{"id":5684,"name":"org.owasp.esapi:esapi","ecosystem":"maven","repository_url":"https://github.com/ESAPI/esapi-java-legacy","issues_count":69,"created_at":"2025-06-06T21:06:18.286Z","updated_at":"2025-06-06T21:06:18.286Z","purl":"pkg:maven/org.owasp.esapi:esapi","metadata":{"id":4966951,"name":"org.owasp.esapi:esapi","ecosystem":"maven","description":"The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC.","homepage":"https://owasp.org/www-project-enterprise-security-api/","licenses":"BSD,Creative Commons 3.0 BY-SA","normalized_licenses":["BSD-3-Clause","CC0-1.0"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","keywords_array":[],"namespace":"org.owasp.esapi","versions_count":28,"first_release_published_at":"2010-09-07T17:44:36.000Z","latest_release_published_at":"2013-09-03T01:17:59.000Z","latest_release_number":"2.1.0","last_synced_at":"2025-06-03T02:02:28.733Z","created_at":"2022-07-27T07:56:24.485Z","updated_at":"2025-06-03T02:02:28.733Z","registry_url":"https://central.sonatype.com/artifact/org.owasp.esapi/esapi/","install_command":null,"documentation_url":"https://appdoc.app/artifact/org.owasp.esapi/esapi/","metadata":{},"repo_metadata":{"uuid":"23857463","full_name":"ESAPI/esapi-java-legacy","owner":"ESAPI","description":"ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.","archived":false,"fork":false,"pushed_at":"2023-11-28T02:30:35.000Z","size":54494,"stargazers_count":571,"open_issues_count":119,"forks_count":406,"subscribers_count":57,"default_branch":"develop","last_synced_at":"2023-11-28T03:34:40.533Z","etag":null,"topics":["java","security"],"latest_commit_sha":null,"homepage":"https://owasp.org/www-project-enterprise-security-api/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ESAPI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING-TO-ESAPI.txt","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null}},"created_at":"2014-09-10T02:12:29.000Z","updated_at":"2023-11-24T04:16:02.000Z","dependencies_parsed_at":"2023-02-14T19:16:11.769Z","dependency_job_id":"e0067454-ca21-44fa-9671-00e323fee419","html_url":"https://github.com/ESAPI/esapi-java-legacy","commit_stats":null,"previous_names":[],"tags_count":25,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":173510174,"owners_count":9983100,"icon_url":"https://github.com/github.png","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"ESAPI","name":"Enterprise Security API","uuid":"5580725","kind":"organization","description":null,"email":null,"website":null,"location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/5580725?v=4","repositories_count":6,"last_synced_at":"2023-08-04T09:33:22.729Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/ESAPI","created_at":"2022-11-06T05:41:20.782Z","updated_at":"2023-08-04T09:33:22.899Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI/repositories"},"tags":[{"name":"esapi-2.5.3.0","sha":"ce7a72543fea94bab3cecb3d790a4dbbd8fb3e9a","kind":"tag","published_at":"2023-11-24T18:16:38.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.3.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.3.0/manifests"},{"name":"esapi-2.5.2.0","sha":"15737a23c0eb171da45148583d388edb023ff4b3","kind":"tag","published_at":"2023-04-13T00:21:02.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.2.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.2.0/manifests"},{"name":"esapi-2.5.1.0","sha":"958892f3e7bc59fe97f9594d06350e02275dc431","kind":"tag","published_at":"2022-11-27T16:36:35.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.1.0/manifests"},{"name":"esapi-2.5.0.0","sha":"8993a1ac07157e3207c342d915da6ee0cfc40c55","kind":"tag","published_at":"2022-07-20T03:16:17.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.0.0/manifests"},{"name":"esapi-2.4.0.0","sha":"db7f38cbd1e484597764b1e2bbdd0f62ca662510","kind":"tag","published_at":"2022-04-24T21:31:42.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.4.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.4.0.0/manifests"},{"name":"esapi-2.3.0.0","sha":"7797bc3ebd3a3bd700817b27e2a4455a0ba61f33","kind":"tag","published_at":"2022-04-17T22:35:09.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.3.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.3.0.0/manifests"},{"name":"esapi-2.2.3.1","sha":"2e8694c6beb3bdbb2645b882eba72ce41bc63242","kind":"tag","published_at":"2021-05-08T01:54:47.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.3.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.1/manifests"},{"name":"esapi-2.2.3.0","sha":"67980b8739f9ff03329a96e32af9d8012e9290da","kind":"tag","published_at":"2021-03-24T02:42:53.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.3.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.0/manifests"},{"name":"esapi-2.2.2.0","sha":"609e21c1d0253224f6f998f355ba5edcecb1d01a","kind":"tag","published_at":"2020-11-27T23:50:58.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.2.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.2.0/manifests"},{"name":"esapi-2.2.1.1","sha":"74fc4ba1fa9d356efa5e7052286482c689aafa09","kind":"commit","published_at":"2020-07-27T04:01:15.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.1.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.1/manifests"},{"name":"esapi-2.2.1.0","sha":"fefe6033d8e21963ab5f84b1649b8708366cd524","kind":"tag","published_at":"2020-07-13T02:44:26.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0/manifests"},{"name":"esapi-2.2.1.0-RC1","sha":"b6f8808e9bc0f1db01391ae40b18237b988252d8","kind":"tag","published_at":"2020-07-05T03:55:11.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.1.0-RC1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0-RC1/manifests"},{"name":"esapi-2.2.0.0","sha":"b9f1f87ad767a1985b4d528ebf04b899cdead255","kind":"tag","published_at":"2019-06-25T00:03:06.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0/manifests"},{"name":"esapi-2.2.0.0-RC3","sha":"06aa99e0881139768b87f5d50f91823dc9de5e98","kind":"tag","published_at":"2019-06-11T04:26:04.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0-RC3","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0-RC3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC3/manifests"},{"name":"esapi-2.2.0.0-RC2","sha":"2671692f631f5d618b1dd49497e1cfcb0b66a528","kind":"tag","published_at":"2019-05-02T02:06:34.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0-RC2","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0-RC2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC2/manifests"},{"name":"esapi-2.2.0.0-RC1","sha":"cc264ce3d23337d778a1d566dedfb3d319a3d1c7","kind":"tag","published_at":"2019-03-18T01:58:52.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0-RC1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC1/manifests"},{"name":"esapi-2.1.0.1","sha":"5582e1ffb6afce1208d65cf890986fb70d8b0aac","kind":"tag","published_at":"2016-02-05T05:57:17.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.1.0.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0.1/manifests"},{"name":"esapi-2.1.0","sha":"842a799a20bb19e1923db2a15857d34487fdd459","kind":"commit","published_at":"2013-09-03T01:16:47.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0/manifests"},{"name":"esapi-2.0.1","sha":"1c0b5d555ac7cac4e49c0a7011f56769c4699ff5","kind":"commit","published_at":"2011-07-25T06:24:48.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0.1/manifests"},{"name":"esapi-2.0GA","sha":"ec188273e489ace3ad83bbbd7bd6d63b1a13139e","kind":"commit","published_at":"2011-05-11T05:54:00.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0GA","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0GA","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0GA","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0GA/manifests"},{"name":"releases","sha":"71971bbe353294a826d9c88a9ba370e9aea38b05","kind":"commit","published_at":"2011-05-05T17:44:54.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/releases","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/releases","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/releases/manifests"},{"name":"esapi-2.0_rc11","sha":"aba31593fbf04250aa1193fb944732895eac5d92","kind":"commit","published_at":"2011-03-23T17:19:18.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0_rc11","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0_rc11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc11/manifests"},{"name":"2.0_rc10","sha":"adb332d17b1618eb9e0de84a4fd3a1d5e4841339","kind":"commit","published_at":"2010-10-16T16:08:29.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/2.0_rc10","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/2.0_rc10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_rc10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_rc10/manifests"},{"name":"esapi-2.0_rc10","sha":"1c2ba1f6e4d838d4cb8b3498f3c96403af117aa5","kind":"commit","published_at":"2010-10-15T19:56:26.