231009\n\nUpdates `org.bitbucket.b_c:jose4j` from Fuzzing-SNAPSHOT to 0.9.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://bitbucket.org/b_c/jose4j/commits/tag/jose4j-0.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.nimbusds:nimbus-jose-jwt` from 9.30.1 to 9.37.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f64e094030ab82659dbfaea8c489cc56291539cf\"\u003e\u003ccode\u003ef64e094\u003c/code\u003e\u003c/a\u003e Makes the abstract class BaseJWEProvider public (iss \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/521\"\u003e#521\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ad6fed330a6bc5dbcb343aafd085ffd0d15c07d7\"\u003e\u003ccode\u003ead6fed3\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.35\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/81c7f24cc8a49f0f87c530e50d750bb1db22b4a8\"\u003e\u003ccode\u003e81c7f24\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/24aaaf02edf5d1ae4cc449b3d81a9151f26953dc\"\u003e\u003ccode\u003e24aaaf0\u003c/code\u003e\u003c/a\u003e Bumps jacoco-maven-plugin to 0.8.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ff01cd912fe53ee2946170781fe243564920be94\"\u003e\u003ccode\u003eff01cd9\u003c/code\u003e\u003c/a\u003e Adds new JWKSet.filter method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/9c7ca65e0f85a286b8ed32886f40266075f785c7\"\u003e\u003ccode\u003e9c7ca65\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/61118382fa75f27b29d89f9438361dbd15485c53\"\u003e\u003ccode\u003e6111838\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/11d0767dea84e47cff18236dcfe300845a781fcb\"\u003e\u003ccode\u003e11d0767\u003c/code\u003e\u003c/a\u003e Updates maven-surefire-plugin, removes config workaround for maven-surefire-p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/43118defa2dbf9ef4d3a451f6c45b4021d52f24b\"\u003e\u003ccode\u003e43118de\u003c/code\u003e\u003c/a\u003e Adds JWTClaimsSet.getListClaim method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f50158f96675591b27a327b4597280dfda4aac07\"\u003e\u003ccode\u003ef50158f\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.37\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.4..9.30.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e32.0.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\r\n  \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\r\n  \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-jre\u0026lt;/version\u0026gt;\r\n  \u0026lt;!-- or, for Android: --\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-android\u0026lt;/version\u0026gt;\r\n\u0026lt;/dependency\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-jre/guava-32.0.0-jre.jar\"\u003e32.0.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-android/guava-32.0.0-android.jar\"\u003e32.0.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca href=\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone runtime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar\"\u003efailureaccess-1.0.1.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/docs/\"\u003e32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/docs/\"\u003e32.0.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/diffs/\"\u003e32.0.0-jre vs. 31.1-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/diffs/\"\u003e32.0.0-android vs. 31.1-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/androiddiffs/\"\u003e32.0.0-android vs. 32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003ch4\u003eSecurity fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReimplemented \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e to further address CVE-2020-8908 (\u003ca href=\"https://redirect.github.com/google/guava/issues/4011\"\u003e#4011\u003c/a\u003e) and CVE-2023-2976 (\u003ca href=\"https://redirect.github.com/google/guava/issues/2575\"\u003e#2575\u003c/a\u003e). (feb83a1c8f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eWhile CVE-2020-8908 was officially closed when we deprecated \u003ccode\u003eFiles.createTempDir\u003c/code\u003e in \u003ca href=\"https://github.com/google/guava/releases/tag/v30.0\"\u003eGuava 30.0\u003c/a\u003e, we've heard from users that even recent versions of Guava have been listed as vulnerable in \u003cem\u003eother\u003c/em\u003e databases of security vulnerabilities. In response, we've reimplemented the method (and the very rarely used \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e class, which had a similar issue) to eliminate the insecure behavior entirely. This change could technically affect users in a number of different ways (discussed under \u0026quot;Incompatible changes\u0026quot; below), but in practice, the only problem users are likely to encounter is with Windows. If you are using those APIs under Windows, you should skip 32.0.0 and go straight to \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e which fixes the problem. (Unfortunately, we didn't think of the Windows problem until after the release. And while we \u003ca href=\"https://github.com/google/guava#important-warnings\"\u003ewarn that \u003ccode\u003ecommon.io\u003c/code\u003e in particular may not work under Windows\u003c/a\u003e, we didn't intend to regress support.) Sorry for the trouble.\u003c/p\u003e\n\u003ch4\u003eIncompatible changes\u003c/h4\u003e\n\u003cp\u003eAlthough this release bumps Guava's major version number, it makes \u003cstrong\u003eno binary-incompatible changes to the \u003ccode\u003eguava\u003c/code\u003e artifact\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eOne change could cause issues for Widows users, and a few other changes could cause issues for users in more usual situations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThe new implementations of \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e \u003ca href=\"https://redirect.github.com/google/guava/issues/6535\"\u003ethrow an exception under Windows\u003c/a\u003e.\u003c/strong\u003e This is fixed in \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e. Sorry for the trouble.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eguava-gwt\u003c/code\u003e now \u003ca href=\"https://redirect.github.com/google/guava/issues/6627\"\u003erequires\u003c/a\u003e GWT \u003ca href=\"https://github.com/gwtproject/gwt/releases/tag/2.10.0\"\u003e2.10.0\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThis release makes a binary-incompatible change to a \u003ccode\u003e@Beta\u003c/code\u003e API in the \u003cstrong\u003eseparate artifact\u003c/strong\u003e \u003ccode\u003eguava-testlib\u003c/code\u003e. Specifically, we changed the return type of \u003ccode\u003eTestingExecutors.sameThreadScheduledExecutor\u003c/code\u003e to \u003ccode\u003eListeningScheduledExecutorService\u003c/code\u003e. The old return type was a package-private class, which caused the Kotlin compiler to produce warnings. (dafaa3e435)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.protobuf:protobuf-java` from 4.0.0-rc-2 to 4.27.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.3\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.2 to 2.25.3\n\nUpdates `org.jboss.xnio:xnio-api` from 3.8.8.Final to 3.8.14.Final\n\nUpdates `com.esotericsoftware.yamlbeans:yamlbeans` from Fuzzing-SNAPSHOT to 1.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/EsotericSoftware/yamlbeans/commits/1.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/0ai-Cyberviser/oss-fuzz/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/0ai-Cyberviser/oss-fuzz/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/0ai-Cyberviser%2Foss-fuzz/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"3.26.100","new_version":"3.29.0","update_type":"minor","path":null,"pr_created_at":"2026-03-28T22:37:02.000Z","version_change":"3.26.100 → 3.29.0","issue":{"uuid":"4161864691","node_id":"PR_kwDORx4z787OUcud","number":6,"state":"closed","title":"build(deps): bump the maven group across 8 directories with 12 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-28T23:04:15.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-28T22:37:02.000Z","updated_at":"2026-03-28T23:04:16.000Z","time_to_close":1633,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"maven","update_count":12,"packages":[{"name":"org.apache.cxf:cxf-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.5.11"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxrs","old_version":"Fuzzing-SNAPSHOT","new_version":"2.6.11"},{"name":"org.apache.cxf:cxf-rt-transports-http","old_version":"Fuzzing-SNAPSHOT","new_version":"3.1.16"},{"name":"org.apache.tika:tika-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.2.2","repository_url":"https://github.com/apache/tika"},{"name":"org.asynchttpclient:async-http-client","old_version":"Fuzzing-SNAPSHOT","new_version":"2.0.35","repository_url":"https://github.com/AsyncHttpClient/async-http-client"},{"name":"org.eclipse.jetty:jetty-server","old_version":"11.0.14","new_version":"11.0.24"},{"name":"org.apache.avro:avro","old_version":"Fuzzing-SNAPSHOT","new_version":"1.11.4"},{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.26.100","new_version":"3.29.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"},{"name":"org.apache.hadoop:hadoop-common","old_version":"Fuzzing-SNAPSHOT","new_version":"3.4.0"},{"name":"org.htmlunit:htmlunit","old_version":"2.7.0","new_version":"3.9.0","repository_url":"https://github.com/HtmlUnit/htmlunit"},{"name":"org.eclipse.jetty:jetty-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.56.v20240826"},{"name":"org.eclipse.jetty:jetty-http","old_version":"Fuzzing-SNAPSHOT","new_version":"12.0.31"},{"name":"org.eclipse.jetty.http2:http2-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.53.v20231009"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 3 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core, org.apache.cxf:cxf-rt-frontend-jaxrs and org.apache.cxf:cxf-rt-transports-http.\nBumps the maven group with 1 update in the /projects/apache-tika/project-parent/fuzz-targets directory: [org.apache.tika:tika-core](https://github.com/apache/tika).\nBumps the maven group with 2 updates in the /projects/async-http-client/project-parent/fuzz-targets directory: [org.asynchttpclient:async-http-client](https://github.com/AsyncHttpClient/async-http-client) and org.eclipse.jetty:jetty-server.\nBumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.\nBumps the maven group with 1 update in the /projects/eclipse-equinox/equinox-fuzzer directory: [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform).\nBumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.\nBumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit).\nBumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.\n\nUpdates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.11\n\nUpdates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11\n\nUpdates `org.apache.cxf:cxf-rt-transports-http` from Fuzzing-SNAPSHOT to 3.1.16\n\nUpdates `org.apache.tika:tika-core` from Fuzzing-SNAPSHOT to 3.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/tika/blob/main/CHANGES.txt\"\u003eorg.apache.tika:tika-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eRelease 4.0.0-BETA1 - ???\u003c/p\u003e\n\u003cp\u003eBREAKING CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMoved towards default json based configuration (TIKA-4544 and many others).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etika-pipes implementation modules have been reorganized by\nresource (tika-pipes-solr) vs task (tika-pipes-fetcher-solr)\n(TIKA-4543). Note that the file-system pipes components have\nbeen taken out of tika-pipes-core and placed in their own\npf4j module: tika-pipes-file-system.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etika-pipes implementation modules are now pf4j plugins (TIKA-4519).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etika-pipes core classes have been moved to a new module: tika-pipes-core,\nand the FileSystem pipes components have moved (TIKA-4334).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMetadataListFilter has been renamed MetadataFilter, and\nMetadataFilter has been removed (TIKA-4546).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved several modules, including: tika-batch (TIKA-4333), snaps deployment (TIKA-4502),\ndotnet (TIKA-4332), advanced media module (TIKA-4500), tika-dl module (TIKA-4499),\ntika-fuzzing module (TIKA-4506).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHeaders are no longer injected into the body/content of MSG files (TIKA-4345). Please open\na ticket if you need this behavior across email formats.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAPI changes in the EmbeddedStreamTranslator (TIKA-4518).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved DigestingParser (TIKA-4607).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOTHER CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix concurrency bug in TikaToXMP (TIKA-4393)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.3.0 - ???\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eVarious fixes based on regression testing (TIKA-4563).