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0_rc10","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0_rc10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc10/manifests"},{"name":"2.0_RC10","sha":"8a1cc9f66498be92893e3f0d5301449176a20c19","kind":"commit","published_at":"2010-10-15T17:41:31.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/2.0_RC10","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/2.0_RC10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_RC10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_RC10/manifests"}]},"repo_metadata_updated_at":"2023-11-28T03:37:22.916Z","dependent_packages_count":106,"downloads":null,"downloads_period":null,"dependent_repos_count":1483,"rankings":{"downloads":null,"dependent_repos_count":0.30173552990925906,"dependent_packages_count":0.7051841647912479,"stargazers_count":14.98045826959579,"forks_count":9.39845107759829,"docker_downloads_count":0.507764634273312,"average":5.17871873523358},"purl":"pkg:maven/org.owasp.esapi/esapi","advisories":[{"uuid":"GSA_kwCzR0hTQS03YzJxLTVxbXItdjc2cc4AA2we","url":"https://github.com/advisories/GHSA-7c2q-5qmr-v76q","title":"DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998","description":"### Impact\nESAPI 2.5.2.0 and later addressed  the DoS vulnerability described in CVE-2023-24998, which Apache Commons FileUpload 1.5 attempted to remediate. But while writing up a new security bulletin regarding the impact on the affected ESAPI `HTTPUtilities.getFileUploads` methods (or more specifically those methods in the `DefaultHTTPUtilities` implementation class), I realized that a DoS vulnerability still persists in ESAPI and for that matter in Apache Commons FileUpload as well.\n\n### Related to\nCVE-2023-24998\n\n### Patches\nESAPI 2.5.2.0 or later.\n\n### Workarounds\n- See the 'Solutions' section of Security Bulletin 11, in the References section. If you are not using ESAPI file uploads, see also the 'Workarounds' section.\n- Deploy an external WAF or other suitable DoS protection.\n- Add additional defenses to your code using HTTPUtilities.getFileUpload, such as requiring prior authentication, restricting how many / much content can be uploaded per user per day or per hour, etc. (It is the opinion of the ESAPI development team that such required controls should not be added to ESAPI because it is a general purpose security library and thus ESAPI ought not be enforcing generic policies like these on everyone, especially it it could break existing code bases.)\n\n### References\n[Security Bulletin 11: How Does CVE-2023-24998 Impact ESAPI?](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin11.pdf)\nNew ESAPI 2.5.2.0  or later Javadoc on HTTPUtilities.getFileUploads: https://javadoc.io/static/org.owasp.esapi/esapi/2.5.2.0/org/owasp/esapi/HTTPUtilities.html#getFileUploads-javax.servlet.http.HttpServletRequest-java.io.File-java.util.List-\n(Note: This link won't work until the 2.5.2.0 release is made official.)\n\n### Final Word\n(Especially to GitHub Advance Security team / GitHub as a CNA) -- I do not really wish to file a CVE for this. I had originally considered it, but there is no real way to address the general DoS scenarios for file uploads without breaking ESAPI client code which we are not willing to do. The clients have to take some responsibility for this themselves. In the next ESAPI release, I am going to add a reference to the appropriate Javadoc to this GitHub Security Advisory, but that's the best we can do. If you wish to discuss this with me, please first contact me via email at kevin.w.wall@gmail.com. ","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-10-27T21:55:44.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-7c2q-5qmr-v76q","https://github.com/advisories/GHSA-7c2q-5qmr-v76q"],"source_kind":"github","identifiers":["GHSA-7c2q-5qmr-v76q"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.5.2.0","vulnerable_version_range":"\u003c 2.5.2.0"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2023-10-27T22:05:46.718Z","updated_at":"2024-01-23T08:03:10.000Z","epss_percentage":null,"epss_percentile":null},{"uuid":"GSA_kwCzR0hTQS1yNjhoLWpoaGotOWp2bc4AA3Xs","url":"https://github.com/advisories/GHSA-r68h-jhhj-9jvm","title":"Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year","description":"### Impact\nThe `Validator.isValidSafeHTML` method can result in false negatives where it reports some input as safe (i.e., returns true), but really isn't, and using that same input as-is can in certain circumstances result in XSS vulnerabilities. Because this method cannot be fixed, it is being deprecated and will be removed in one years time from when this advisory is published. Full details may be found in [ESAPI Security Bulletin #12](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin12.pdf).\n\nNote that all versions of ESAPI, that have this method (which dates back to at least the ESAPI 1.3 release more than 15 years ago) have this issue and it will continue to exist until we remove these two methods in a future ESAPI release.\n\n### Patches\nThere is no patch. We do not believe that it is possible to patch this pretentiously named method other then perhaps renaming it to something like Validator.mightThisBeValidSafeHTML to dissuade developers from using it.\n\n### Workarounds\nStop using this method. Note that `Validator.getValidSafeHTML` is believed to be safe to use with the default **antisamy-esapi.xml** AntiSamy policy file.\n\n### Why is no CVE being filed?\nWe outline the reasons in the section \"Why no CVE for this issue?\" in [ESAPI Security Bulletin #12](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin12.pdf). If after reading that, if _you_ still want to file a CVE or this, knock yourself out.\n\n### References\n[CWE-79](https://cwe.mitre.org/data/definitions/79.html)\n[CWE-80](https://cwe.mitre.org/data/definitions/80.html)\n[ESAPI Security Bulletin #12](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin12.pdf)\n\n### Final resolution\nThis GitHub Security Advisory should now be considered remediated in [ESAPI versions 2.6.0.0](https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.0.0) and later as the deprecated methods have been removed from the ESAPI jar.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2023-11-27T17:25:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-r68h-jhhj-9jvm","https://github.com/advisories/GHSA-r68h-jhhj-9jvm"],"source_kind":"github","identifiers":["GHSA-r68h-jhhj-9jvm"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.0.0","vulnerable_version_range":"\u003c 2.6.0.0"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2023-11-27T18:06:02.649Z","updated_at":"2024-11-26T18:53:54.000Z","epss_percentage":null,"epss_percentile":null},{"uuid":"GSA_kwCzR0hTQS1qY3A5LTc5NmctcHY5cM4AAdXJ","url":"https://github.com/advisories/GHSA-jcp9-796g-pv9p","title":"Missing Cryptographic Step in OWASP Enterprise Security API for Java","description":"The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protection mechanisms via an attack against authenticity in the default configuration, involving a null MAC and a zero MAC length.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2022-05-17T03:56:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2013-5679","http://code.google.com/p/owasp-esapi-java/issues/detail?id=306","http://lists.owasp.org/pipermail/esapi-dev/2013-August/002285.html","http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/ESAPI-security-bulletin1.pdf","https://github.com/ESAPI/esapi-java-legacy/commit/41138fef5f63d9cf0d5e05d2bee2c7f682ffef3f","https://github.com/advisories/GHSA-jcp9-796g-pv9p"],"source_kind":"github","identifiers":["GHSA-jcp9-796g-pv9p","CVE-2013-5679"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.1.0","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.1.0"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2022-12-21T16:12:12.042Z","updated_at":"2024-03-20T17:42:33.000Z","epss_percentage":0.00053,"epss_percentile":0.1352},{"uuid":"GSA_kwCzR0hTQS0yZzU2LTdqdjctd3h4cc4AAUSC","url":"https://github.com/advisories/GHSA-2g56-7jv7-wxxq","title":"Missing Cryptographic Step in OWASP Enterprise Security API for Java","description":"The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protection mechanisms via an attack against the intended cipher mode in a non-default configuration, a different vulnerability than CVE-2013-5679.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-05-14T01:37:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2013-5960","https://github.com/ESAPI/esapi-java-legacy/issues/359","https://github.com/esapi/esapi-java-legacy/issues/306","https://github.com/ESAPI/esapi-java-legacy/blob/master/documentation/esapi4java-core-2.1.0.1-release-notes.txt","http://code.google.com/p/owasp-esapi-java/issues/detail?id=306","http://lists.owasp.org/pipermail/esapi-dev/2013-August/002285.html","http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/ESAPI-security-bulletin1.pdf","https://github.com/ESAPI/esapi-java-legacy/commit/b7cbc53f9cc967cf1a5a9463d8c6fef9ed6ef4f7","https://github.com/advisories/GHSA-2g56-7jv7-wxxq"],"source_kind":"github","identifiers":["GHSA-2g56-7jv7-wxxq","CVE-2013-5960"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.1.0.1","vulnerable_version_range":"\u003e= 2.0.0.0, \u003c= 2.1.0.0"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2022-12-21T16:12:11.603Z","updated_at":"2024-03-05T00:31:17.000Z","epss_percentage":0.00236,"epss_percentile":0.43686},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncDYtaGhmdy00Z3F4","url":"https://github.com/advisories/GHSA-3gp6-hhfw-4gqx","title":"Padding oracle attacks","description":"It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-13T15:22:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2010-3300","https://seclists.org/oss-sec/2010/q3/357","https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf","https://github.com/advisories/GHSA-3gp6-hhfw-4gqx"],"source_kind":"github","identifiers":["GHSA-3gp6-hhfw-4gqx","CVE-2010-3300"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0GA","vulnerable_version_range":"\u003c 2.0GA"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2022-12-21T16:12:58.334Z","updated_at":"2023-02-01T05:06:00.000Z","epss_percentage":0.00204,"epss_percentile":0.3968},{"uuid":"GSA_kwCzR0hTQS1xNzdxLXZ4NHEteHg2cc1BTg","url":"https://github.com/advisories/GHSA-q77q-vx4q-xx6q","title":"Cross-site Scripting in org.owasp.esapi:esapi","description":"### Impact\nThere is a potential for an XSS vulnerability in ESAPI caused by a incorrect regular expression for \"onsiteURL\" in the **antisamy-esapi.xml** configuration file that can cause URLs with the \"javascript:\" scheme to NOT be sanitized. See the reference below for full details.\n\n### Patches\nPatched in ESAPI 2.3.0.0 and later. See important remediation details in the reference given below.\n\n### Workarounds\nManually edit your **antisamy-esapi.xml** configuration files to change the \"onsiteURL\" regular expression as per remediation instructions in the reference below.\n\n### References\n[Security Bulletin 8](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin8.pdf)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email one of the project co-leaders. See email addresses listed on  the [OWASP ESAPI wiki](https://owasp.org/www-project-enterprise-security-api/) page, under \"Leaders\".\n* Send email to one of the two ESAPI related Google Groups listed under [Where to Find More Information on ESAPI](https://github.com/ESAPI/esapi-java-legacy#where-to-find-more-information-on-esapi) on our [README.md](https://github.com/ESAPI/esapi-java-legacy#readme) page.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-04-27T21:09:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-q77q-vx4q-xx6q","https://nvd.nist.gov/vuln/detail/CVE-2022-24891","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin8.pdf","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.3.0.0-release-notes.txt","https://www.oracle.com/security-alerts/cpujul2022.html","https://security.netapp.com/advisory/ntap-20230127-0014/","https://github.com/advisories/GHSA-q77q-vx4q-xx6q"],"source_kind":"github","identifiers":["GHSA-q77q-vx4q-xx6q","CVE-2022-24891"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.3.0.0","vulnerable_version_range":"\u003c= 2.2.3.1"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2022-12-21T16:12:29.635Z","updated_at":"2025-04-07T01:15:03.754Z","epss_percentage":0.00307,"epss_percentile":0.5098},{"uuid":"GSA_kwCzR0hTQS04bTVoLWhycW0tcHhtMs1BTQ","url":"https://github.com/advisories/GHSA-8m5h-hrqm-pxm2","title":"Path traversal in the OWASP Enterprise Security API","description":"### Impact\nThe default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a child of the specified parent directory. This potentially could allow control-flow bypass checks to be defeated if an attack can specify the entire string representing the 'input' path.\n\n### Patches\nThis vulnerability is patched in release 2.3.0.0 of ESAPI. See https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.3.0.0 for details.\n\n### Workarounds\nYes; in theory, one _could_ write the own implementation of the Validator interface. This would most easily be done by sub-classing a version of the affected `DefaultValidator` class and then overriding the affected `getValidDirectoryPath()` to correct the issue. However, this is not recommended.\n\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email one of the project co-leaders. See email addresses listed on  the [OWASP ESAPI wiki](https://owasp.org/www-project-enterprise-security-api/) page, under \"Leaders\".\n* Send email to one of the two ESAPI related Google Groups listed under [Where to Find More Information on ESAPI](https://github.com/ESAPI/esapi-java-legacy#where-to-find-more-information-on-esapi) on our [README.md](https://github.com/ESAPI/esapi-java-legacy#readme) page.\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-04-27T21:09:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-8m5h-hrqm-pxm2","https://nvd.nist.gov/vuln/detail/CVE-2022-23457","https://github.com/ESAPI/esapi-java-legacy/commit/a0d67b75593878b1b6e39e2acc1773b3effedb2a","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/GHSL-2022-008_The_OWASP_Enterprise_Security_API.md","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.3.0.0-release-notes.txt","https://securitylab.github.com/advisories/GHSL-2022-008_The_OWASP_Enterprise_Security_API/","https://www.oracle.com/security-alerts/cpujul2022.html","https://security.netapp.com/advisory/ntap-20230127-0014/","https://github.com/advisories/GHSA-8m5h-hrqm-pxm2"],"source_kind":"github","identifiers":["GHSA-8m5h-hrqm-pxm2","CVE-2022-23457"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.3.0.0","vulnerable_version_range":"\u003c= 2.2.3.1"}],"ecosystem":"maven","package_name":"org.owasp.esapi:esapi"}],"created_at":"2022-12-21T16:12:29.643Z","updated_at":"2023-01-27T21:41:12.000Z","epss_percentage":0.00233,"epss_percentile":0.43278}],"docker_usage_url":"https://docker.ecosyste.ms/usage/maven/org.owasp.esapi:esapi","docker_dependents_count":676,"docker_downloads_count":102265081,"usage_url":"https://repos.ecosyste.ms/usage/maven/org.owasp.esapi:esapi","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/maven/org.owasp.esapi:esapi/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/related_packages","maintainers":[],"registry":{"name":"repo1.maven.org","url":"https://repo.maven.apache.org/maven2","ecosystem":"maven","default":true,"packages_count":517936,"maintainers_count":0,"namespaces_count":68848,"keywords_count":32053,"github":"maven-central","metadata":{"funded_packages_count":25044},"icon_url":"https://github.com/maven-central.png","created_at":"2022-07-21T16:40:13.074Z","updated_at":"2025-06-07T05:38:09.526Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/namespaces"}},"unique_repositories_count":37,"unique_repositories_count_past_30_days":1,"recent_issues":[{"uuid":"4257377747","node_id":"PR_kwDOK8Zc3s7SF8VK","number":9,"state":"open","title":"Bump the maven group across 4 directories with 18 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-13T19:30:29.000Z","updated_at":"2026-05-05T02:03:13.541Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":18,"packages":[{"name":"org.apache.activemq:activemq-all","old_version":"5.15.8","new_version":"5.19.2","repository_url":"https://github.com/apache/activemq"},{"name":"org.wso2.carbon.mediation:org.wso2.carbon.localentry","old_version":"4.7.46","new_version":"4.7.259"},{"name":"commons-io:commons-io","old_version":"2.2","new_version":"2.14.0"},{"name":"org.opensaml:opensaml","old_version":"2.2.3","new_version":"2.6.5"},{"name":"org.springframework:spring-context","old_version":"4.1.5.RELEASE","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.apache.tomcat.embed:tomcat-embed-core","old_version":"7.0.85","new_version":"9.0.117"},{"name":"org.json:json","old_version":"20080701","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"io.netty:netty-common","old_version":"4.1.11.Final","new_version":"4.1.118.Final","repository_url":"https://github.com/netty/netty"},{"name":"org.apache.commons:commons-lang3","old_version":"3.1","new_version":"3.18.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.3.2","new_version":"1.6.