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove zip parsing (TIKA-4650).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd detection of compressed bmp (TIKA-4511).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow per file timeouts in tika-pipes (TIKA-4497).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd matroska detector (TIKA-1180).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow multiple values for many Dublin Core keys (TIKA-4466).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExtract macros by default in tika-app's commandline and gui (TIKA-4472).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apache/tika/commits/3.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.asynchttpclient:async-http-client` from Fuzzing-SNAPSHOT to 2.0.35\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/AsyncHttpClient/async-http-client/commits/async-http-client-project-2.0.35\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24\n\nUpdates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4\n\nUpdates `org.eclipse.platform:org.eclipse.core.runtime` from 3.26.100 to 3.29.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0\n\nUpdates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/HtmlUnit/htmlunit/releases\"\u003eorg.htmlunit:htmlunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eHtmlUnit 3.9.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-csp: new lib for CSP\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecommons-logging to 1.3.0, commons-io to 2.15.1, commons-lang3 to 3.14.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor (CVE-2023-49093).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eneko: new HTML named entities parser that is up to 20x faster for common entities and some more fixes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.9.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.8.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: support trailing commas in function parameters.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eupdated CSS3Parser pool implementation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimproved detection onf XML/XHtml content when not content type header is set\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.8.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.7.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eINCOMPATIBLE CHANGE: For this version, the processing of WebWindowListener events got many changes/fixes/improvements.                 The main point was to let this work as stable as possible even if many WebWindowListener are registered.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecssparser: Switched from JavaCC to ParserGeneratorCC (\u003ca href=\"https://github.com/tulipcc/ParserGeneratorCC\"\u003ehttps://github.com/tulipcc/ParserGeneratorCC\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: build system switched to maven\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplementation of CSS pseudo classes :invalid and :valid improved\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eForm.isValid() checks all form elements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDocumentation enhancements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esupport ComputedCSSStyleDeclaration when JS engine is disabled\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHtmlForm.getElements() is now part of the public api\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed a major memory leak\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e'rel' attribute may contain multiple values, we have to split before checking the value\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.7.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.6.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/a599e36ecc0b19a2ea76b73f7f48365fbb87c28a\"\u003e\u003ccode\u003ea599e36\u003c/code\u003e\u003c/a\u003e version 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/d4c11058e71b6ba5eaaf5d9565c1634b4bbeec1e\"\u003e\u003ccode\u003ed4c1105\u003c/code\u003e\u003c/a\u003e core-js 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/51f0eefd545bca2c17f12f237ba228a08aac4f7f\"\u003e\u003ccode\u003e51f0eef\u003c/code\u003e\u003c/a\u003e exclude commons.logging from httpcomponents\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/65986a459f15da0eed1616d91efdd65f99120334\"\u003e\u003ccode\u003e65986a4\u003c/code\u003e\u003c/a\u003e code style\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/1587961cf4043ea776d38683e53470993bc70771\"\u003e\u003ccode\u003e1587961\u003c/code\u003e\u003c/a\u003e lib updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/2a972ced6e7cc147a29c86c0e962f2696f9cc4ed\"\u003e\u003ccode\u003e2a972ce\u003c/code\u003e\u003c/a\u003e htmx 1.9.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/792e8456cd76f7cfd04587d539bd4fa929599000\"\u003e\u003ccode\u003e792e845\u003c/code\u003e\u003c/a\u003e new subproject htmlunit-csp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e07ba67cc1b030f90a2ad9882f271429345b008d\"\u003e\u003ccode\u003ee07ba67\u003c/code\u003e\u003c/a\u003e fix ms driver check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab\"\u003e\u003ccode\u003ee015082\u003c/code\u003e\u003c/a\u003e enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/77aeaa85e1fc69e929858ae700b24528275d8d07\"\u003e\u003ccode\u003e77aeaa8\u003c/code\u003e\u003c/a\u003e another minor neko update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.7...3.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.56.v20240826\n\nUpdates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.31\n\nUpdates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.53.v20231009\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/0ai-Cyberviser/oss-fuzz/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/0ai-Cyberviser/oss-fuzz/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/0ai-Cyberviser%2Foss-fuzz/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"3.26.100","new_version":"3.29.0","update_type":"minor","path":null,"pr_created_at":"2026-03-13T13:24:34.000Z","version_change":"3.26.100 → 3.29.0","issue":{"uuid":"4071113238","node_id":"PR_kwDOCCeu5c7KXZRf","number":5,"state":"closed","title":"build(deps): bump the maven group across 15 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-10T23:41:35.