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.apache.activemq:activemq-all](https://github.com/apache/activemq) | `5.15.8` | `5.19.2` |\n| org.wso2.carbon.mediation:org.wso2.carbon.localentry | `4.7.46` | `4.7.259` |\n| commons-io:commons-io | `2.2` | `2.14.0` |\n| org.opensaml:opensaml | `2.2.3` | `2.6.5` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `4.1.5.RELEASE` | `6.1.20` |\n| org.apache.tomcat.embed:tomcat-embed-core | `7.0.85` | `9.0.117` |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20080701` | `20231013` |\n| [io.netty:netty-common](https://github.com/netty/netty) | `4.1.11.Final` | `4.1.118.Final` |\n| org.apache.commons:commons-lang3 | `3.1` | `3.18.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.0.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.3.2` | `1.6.0` |\n\nBumps the maven group with 1 update in the /integration/automation-extensions directory: org.apache.commons:commons-lang3.\nBumps the maven group with 2 updates in the /p2-profile/analytics-profile directory: org.apache.commons:commons-lang3 and commons-fileupload:commons-fileupload.\nBumps the maven group with 3 updates in the /product-scenarios directory: org.apache.activemq:activemq-client, org.apache.commons:commons-lang3 and org.apache.axis2:axis2.\n\nUpdates `org.apache.activemq:activemq-all` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/b8b6125d64b9902c616a90b12765f1da35225ae4\"\u003e\u003ccode\u003eb8b6125\u003c/code\u003e\u003c/a\u003e Upgrade to log4j 2.25.3 and slf4j 2.0.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/2962323277ab07286c4dd84084d2e26c9c68b081\"\u003e\u003ccode\u003e2962323\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-pool2 from 2.12.1 to 2.13.1 (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1605\"\u003e#1605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/13360632df6e55c422e21c14fcc7cada0b1abf46\"\u003e\u003ccode\u003e1336063\u003c/code\u003e\u003c/a\u003e [AMQ-9815] Add additional attributes to ConnectorView (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1556\"\u003e#1556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/120aa34113b26c1aacac6461b798caa8b6048a08\"\u003e\u003ccode\u003e120aa34\u003c/code\u003e\u003c/a\u003e AMQ-9824 - Cleanup code in KahaDB classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/4f3bafbcb76f86fc89bf3a172044ccea602a27e6\"\u003e\u003ccode\u003e4f3bafb\u003c/code\u003e\u003c/a\u003e AMQ-9823 - properly clear ack set from ackAndPreparedMap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/7b71fc6289e6f26c200988df3cf9c0f5093dadf8\"\u003e\u003ccode\u003e7b71fc6\u003c/code\u003e\u003c/a\u003e AMQ-9819 - Rework Rest test fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/009b4f3cbb1469389497ab6ffe2df68ce897dd2c\"\u003e\u003ccode\u003e009b4f3\u003c/code\u003e\u003c/a\u003e [AMQ-9819]: harden #testConsumeAsyncTimeout() so it does not rely on a specif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c2dced4b307ca74f0784339a106261d0469be2b0\"\u003e\u003ccode\u003ec2dced4\u003c/code\u003e\u003c/a\u003e [AMQ-9820]: closed connections leaking into the pool when reconnectOnExceptio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/733257f23cdfdcc199e71ff3fc4670f2a56876a2\"\u003e\u003ccode\u003e733257f\u003c/code\u003e\u003c/a\u003e AMQ-9813 - Minor updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.activemq:activemq-broker` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/b8b6125d64b9902c616a90b12765f1da35225ae4\"\u003e\u003ccode\u003eb8b6125\u003c/code\u003e\u003c/a\u003e Upgrade to log4j 2.25.3 and slf4j 2.0.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/2962323277ab07286c4dd84084d2e26c9c68b081\"\u003e\u003ccode\u003e2962323\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-pool2 from 2.12.1 to 2.13.1 (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1605\"\u003e#1605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/13360632df6e55c422e21c14fcc7cada0b1abf46\"\u003e\u003ccode\u003e1336063\u003c/code\u003e\u003c/a\u003e [AMQ-9815] Add additional attributes to ConnectorView (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1556\"\u003e#1556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/120aa34113b26c1aacac6461b798caa8b6048a08\"\u003e\u003ccode\u003e120aa34\u003c/code\u003e\u003c/a\u003e AMQ-9824 - Cleanup code in KahaDB classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/4f3bafbcb76f86fc89bf3a172044ccea602a27e6\"\u003e\u003ccode\u003e4f3bafb\u003c/code\u003e\u003c/a\u003e AMQ-9823 - properly clear ack set from ackAndPreparedMap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/7b71fc6289e6f26c200988df3cf9c0f5093dadf8\"\u003e\u003ccode\u003e7b71fc6\u003c/code\u003e\u003c/a\u003e AMQ-9819 - Rework Rest test fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/009b4f3cbb1469389497ab6ffe2df68ce897dd2c\"\u003e\u003ccode\u003e009b4f3\u003c/code\u003e\u003c/a\u003e [AMQ-9819]: harden #testConsumeAsyncTimeout() so it does not rely on a specif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c2dced4b307ca74f0784339a106261d0469be2b0\"\u003e\u003ccode\u003ec2dced4\u003c/code\u003e\u003c/a\u003e [AMQ-9820]: closed connections leaking into the pool when reconnectOnExceptio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/733257f23cdfdcc199e71ff3fc4670f2a56876a2\"\u003e\u003ccode\u003e733257f\u003c/code\u003e\u003c/a\u003e AMQ-9813 - Minor updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.2\n\nUpdates `org.wso2.carbon.mediation:org.wso2.carbon.localentry` from 4.7.46 to 4.7.259\n\nUpdates `commons-io:commons-io` from 2.2 to 2.14.0\n\nUpdates `org.opensaml:opensaml` from 2.2.3 to 2.6.5\n\nUpdates `org.springframework:spring-context` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tomcat.embed:tomcat-embed-core` from 7.0.85 to 9.0.117\n\nUpdates `org.json:json` from 20080701 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230227\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/723\"\u003e#723\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eProtect JSONML from stack overflow exceptions caused by recursion\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/720\"\u003e#720\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eLimit the XML nesting depth for CVE-2022-45688\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/711\"\u003e#711\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRevert pull 707 - interviewbit spam\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/704\"\u003e#704\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eMove javadoc comments above the interface definition to make it visible\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/703\"\u003e#703\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate Releases.md for JSONObject(Map): Throws NPE if key is null\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/696\"\u003e#696\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate JSONPointerTest for NonDex compatibility\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/694\"\u003e#694\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePretty print XML\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/692\"\u003e#692\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eExample.md syntax highlight and indentation\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/691\"\u003e#691\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eCreate unit tests for various number formats\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20220924\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/688\"\u003e#688\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate copyright to Public Domain\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/687\"\u003e#687\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix a typo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/685\"\u003e#685\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSONObject map type unit tests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003cp\u003e20230227    Fix for CVE-2022-45688 and recent commits\u003c/p\u003e\n\u003cp\u003e20220924    New License - public domain, and some minor updates\u003c/p\u003e\n\u003cp\u003e20220320    Wrap StackOverflow with JSONException\u003c/p\u003e\n\u003cp\u003e20211205    Recent commits and some bug fixes for similar()\u003c/p\u003e\n\u003cp\u003e20210307    Recent commits and potentially breaking fix to JSONPointer\u003c/p\u003e\n\u003cp\u003e20201115    Recent commits and first release after project structure change\u003c/p\u003e\n\u003cp\u003e20200518    Recent commits and snapshot before project structure change\u003c/p\u003e\n\u003cp\u003e20190722    Recent commits\u003c/p\u003e\n\u003cp\u003e20180813    POM change to include Automatic-Module-Name (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/431\"\u003e#431\u003c/a\u003e)\nJSONObject(Map) now throws an exception if any of a map keys are null (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/405\"\u003e#405\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e20180130    Recent commits\u003c/p\u003e\n\u003cp\u003e20171018    Checkpoint for recent commits.