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-13T13:24:34.000Z","updated_at":"2026-04-10T23:41:36.000Z","time_to_close":2456221,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"maven","update_count":17,"packages":[{"name":"org.apache.cxf:cxf-core","old_version":"Fuzzing-SNAPSHOT","new_version":"3.5.11"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxrs","old_version":"Fuzzing-SNAPSHOT","new_version":"2.6.11"},{"name":"org.eclipse.jetty:jetty-server","old_version":"11.0.14","new_version":"11.0.24"},{"name":"org.apache.avro:avro","old_version":"Fuzzing-SNAPSHOT","new_version":"1.11.4"},{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.26.100","new_version":"3.29.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"},{"name":"org.apache.hadoop:hadoop-common","old_version":"Fuzzing-SNAPSHOT","new_version":"3.4.0"},{"name":"org.htmlunit:htmlunit","old_version":"2.7.0","new_version":"3.9.0","repository_url":"https://github.com/HtmlUnit/htmlunit"},{"name":"org.eclipse.jetty:jetty-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.56.v20240826"},{"name":"org.eclipse.jetty:jetty-http","old_version":"Fuzzing-SNAPSHOT","new_version":"12.0.31"},{"name":"org.eclipse.jetty.http2:http2-server","old_version":"Fuzzing-SNAPSHOT","new_version":"9.4.53.v20231009"},{"name":"org.bitbucket.b_c:jose4j","old_version":"Fuzzing-SNAPSHOT","new_version":"0.9.6"},{"name":"com.nimbusds:nimbus-jose-jwt","old_version":"9.30.1","new_version":"9.37.4"},{"name":"com.google.guava:guava","old_version":"31.1-jre","new_version":"32.0.0-jre","repository_url":"https://github.com/google/guava"},{"name":"com.google.protobuf:protobuf-java","old_version":"4.0.0-rc-2","new_version":"4.27.5","repository_url":"https://github.com/protocolbuffers/protobuf"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.3","new_version":"2.25.3"},{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.24.2","new_version":"2.25.3"},{"name":"org.jboss.xnio:xnio-api","old_version":"3.8.8.Final","new_version":"3.8.14.Final"},{"name":"com.esotericsoftware.yamlbeans:yamlbeans","old_version":"Fuzzing-SNAPSHOT","new_version":"1.17","repository_url":"https://github.com/EsotericSoftware/yamlbeans"},{"name":"org.zeroturnaround:zt-zip","old_version":"Fuzzing-SNAPSHOT","new_version":"1.13","repository_url":"https://github.com/zeroturnaround/zt-zip"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 2 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core and org.apache.cxf:cxf-rt-frontend-jaxrs.\nBumps the maven group with 1 update in the /projects/async-http-client/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server.\nBumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.\nBumps the maven group with 1 update in the /projects/eclipse-equinox/equinox-fuzzer directory: [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform).\nBumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.\nBumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit).\nBumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.\nBumps the maven group with 1 update in the /projects/jose4j/project-parent/fuzz-targets directory: [org.bitbucket.b_c:jose4j](https://bitbucket.org/b_c/jose4j).\nBumps the maven group with 1 update in the /projects/nimbus-jwt/nimbus-jwt-fuzzer directory: [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt).\nBumps the maven group with 2 updates in the /projects/opencensus-java/project-parent/fuzz-targets directory: [com.google.guava:guava](https://github.com/google/guava) and [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf).\nBumps the maven group with 1 update in the /projects/pdfbox/project-parent/fuzz-targets directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/struts/struts2-fuzzer/webapp directory: org.apache.logging.log4j:log4j-core.\nBumps the maven group with 1 update in the /projects/xnio-api/xnio-fuzzer directory: org.jboss.xnio:xnio-api.\nBumps the maven group with 1 update in the /projects/yamlbeans/project-parent/fuzz-targets directory: [com.esotericsoftware.yamlbeans:yamlbeans](https://github.com/EsotericSoftware/yamlbeans).\nBumps the maven group with 1 update in the /projects/zt-zip/project-parent/fuzz-targets directory: [org.zeroturnaround:zt-zip](https://github.com/zeroturnaround/zt-zip).\n\nUpdates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.11\n\nUpdates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11\n\nUpdates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24\n\nUpdates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4\n\nUpdates `org.eclipse.platform:org.eclipse.core.runtime` from 3.26.100 to 3.29.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0\n\nUpdates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/HtmlUnit/htmlunit/releases\"\u003eorg.htmlunit:htmlunit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eHtmlUnit 3.9.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-csp: new lib for CSP\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecommons-logging to 1.3.0, commons-io to 2.15.1, commons-lang3 to 3.14.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor (CVE-2023-49093).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eneko: new HTML named entities parser that is up to 20x faster for common entities and some more fixes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.9.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.8.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: support trailing commas in function parameters.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eupdated CSS3Parser pool implementation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimproved detection onf XML/XHtml content when not content type header is set\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.8.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.7.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eINCOMPATIBLE CHANGE: For this version, the processing of WebWindowListener events got many changes/fixes/improvements.                 The main point was to let this work as stable as possible even if many WebWindowListener are registered.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecssparser: Switched from JavaCC to ParserGeneratorCC (\u003ca href=\"https://github.com/tulipcc/ParserGeneratorCC\"\u003ehttps://github.com/tulipcc/ParserGeneratorCC\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore-js: build system switched to maven\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplementation of CSS pseudo classes :invalid and :valid improved\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eForm.isValid() checks all form elements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDocumentation enhancements\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esupport ComputedCSSStyleDeclaration when JS engine is disabled\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHtmlForm.getElements() is now part of the public api\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed a major memory leak\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e'rel' attribute may contain multiple values, we have to split before checking the value\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003emany more fixes and improvements\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease have a look at the \u003ca href=\"https://www.htmlunit.org/changes-report.html#a3.7.0\"\u003efull release notes\u003c/a\u003e for details about this release.\u003c/p\u003e\n\u003cp\u003e💕 Thank you to all who have contributed and to the sponsors (more sponsoring is welcome \u003ca href=\"https://github.com/sponsors/rbri\"\u003ehttps://github.com/sponsors/rbri\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003eHtmlUnit 3.6.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eHighlights\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis release is not compatible with 2.xx versions - please read the \u003ca href=\"https://www.htmlunit.org/migration.html\"\u003emigration info\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/a599e36ecc0b19a2ea76b73f7f48365fbb87c28a\"\u003e\u003ccode\u003ea599e36\u003c/code\u003e\u003c/a\u003e version 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/d4c11058e71b6ba5eaaf5d9565c1634b4bbeec1e\"\u003e\u003ccode\u003ed4c1105\u003c/code\u003e\u003c/a\u003e core-js 3.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/51f0eefd545bca2c17f12f237ba228a08aac4f7f\"\u003e\u003ccode\u003e51f0eef\u003c/code\u003e\u003c/a\u003e exclude commons.logging from httpcomponents\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/65986a459f15da0eed1616d91efdd65f99120334\"\u003e\u003ccode\u003e65986a4\u003c/code\u003e\u003c/a\u003e code style\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/1587961cf4043ea776d38683e53470993bc70771\"\u003e\u003ccode\u003e1587961\u003c/code\u003e\u003c/a\u003e lib updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/2a972ced6e7cc147a29c86c0e962f2696f9cc4ed\"\u003e\u003ccode\u003e2a972ce\u003c/code\u003e\u003c/a\u003e htmx 1.9.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/792e8456cd76f7cfd04587d539bd4fa929599000\"\u003e\u003ccode\u003e792e845\u003c/code\u003e\u003c/a\u003e new subproject htmlunit-csp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e07ba67cc1b030f90a2ad9882f271429345b008d\"\u003e\u003ccode\u003ee07ba67\u003c/code\u003e\u003c/a\u003e fix ms driver check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab\"\u003e\u003ccode\u003ee015082\u003c/code\u003e\u003c/a\u003e enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HtmlUnit/htmlunit/commit/77aeaa85e1fc69e929858ae700b24528275d8d07\"\u003e\u003ccode\u003e77aeaa8\u003c/code\u003e\u003c/a\u003e another minor neko update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.7...3.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.56.v20240826\n\nUpdates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.31\n\nUpdates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.53.v20231009\n\nUpdates `org.bitbucket.b_c:jose4j` from Fuzzing-SNAPSHOT to 0.9.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://bitbucket.org/b_c/jose4j/commits/tag/jose4j-0.9.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.nimbusds:nimbus-jose-jwt` from 9.30.1 to 9.37.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f64e094030ab82659dbfaea8c489cc56291539cf\"\u003e\u003ccode\u003ef64e094\u003c/code\u003e\u003c/a\u003e Makes the abstract class BaseJWEProvider public (iss \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/521\"\u003e#521\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ad6fed330a6bc5dbcb343aafd085ffd0d15c07d7\"\u003e\u003ccode\u003ead6fed3\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.35\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/81c7f24cc8a49f0f87c530e50d750bb1db22b4a8\"\u003e\u003ccode\u003e81c7f24\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/24aaaf02edf5d1ae4cc449b3d81a9151f26953dc\"\u003e\u003ccode\u003e24aaaf0\u003c/code\u003e\u003c/a\u003e Bumps jacoco-maven-plugin to 0.8.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ff01cd912fe53ee2946170781fe243564920be94\"\u003e\u003ccode\u003eff01cd9\u003c/code\u003e\u003c/a\u003e Adds new JWKSet.filter method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/9c7ca65e0f85a286b8ed32886f40266075f785c7\"\u003e\u003ccode\u003e9c7ca65\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/61118382fa75f27b29d89f9438361dbd15485c53\"\u003e\u003ccode\u003e6111838\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/11d0767dea84e47cff18236dcfe300845a781fcb\"\u003e\u003ccode\u003e11d0767\u003c/code\u003e\u003c/a\u003e Updates maven-surefire-plugin, removes config workaround for maven-surefire-p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/43118defa2dbf9ef4d3a451f6c45b4021d52f24b\"\u003e\u003ccode\u003e43118de\u003c/code\u003e\u003c/a\u003e Adds JWTClaimsSet.getListClaim method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f50158f96675591b27a327b4597280dfda4aac07\"\u003e\u003ccode\u003ef50158f\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 9.37\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.4..9.30.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e32.0.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\r\n  \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\r\n  \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-jre\u0026lt;/version\u0026gt;\r\n  \u0026lt;!-- or, for Android: --\u0026gt;\r\n  \u0026lt;version\u0026gt;32.0.0-android\u0026lt;/version\u0026gt;\r\n\u0026lt;/dependency\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-jre/guava-32.0.0-jre.jar\"\u003e32.0.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-android/guava-32.0.0-android.jar\"\u003e32.0.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca href=\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone runtime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar\"\u003efailureaccess-1.0.1.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/docs/\"\u003e32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/docs/\"\u003e32.0.