\u003c/p\u003e\n\u003cp\u003e20170516    Roll up recent commits.\u003c/p\u003e\n\u003cp\u003e20160810    Revert code that was breaking opt*() methods.\u003c/p\u003e\n\u003cp\u003e20160807    This release contains a bug in the JSONObject.opt*() and JSONArray.opt*() methods,\nit is not recommended for use.\nJava 1.6 compatability fixed, JSONArray.toList() and JSONObject.toMap(),\nRFC4180 compatibility, JSONPointer, some exception fixes, optional XML type conversion.\nContains the latest code as of 7 Aug 2016\u003c/p\u003e\n\u003cp\u003e20160212    Java 1.6 compatibility, OSGi bundle. Contains the latest code as of 12 Feb 2016.\u003c/p\u003e\n\u003cp\u003e20151123    JSONObject and JSONArray initialization with generics. Contains the latest code as of 23 Nov 2015.\u003c/p\u003e\n\u003cp\u003e20150729    Checkpoint for Maven central repository release. Contains the latest code\nas of 29 July 2015.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits/20231013\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-common` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-handler` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec-http` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.owasp.esapi:esapi` from 2.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.3.2 to 3.18.0\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.4\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.axis2:axis2` from 1.6.2 to 1.8.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jadenblack/product-ei/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/jadenblack/product-ei/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jadenblack%2Fproduct-ei/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4225596891","node_id":"PR_kwDOK8Zc3s7Q2b8f","number":6,"state":"closed","title":"Bump the maven group across 4 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-10T21:11:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-08T15:16:11.000Z","updated_at":"2026-04-10T21:11:16.000Z","time_to_close":194103,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":17,"packages":[{"name":"org.apache.activemq:activemq-all","old_version":"5.15.8","new_version":"5.19.2","repository_url":"https://github.com/apache/activemq"},{"name":"org.wso2.carbon.mediation:org.wso2.carbon.localentry","old_version":"4.7.46","new_version":"4.7.259"},{"name":"commons-io:commons-io","old_version":"2.2","new_version":"2.14.0"},{"name":"org.opensaml:opensaml","old_version":"2.2.3","new_version":"2.6.5"},{"name":"org.springframework:spring-context","old_version":"4.1.5.RELEASE","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.apache.tomcat.embed:tomcat-embed-core","old_version":"7.0.85","new_version":"9.0.115"},{"name":"org.json:json","old_version":"20080701","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"io.netty:netty-common","old_version":"4.1.11.Final","new_version":"4.1.118.Final","repository_url":"https://github.com/netty/netty"},{"name":"org.apache.commons:commons-lang3","old_version":"3.1","new_version":"3.18.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.3.2","new_version":"1.6.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.apache.activemq:activemq-all](https://github.com/apache/activemq) | `5.15.8` | `5.19.2` |\n| org.wso2.carbon.mediation:org.wso2.carbon.localentry | `4.7.46` | `4.7.259` |\n| commons-io:commons-io | `2.2` | `2.14.0` |\n| org.opensaml:opensaml | `2.2.3` | `2.6.5` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `4.1.5.RELEASE` | `6.1.20` |\n| org.apache.tomcat.embed:tomcat-embed-core | `7.0.85` | `9.0.115` |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20080701` | `20231013` |\n| [io.netty:netty-common](https://github.com/netty/netty) | `4.1.11.Final` | `4.1.118.Final` |\n| org.apache.commons:commons-lang3 | `3.1` | `3.18.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.0.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.3.2` | `1.6.0` |\n\nBumps the maven group with 1 update in the /integration/automation-extensions directory: org.apache.commons:commons-lang3.\nBumps the maven group with 2 updates in the /p2-profile/analytics-profile directory: org.apache.commons:commons-lang3 and commons-fileupload:commons-fileupload.\nBumps the maven group with 3 updates in the /product-scenarios directory: [org.apache.activemq:activemq-client](https://github.com/apache/activemq), org.apache.commons:commons-lang3 and org.apache.axis2:axis2.\n\nUpdates `org.apache.activemq:activemq-all` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/b8b6125d64b9902c616a90b12765f1da35225ae4\"\u003e\u003ccode\u003eb8b6125\u003c/code\u003e\u003c/a\u003e Upgrade to log4j 2.25.3 and slf4j 2.0.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/2962323277ab07286c4dd84084d2e26c9c68b081\"\u003e\u003ccode\u003e2962323\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-pool2 from 2.12.1 to 2.13.1 (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1605\"\u003e#1605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/13360632df6e55c422e21c14fcc7cada0b1abf46\"\u003e\u003ccode\u003e1336063\u003c/code\u003e\u003c/a\u003e [AMQ-9815] Add additional attributes to ConnectorView (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1556\"\u003e#1556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/120aa34113b26c1aacac6461b798caa8b6048a08\"\u003e\u003ccode\u003e120aa34\u003c/code\u003e\u003c/a\u003e AMQ-9824 - Cleanup code in KahaDB classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/4f3bafbcb76f86fc89bf3a172044ccea602a27e6\"\u003e\u003ccode\u003e4f3bafb\u003c/code\u003e\u003c/a\u003e AMQ-9823 - properly clear ack set from ackAndPreparedMap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/7b71fc6289e6f26c200988df3cf9c0f5093dadf8\"\u003e\u003ccode\u003e7b71fc6\u003c/code\u003e\u003c/a\u003e AMQ-9819 - Rework Rest test fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/009b4f3cbb1469389497ab6ffe2df68ce897dd2c\"\u003e\u003ccode\u003e009b4f3\u003c/code\u003e\u003c/a\u003e [AMQ-9819]: harden #testConsumeAsyncTimeout() so it does not rely on a specif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c2dced4b307ca74f0784339a106261d0469be2b0\"\u003e\u003ccode\u003ec2dced4\u003c/code\u003e\u003c/a\u003e [AMQ-9820]: closed connections leaking into the pool when reconnectOnExceptio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/733257f23cdfdcc199e71ff3fc4670f2a56876a2\"\u003e\u003ccode\u003e733257f\u003c/code\u003e\u003c/a\u003e AMQ-9813 - Minor updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/activemq/releases\"\u003eorg.apache.activemq:activemq-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache ActiveMQ 5.19.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[5.19.x] Backport: Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1800\"\u003eapache/activemq#1800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to spring.schemas in preparation for the 5.19.3 release by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1805\"\u003eapache/activemq#1805\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1802\"\u003eapache/activemq#1802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the copyright year in the NOTICE by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1807\"\u003eapache/activemq#1807\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\"\u003ehttps://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/e216f452084ab01641ac5ae8bf7c0d8777c79e9a\"\u003e\u003ccode\u003ee216f45\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0382e8c45ba95d6daa6f4b3885087732d6ac61ca\"\u003e\u003ccode\u003e0382e8c\u003c/code\u003e\u003c/a\u003e Update the copyright year in the NOTICE (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1807\"\u003e#1807\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/256f225b6df7945fffff0134949bea3e26f84744\"\u003e\u003ccode\u003e256f225\u003c/code\u003e\u003c/a\u003e Backport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1802\"\u003e#1802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/d01dd9dc682d083ecbbd1dde7fb2f3772f371097\"\u003e\u003ccode\u003ed01dd9d\u003c/code\u003e\u003c/a\u003e Upgrade to spring.schemas in preparation for the 5.19.3 release (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1805\"\u003e#1805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/171fdfc5148156f3e98fa3ca81e77034cc155279\"\u003e\u003ccode\u003e171fdfc\u003c/code\u003e\u003c/a\u003e Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1800\"\u003e#1800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/589fcfc966b99350f5bdc75dbb34aff3dc7210c9\"\u003e\u003ccode\u003e589fcfc\u003c/code\u003e\u003c/a\u003e AMQ-9843 Handle InstanceNotFoundException during MBean unregistration to avoi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/635448326ffa4386be7baf015a3293eb3850a16c\"\u003e\u003ccode\u003e6354483\u003c/code\u003e\u003c/a\u003e AMQ-9588: Run ActiveMQ with regular user in Docker container, and hook to eas...