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/diffs/\"\u003e32.0.0-jre vs. 31.1-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/diffs/\"\u003e32.0.0-android vs. 31.1-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/androiddiffs/\"\u003e32.0.0-android vs. 32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003ch4\u003eSecurity fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReimplemented \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e to further address CVE-2020-8908 (\u003ca href=\"https://redirect.github.com/google/guava/issues/4011\"\u003e#4011\u003c/a\u003e) and CVE-2023-2976 (\u003ca href=\"https://redirect.github.com/google/guava/issues/2575\"\u003e#2575\u003c/a\u003e). (feb83a1c8f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eWhile CVE-2020-8908 was officially closed when we deprecated \u003ccode\u003eFiles.createTempDir\u003c/code\u003e in \u003ca href=\"https://github.com/google/guava/releases/tag/v30.0\"\u003eGuava 30.0\u003c/a\u003e, we've heard from users that even recent versions of Guava have been listed as vulnerable in \u003cem\u003eother\u003c/em\u003e databases of security vulnerabilities. In response, we've reimplemented the method (and the very rarely used \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e class, which had a similar issue) to eliminate the insecure behavior entirely. This change could technically affect users in a number of different ways (discussed under \u0026quot;Incompatible changes\u0026quot; below), but in practice, the only problem users are likely to encounter is with Windows. If you are using those APIs under Windows, you should skip 32.0.0 and go straight to \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e which fixes the problem. (Unfortunately, we didn't think of the Windows problem until after the release. And while we \u003ca href=\"https://github.com/google/guava#important-warnings\"\u003ewarn that \u003ccode\u003ecommon.io\u003c/code\u003e in particular may not work under Windows\u003c/a\u003e, we didn't intend to regress support.) Sorry for the trouble.\u003c/p\u003e\n\u003ch4\u003eIncompatible changes\u003c/h4\u003e\n\u003cp\u003eAlthough this release bumps Guava's major version number, it makes \u003cstrong\u003eno binary-incompatible changes to the \u003ccode\u003eguava\u003c/code\u003e artifact\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eOne change could cause issues for Widows users, and a few other changes could cause issues for users in more usual situations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThe new implementations of \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e \u003ca href=\"https://redirect.github.com/google/guava/issues/6535\"\u003ethrow an exception under Windows\u003c/a\u003e.\u003c/strong\u003e This is fixed in \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e. Sorry for the trouble.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eguava-gwt\u003c/code\u003e now \u003ca href=\"https://redirect.github.com/google/guava/issues/6627\"\u003erequires\u003c/a\u003e GWT \u003ca href=\"https://github.com/gwtproject/gwt/releases/tag/2.10.0\"\u003e2.10.0\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThis release makes a binary-incompatible change to a \u003ccode\u003e@Beta\u003c/code\u003e API in the \u003cstrong\u003eseparate artifact\u003c/strong\u003e \u003ccode\u003eguava-testlib\u003c/code\u003e. Specifically, we changed the return type of \u003ccode\u003eTestingExecutors.sameThreadScheduledExecutor\u003c/code\u003e to \u003ccode\u003eListeningScheduledExecutorService\u003c/code\u003e. The old return type was a package-private class, which caused the Kotlin compiler to produce warnings. (dafaa3e435)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.protobuf:protobuf-java` from 4.0.0-rc-2 to 4.27.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.3\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.2 to 2.25.3\n\nUpdates `org.jboss.xnio:xnio-api` from 3.8.8.Final to 3.8.14.Final\n\nUpdates `com.esotericsoftware.yamlbeans:yamlbeans` from Fuzzing-SNAPSHOT to 1.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/EsotericSoftware/yamlbeans/commits/1.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.zeroturnaround:zt-zip` from Fuzzing-SNAPSHOT to 1.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zeroturnaround/zt-zip/blob/master/Changelog.txt\"\u003eorg.zeroturnaround:zt-zip's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e1.13 (2nd May 2018)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible security vulnerability reported by Snyk Security Research Team\u003c/li\u003e\n\u003cli\u003eFixed same-zip bug for transformEntry method\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.12 (1st August 2017)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a resource leakage with ZipInputStream\u003c/li\u003e\n\u003cli\u003eFixed a NoSuchMethodError on Android platforms\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.11 (31st January 2017)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded iterate and unpack methods that accept a Charset\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.10 (28th October 2016)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded user configurable compression level to packEntries()\u003c/li\u003e\n\u003cli\u003eAdded more overloaded methods to the pack() method for convenience\u003c/li\u003e\n\u003cli\u003eBumped embedded Apache Commons from 1.4 to 2.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.9 (20th November 2015)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBumped minimal supported Java version to Java 5\u003c/li\u003e\n\u003cli\u003eAdded support for Java 7 POSIX file permissions\u003c/li\u003e\n\u003cli\u003eAdded ability to create and update byte-array backed ZIP streams\u003c/li\u003e\n\u003cli\u003eAdded ability to specify/replace compression level of ZipEntry\u003c/li\u003e\n\u003cli\u003eAdded BackslashUnpacker for broken (Windows) ZIP archives\u003c/li\u003e\n\u003cli\u003eFixed not closing InputStream after processing each ZipEntrySource\u003c/li\u003e\n\u003cli\u003eFixed buffering when creating and updating ZIP streams\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.8 (7th July 2014)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved dependency on commons-io\u003c/li\u003e\n\u003cli\u003eZipUtil.pack more memory efficient for large directories\u003c/li\u003e\n\u003cli\u003eFixed preserving compressed state of copied entries\u003c/li\u003e\n\u003cli\u003eFixed packing files from a directory based on an accept filter\u003c/li\u003e\n\u003cli\u003eImproved Charset support\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e1.6-SNAPSHOT (17th September 2012)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eStarted to write a changelog\u003c/li\u003e\n\u003cli\u003eAdded public CI, \u003ca href=\"https://travis-ci.org/\"\u003ehttps://travis-ci.org/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/zeroturnaround/zt-zip/commits/zt-zip-1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/stweil/oss-fuzz/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/stweil/oss-fuzz/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/stweil%2Foss-fuzz/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"3.34.100","new_version":"3.34.200","update_type":"patch","path":null,"pr_created_at":"2026-03-11T05:18:24.000Z","version_change":"3.34.100 → 3.34.200","issue":{"uuid":"4055898873","node_id":"PR_kwDOACiwys7Jlyvn","number":5912,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.100 to 3.34.200","user":"dependabot[bot]","labels":["dependencies","backport"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T05:18:24.000Z","updated_at":"2026-03-11T08:15:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.100","new_version":"3.34.200","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.100 to 3.34.200.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.100\u0026new-version=3.34.200)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5912","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5912","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5912/packages"}},{"old_version":"3.34.100","new_version":"3.34.200","update_type":"patch","path":null,"pr_created_at":"2026-03-10T07:23:48.000Z","version_change":"3.34.100 → 3.34.200","issue":{"uuid":"4049941582","node_id":"PR_kwDOAG2iAc7JS1C5","number":698,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.100 to 3.34.200","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-10T07:23:48.000Z","updated_at":"2026-03-10T07:26:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.100","new_version":"3.34.200","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.100 to 3.34.200.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.100\u0026new-version=3.34.200)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/cosmos/pull/698","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Fcosmos/issues/698","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/698/packages"}},{"old_version":"3.34.0","new_version":"3.34.100","update_type":"patch","path":null,"pr_created_at":"2025-12-09T09:38:36.000Z","version_change":"3.34.0 → 3.34.100","issue":{"uuid":"3710032630","node_id":"PR_kwDOBvbxyc6332Yw","number":496,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-12-09T09:53:01.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-09T09:38:36.000Z","updated_at":"2025-12-09T09:53:02.000Z","time_to_close":865,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/emf-maven-plugin/pull/496","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Femf-maven-plugin/issues/496","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/496/packages"}},{"old_version":"3.34.0","new_version":"3.34.100","update_type":"patch","path":null,"pr_created_at":"2025-12-09T07:01:57.000Z","version_change":"3.34.0 → 3.34.100","issue":{"uuid":"3709533370","node_id":"PR_kwDOAG2iAc632L9d","number":666,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-12-09T10:39:10.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-09T07:01:57.000Z","updated_at":"2025-12-09T10:39:11.000Z","time_to_close":13033,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/cosmos/pull/666","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Fcosmos/issues/666","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/666/packages"}},{"old_version":"3.34.0","new_version":"3.34.100","update_type":"patch","path":null,"pr_created_at":"2025-12-09T05:23:07.000Z","version_change":"3.34.0 → 3.34.100","issue":{"uuid":"3709274975","node_id":"PR_kwDOHeXpP8631UFM","number":378,"state":"closed","title":"Maven(deps-dev): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-12-10T09:19:27.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-09T05:23:07.000Z","updated_at":"2025-12-10T09:19:36.000Z","time_to_close":100580,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps-dev): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/Vitruv-DSLs/pull/378","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FVitruv-DSLs/issues/378","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/378/packages"}},{"old_version":"3.34.0","new_version":"3.34.100","update_type":"patch","path":null,"pr_created_at":"2025-12-08T19:06:35.000Z","version_change":"3.34.0 → 3.34.100","issue":{"uuid":"3707659994","node_id":"PR_kwDOACiwys63v3iX","number":5692,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","backport"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-08T19:06:35.000Z","updated_at":"2025-12-09T13:01:19.916Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5692","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5692","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5692/packages"}},{"old_version":"3.34.0","new_version":"3.34.100","update_type":"patch","path":null,"pr_created_at":"2025-12-08T12:35:47.000Z","version_change":"3.34.0 → 3.34.100","issue":{"uuid":"3706210017","node_id":"PR_kwDOACiwys63q6as","number":5677,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.34.0 to 3.34.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-08T12:35:47.000Z","updated_at":"2025-12-09T09:10:48.690Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.34.0","new_version":"3.34.100","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.34.0 to 3.34.100.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.34.0\u0026new-version=3.34.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5677","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5677","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5677/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-15T06:31:04.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2827981756","node_id":"PR_kwDOCg62Ns6oj5O8","number":5628,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","dependabot"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-15T11:21:34.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T06:31:04.000Z","updated_at":"2025-09-15T11:21:34.000Z","time_to_close":17430,"merged_at":"2025-09-15T11:21:34.000Z","merged_by":"cwperks","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=gradle\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/opensearch-project/security/pull/5628","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensearch-project%2Fsecurity/issues/5628","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5628/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-12T22:03:34.