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0d0e7414f209fe8dbab77cacc0fdf505cef6d3ae\"\u003e\u003ccode\u003e0d0e741\u003c/code\u003e\u003c/a\u003e AMQ-9812: Allow user to set ACTIVEMQ_OPTS and ACTIVEMQ_OPTS_MEMORY env variab...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/027fa1626601aca1bcafb211829760d3930d3716\"\u003e\u003ccode\u003e027fa16\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.wso2.carbon.mediation:org.wso2.carbon.localentry` from 4.7.46 to 4.7.259\n\nUpdates `commons-io:commons-io` from 2.2 to 2.14.0\n\nUpdates `org.opensaml:opensaml` from 2.2.3 to 2.6.5\n\nUpdates `org.springframework:spring-context` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tomcat.embed:tomcat-embed-core` from 7.0.85 to 9.0.115\n\nUpdates `org.json:json` from 20080701 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230227\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/723\"\u003e#723\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eProtect JSONML from stack overflow exceptions caused by recursion\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/720\"\u003e#720\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eLimit the XML nesting depth for CVE-2022-45688\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/711\"\u003e#711\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRevert pull 707 - interviewbit spam\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/704\"\u003e#704\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eMove javadoc comments above the interface definition to make it visible\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/703\"\u003e#703\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate Releases.md for JSONObject(Map): Throws NPE if key is null\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/696\"\u003e#696\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate JSONPointerTest for NonDex compatibility\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/694\"\u003e#694\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePretty print XML\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/692\"\u003e#692\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eExample.md syntax highlight and indentation\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/691\"\u003e#691\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eCreate unit tests for various number formats\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20220924\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/688\"\u003e#688\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate copyright to Public Domain\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/687\"\u003e#687\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix a typo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/685\"\u003e#685\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSONObject map type unit tests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003cp\u003e20230227    Fix for CVE-2022-45688 and recent commits\u003c/p\u003e\n\u003cp\u003e20220924    New License - public domain, and some minor updates\u003c/p\u003e\n\u003cp\u003e20220320    Wrap StackOverflow with JSONException\u003c/p\u003e\n\u003cp\u003e20211205    Recent commits and some bug fixes for similar()\u003c/p\u003e\n\u003cp\u003e20210307    Recent commits and potentially breaking fix to JSONPointer\u003c/p\u003e\n\u003cp\u003e20201115    Recent commits and first release after project structure change\u003c/p\u003e\n\u003cp\u003e20200518    Recent commits and snapshot before project structure change\u003c/p\u003e\n\u003cp\u003e20190722    Recent commits\u003c/p\u003e\n\u003cp\u003e20180813    POM change to include Automatic-Module-Name (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/431\"\u003e#431\u003c/a\u003e)\nJSONObject(Map) now throws an exception if any of a map keys are null (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/405\"\u003e#405\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e20180130    Recent commits\u003c/p\u003e\n\u003cp\u003e20171018    Checkpoint for recent commits.\u003c/p\u003e\n\u003cp\u003e20170516    Roll up recent commits.\u003c/p\u003e\n\u003cp\u003e20160810    Revert code that was breaking opt*() methods.\u003c/p\u003e\n\u003cp\u003e20160807    This release contains a bug in the JSONObject.opt*() and JSONArray.opt*() methods,\nit is not recommended for use.\nJava 1.6 compatability fixed, JSONArray.toList() and JSONObject.toMap(),\nRFC4180 compatibility, JSONPointer, some exception fixes, optional XML type conversion.\nContains the latest code as of 7 Aug 2016\u003c/p\u003e\n\u003cp\u003e20160212    Java 1.6 compatibility, OSGi bundle. Contains the latest code as of 12 Feb 2016.\u003c/p\u003e\n\u003cp\u003e20151123    JSONObject and JSONArray initialization with generics. Contains the latest code as of 23 Nov 2015.\u003c/p\u003e\n\u003cp\u003e20150729    Checkpoint for Maven central repository release. Contains the latest code\nas of 29 July 2015.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-common` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-handler` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec-http` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.owasp.esapi:esapi` from 2.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.3.2 to 3.18.0\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/activemq/releases\"\u003eorg.apache.activemq:activemq-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache ActiveMQ 5.19.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[5.19.x] Backport: Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1800\"\u003eapache/activemq#1800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to spring.schemas in preparation for the 5.19.3 release by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1805\"\u003eapache/activemq#1805\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1802\"\u003eapache/activemq#1802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the copyright year in the NOTICE by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1807\"\u003eapache/activemq#1807\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\"\u003ehttps://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/e216f452084ab01641ac5ae8bf7c0d8777c79e9a\"\u003e\u003ccode\u003ee216f45\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0382e8c45ba95d6daa6f4b3885087732d6ac61ca\"\u003e\u003ccode\u003e0382e8c\u003c/code\u003e\u003c/a\u003e Update the copyright year in the NOTICE (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1807\"\u003e#1807\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/256f225b6df7945fffff0134949bea3e26f84744\"\u003e\u003ccode\u003e256f225\u003c/code\u003e\u003c/a\u003e Backport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1802\"\u003e#1802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/d01dd9dc682d083ecbbd1dde7fb2f3772f371097\"\u003e\u003ccode\u003ed01dd9d\u003c/code\u003e\u003c/a\u003e Upgrade to spring.schemas in preparation for the 5.19.3 release (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1805\"\u003e#1805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/171fdfc5148156f3e98fa3ca81e77034cc155279\"\u003e\u003ccode\u003e171fdfc\u003c/code\u003e\u003c/a\u003e Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1800\"\u003e#1800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/589fcfc966b99350f5bdc75dbb34aff3dc7210c9\"\u003e\u003ccode\u003e589fcfc\u003c/code\u003e\u003c/a\u003e AMQ-9843 Handle InstanceNotFoundException during MBean unregistration to avoi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/635448326ffa4386be7baf015a3293eb3850a16c\"\u003e\u003ccode\u003e6354483\u003c/code\u003e\u003c/a\u003e AMQ-9588: Run ActiveMQ with regular user in Docker container, and hook to eas...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0d0e7414f209fe8dbab77cacc0fdf505cef6d3ae\"\u003e\u003ccode\u003e0d0e741\u003c/code\u003e\u003c/a\u003e AMQ-9812: Allow user to set ACTIVEMQ_OPTS and ACTIVEMQ_OPTS_MEMORY env variab...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/027fa1626601aca1bcafb211829760d3930d3716\"\u003e\u003ccode\u003e027fa16\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.axis2:axis2` from 1.6.2 to 1.8.