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2824124906","node_id":"PR_kwDOLjaDg86oVLnq","number":164,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-12T22:03:34.000Z","updated_at":"2025-09-12T22:03:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/giis-uniovi/modevo/pull/164","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/giis-uniovi%2Fmodevo/issues/164","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/164/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-10T13:03:33.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2815458563","node_id":"PR_kwDODtIEqc6n0H0D","number":1002,"state":"open","title":"build(deps): bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-10T13:03:33.000Z","updated_at":"2025-09-10T13:03:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/apache/axis-axis2-java-core/pull/1002","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Faxis-axis2-java-core/issues/1002","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1002/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-10T12:19:07.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2815309874","node_id":"PR_kwDOBvbxyc6nzjgy","number":461,"state":"closed","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-10T13:33:12.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-10T12:19:07.000Z","updated_at":"2025-09-10T13:33:12.000Z","time_to_close":4445,"merged_at":"2025-09-10T13:33:12.000Z","merged_by":"veithen","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/veithen/emf-maven-plugin/pull/461","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/veithen%2Femf-maven-plugin/issues/461","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/461/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-09T23:17:30.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2813593785","node_id":"PR_kwDOACiwys6ntAi5","number":5328,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","backport"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-09T23:17:30.000Z","updated_at":"2025-09-09T23:17:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5328","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5328","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5328/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-08T23:13:59.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2809865720","node_id":"PR_kwDOHgExUM6neyX4","number":310,"state":"open","title":"Maven(deps): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T23:13:59.000Z","updated_at":"2025-09-09T01:30:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/Vitruv-Change/pull/310","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FVitruv-Change/issues/310","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/310/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-08T23:07:04.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"3396001054","node_id":"PR_kwDOACiwys6nevLN","number":5293,"state":"open","title":"Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T23:07:04.000Z","updated_at":"2025-09-09T01:32:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eclipse-tycho/tycho/pull/5293","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eclipse-tycho%2Ftycho/issues/5293","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5293/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-08T05:18:48.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2806873608","node_id":"PR_kwDOHeXpP86nTX4I","number":287,"state":"open","title":"Maven(deps-dev): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T05:18:48.000Z","updated_at":"2025-09-08T11:59:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps-dev): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/Vitruv-DSLs/pull/287","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FVitruv-DSLs/issues/287","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/287/packages"}},{"old_version":"3.33.100","new_version":"3.34.0","update_type":"minor","path":null,"pr_created_at":"2025-09-08T02:13:20.000Z","version_change":"3.33.100 → 3.34.0","issue":{"uuid":"2806598639","node_id":"PR_kwDONLSBqM6nSUvv","number":58,"state":"closed","title":"Maven(deps): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.100 to 3.34.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-08T06:55:34.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-08T02:13:20.000Z","updated_at":"2025-09-08T06:55:34.000Z","time_to_close":16934,"merged_at":"2025-09-08T06:55:34.000Z","merged_by":"arlange","closed_by":null,"dependency_metadata":{"prefix":"Maven(deps): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.100","new_version":"3.34.0","repository_url":"https://github.com/eclipse-platform/eclipse.platform"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.eclipse.platform:org.eclipse.core.runtime](https://github.com/eclipse-platform/eclipse.platform) from 3.33.100 to 3.34.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eclipse-platform/eclipse.platform/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.100\u0026new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/EMF-Template/pull/58","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FEMF-Template/issues/58","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/58/packages"}},{"old_version":"3.33.0","new_version":"3.33.100","update_type":"patch","path":null,"pr_created_at":"2025-07-17T03:00:37.000Z","version_change":"3.33.0 → 3.33.100","issue":{"uuid":"2672475459","node_id":"PR_kwDONLSBqM6fSr1D","number":47,"state":"open","title":"Maven(deps): Bump org.eclipse.platform:org.eclipse.core.runtime from 3.33.0 to 3.33.100","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-17T03:00:37.000Z","updated_at":"2025-07-17T13:20:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Maven(deps): Bump","packages":[{"name":"org.eclipse.platform:org.eclipse.core.runtime","old_version":"3.33.0","new_version":"3.33.100","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.platform:org.eclipse.core.runtime\u0026package-manager=maven\u0026previous-version=3.33.0\u0026new-version=3.33.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/vitruv-tools/EMF-Template/pull/47","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vitruv-tools%2FEMF-Template/issues/47","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/47/packages"}}]}