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jadenblack/product-ei/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/jadenblack/product-ei/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jadenblack%2Fproduct-ei/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"3680195563","node_id":"PR_kwDOL3sGR862TcZb","number":1,"state":"open","title":"Bump the maven group across 22 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-01T09:55:36.000Z","updated_at":"2026-02-03T01:12:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":13,"packages":[{"name":"org.apache.solr:solr-core","old_version":"1.4.1","new_version":"9.8.0"},{"name":"org.springframework:spring-core","old_version":"3.1.4.RELEASE","new_version":"3.2.9.RELEASE","repository_url":"https://github.com/SpringSource/spring-framework"},{"name":"org.springframework.security:spring-security-core","old_version":"3.1.7.RELEASE","new_version":"5.7.14","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.owasp.esapi:esapi","old_version":"2.5.3.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.commons:commons-lang3","old_version":"3.12.0","new_version":"3.18.0"},{"name":"com.h2database:h2","old_version":"1.3.176","new_version":"2.2.220","repository_url":"https://github.com/h2database/h2database"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/publication-service-oaipmh-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/publication-service-configurable directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/publication-service-configurable-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 7 updates in the /modules/publication-service-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/presets directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/playlists directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/oaipmh directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/oaipmh-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/oaipmh-persistence directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 7 updates in the /modules/oaipmh-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/notification-workflowoperation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/mpeg7 directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/metrics-exporter directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/metadata directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/metadata-to-acl-workflowoperation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 7 updates in the /modules/metadata-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/message-broker-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/mattermost-notification-workflowoperation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/lti directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/lti-service-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/lti-service-impl directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\n\nUpdates `org.apache.solr:solr-core` from 1.4.1 to 9.8.0\n\nUpdates `org.springframework:spring-core` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-beans` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-expression` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-core` from 3.1.7.RELEASE to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc\"\u003eorg.springframework.security:spring-security-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e= Release Process\u003c/p\u003e\n\u003cp\u003eThe release process for Spring Security is entirely automated via the \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc%5BSpring\"\u003ehttps://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc[Spring\u003c/a\u003e Security Release Plugin] and \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows%5Breusable\"\u003ehttps://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows[reusable\u003c/a\u003e workflows].\nThe following table outlines the steps that are taken by the automation.\u003c/p\u003e\n\u003cp\u003eWARNING: The \u003ccode\u003e5.8.x\u003c/code\u003e branch does not have all of the improvements from the \u003ccode\u003e6.x.x\u003c/code\u003e branches. See \u0026quot;Status (5.8.x)\u0026quot; for which steps are still manual.\u003c/p\u003e\n\u003cp\u003eIn case of a failure, you can follow the links below to read about each step, which includes instructions for performing the step manually if applicable.\nSee \u0026lt;\u0026lt;frequently-asked-questions,FAQ\u0026gt;\u0026gt; for troubleshooting tips.\u003c/p\u003e\n\u003cp\u003e[cols=\u0026quot;1,1,1\u0026quot;]\n|===\n| Step | Status (5.8.x) | Status (6.0.x+)\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u0026lt;close-create-milestone,Close milestone\u0026gt;\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/3.1.7.RELEASE...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-web` from 3.1.7.RELEASE to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc\"\u003eorg.springframework.security:spring-security-web's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e= Release Process\u003c/p\u003e\n\u003cp\u003eThe release process for Spring Security is entirely automated via the \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc%5BSpring\"\u003ehttps://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc[Spring\u003c/a\u003e Security Release Plugin] and \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows%5Breusable\"\u003ehttps://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows[reusable\u003c/a\u003e workflows].\nThe following table outlines the steps that are taken by the automation.\u003c/p\u003e\n\u003cp\u003eWARNING: The \u003ccode\u003e5.8.x\u003c/code\u003e branch does not have all of the improvements from the \u003ccode\u003e6.x.x\u003c/code\u003e branches. See \u0026quot;Status (5.8.x)\u0026quot; for which steps are still manual.\u003c/p\u003e\n\u003cp\u003eIn case of a failure, you can follow the links below to read about each step, which includes instructions for performing the step manually if applicable.\nSee \u0026lt;\u0026lt;frequently-asked-questions,FAQ\u0026gt;\u0026gt; for troubleshooting tips.\u003c/p\u003e\n\u003cp\u003e[cols=\u0026quot;1,1,1\u0026quot;]\n|===\n| Step | Status (5.8.x) | Status (6.0.x+)\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u0026lt;close-create-milestone,Close milestone\u0026gt;\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/3.1.7.RELEASE...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.5.3.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.3.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.12.0 to 3.18.0\n\nUpdates `com.h2database:h2` from 1.3.176 to 2.2.220\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/h2database/h2database/releases\"\u003ecom.h2database:h2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.220\u003c/h2\u003e\n\u003cp\u003eChanges since 2.1.214 release:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/h2database/h2database/commits/version-2.2.220\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.solr:solr-core` from 1.4.1 to 9.8.0\n\nUpdates `org.springframework:spring-core` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-beans` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-expression` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-core` from 3.1.7.RELEASE to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode...\n\n_Description has been truncated_","html_url":"https://github.com/djdiakametavers/opencast/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/djdiakametavers%2Fopencast/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"3677438184","node_id":"PR_kwDOQfm7Uc62KO7P","number":8,"state":"open","title":"deps: bump the minor-and-patch group in /backend with 13 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-30T06:29:24.000Z","updated_at":"2025-11-30T06:29:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: bump","group_name":"minor-and-patch","update_count":13,"packages":[{"name":"io.jsonwebtoken:jjwt-api","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-impl","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-jackson","old_version":"0.11.5","new_version":"0.13.0"},{"name":"org.projectlombok:lombok","old_version":"1.18.30","new_version":"1.18.42","repository_url":"https://github.com/projectlombok/lombok"},{"name":"io.opentelemetry.instrumentation:opentelemetry-spring-boot-starter","old_version":"2.0.0-alpha","new_version":"2.22.0","repository_url":"https://github.com/open-telemetry/opentelemetry-java-instrumentation"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.3","new_version":"1.4.0","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.passay:passay","old_version":"1.6.3","new_version":"1.6.6","repository_url":"https://github.com/vt-middleware/passay"},{"name":"org.mapstruct:mapstruct","old_version":"1.5.5.Final","new_version":"1.6.3","repository_url":"https://github.com/mapstruct/mapstruct"},{"name":"org.owasp.esapi:esapi","old_version":"2.5.3.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.jsoup:jsoup","old_version":"1.16.1","new_version":"1.21.2","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.mapstruct:mapstruct-processor","old_version":"1.5.5.Final","new_version":"1.6.3","repository_url":"https://github.com/mapstruct/mapstruct"},{"name":"org.jacoco:jacoco-maven-plugin","old_version":"0.8.11","new_version":"0.8.14","repository_url":"https://github.com/jacoco/jacoco"},{"name":"org.apache.maven.plugins:maven-compiler-plugin","old_version":"3.11.0","new_version":"3.14.1","repository_url":"https://github.com/apache/maven-compiler-plugin"}],"path":"/backend","ecosystem":"maven"},"body":"Bumps the minor-and-patch group in /backend with 13 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| io.jsonwebtoken:jjwt-jackson | `0.11.5` | `0.13.0` |\n| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.30` | `1.18.42` |\n| [io.opentelemetry.instrumentation:opentelemetry-spring-boot-starter](https://github.com/open-telemetry/opentelemetry-java-instrumentation) | `2.0.0-alpha` | `2.22.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.3` | `1.4.0` |\n| [org.passay:passay](https://github.com/vt-middleware/passay) | `1.6.3` | `1.6.6` |\n| [org.mapstruct:mapstruct](https://github.com/mapstruct/mapstruct) | `1.5.5.Final` | `1.6.3` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.7.0.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.16.1` | `1.21.2` |\n| [org.mapstruct:mapstruct-processor](https://github.com/mapstruct/mapstruct) | `1.5.5.Final` | `1.6.3` |\n| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.11` | `0.8.14` |\n| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.11.0` | `3.14.1` |\n\nUpdates `io.jsonwebtoken:jjwt-api` from 0.11.5 to 0.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/releases\"\u003eio.jsonwebtoken:jjwt-api's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.13.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the last minor JJWT release branch that will support Java 7\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eAny necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including \u003ca href=\"https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8\"\u003eJava 8 compatible changes\u003c/a\u003e, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release contains a single change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims  type converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance. Thank you to \u003ca href=\"https://github.com/kesrishubham2510\"\u003e\u003ccode\u003e@​kesrishubham2510\u003c/code\u003e\u003c/a\u003e for PR \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.7\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM! This is useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigpwned\"\u003e\u003ccode\u003e@​sigpwned\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/968\"\u003ejwtk/jjwt#968\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TheMrMilchmann\"\u003e\u003ccode\u003e@​TheMrMilchmann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/979\"\u003ejwtk/jjwt#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/atanasg\"\u003e\u003ccode\u003e@​atanasg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/974\"\u003ejwtk/jjwt#974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.6\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003ejwtk/jjwt#947\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md\"\u003eio.jsonwebtoken:jjwt-api's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e0.13.0\u003c/h3\u003e\n\u003cp\u003eThis is the last minor JJWT release branch that will support Java 7. Any necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including Java 8 compatible changes, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis \u003ccode\u003e0.13.0\u003c/code\u003e minor release has only one change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims\ntype converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance.  See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.7\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM, useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.6\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See\n\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003eIssue 947\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a \u003ccode\u003ezip\u003c/code\u003e header of \u003ccode\u003eGZIP\u003c/code\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/949\"\u003eIssue 949\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUpgrades BouncyCastle to 1.78 via \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/941\"\u003ePR 941\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsures that a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e list member is no longer considered secret and is not redacted by default. However, each individual JWK element within the \u003ccode\u003ekeys\u003c/code\u003e list may still have \u003ca href=\"https://github.com/jwtk/jjwt?tab=readme-ov-file#jwk-tostring-safety\"\u003eredacted private or secret members\u003c/a\u003e as expected. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.5\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that builders' \u003ccode\u003eNestedCollection\u003c/code\u003e changes are applied to the collection immediately as mutation methods are called, no longer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b\"\u003e\u003ccode\u003ea757add\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 0.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d\"\u003e\u003ccode\u003ee357463\u003c/code\u003e\u003c/a\u003e Preparing for the 0.13.0 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342\"\u003e\u003ccode\u003eb6f8cb8\u003c/code\u003e\u003c/a\u003e Made constructor public to allow users their own objectMapper instance (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14\"\u003e\u003ccode\u003e03f088a\u003c/code\u003e\u003c/a\u003e Bumping development version to 0.13.0-SNAPSHOT (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1014\"\u003e#1014\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca\"\u003e\u003ccode\u003e3f2697f\u003c/code\u003e\u003c/a\u003e Release 0.12.7 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1012\"\u003e#1012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9\"\u003e\u003ccode\u003eefed1cf\u003c/code\u003e\u003c/a\u003e Updated 0.12.7 change list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8\"\u003e\u003ccode\u003eca27b12\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1010\"\u003e#1010\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478\"\u003e\u003ccode\u003e55c7b9a\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/771\"\u003e#771\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e\"\u003e\u003ccode\u003e6e9c6a5\u003c/code\u003e\u003c/a\u003e Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/7ec7dd1a19a38a1829903f88b9512697bfb7be3c\"\u003e\u003ccode\u003e7ec7dd1\u003c/code\u003e\u003c/a\u003e Enable JwtParser empty nested algorithm collections. (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.11.5...0.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.jsonwebtoken:jjwt-impl` from 0.11.5 to 0.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/releases\"\u003eio.jsonwebtoken:jjwt-impl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.13.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the last minor JJWT release branch that will support Java 7\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eAny necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including \u003ca href=\"https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8\"\u003eJava 8 compatible changes\u003c/a\u003e, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release contains a single change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims  type converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance. Thank you to \u003ca href=\"https://github.com/kesrishubham2510\"\u003e\u003ccode\u003e@​kesrishubham2510\u003c/code\u003e\u003c/a\u003e for PR \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.7\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM! This is useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigpwned\"\u003e\u003ccode\u003e@​sigpwned\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/968\"\u003ejwtk/jjwt#968\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TheMrMilchmann\"\u003e\u003ccode\u003e@​TheMrMilchmann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/979\"\u003ejwtk/jjwt#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/atanasg\"\u003e\u003ccode\u003e@​atanasg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/974\"\u003ejwtk/jjwt#974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.6\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003ejwtk/jjwt#947\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md\"\u003eio.jsonwebtoken:jjwt-impl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e0.13.0\u003c/h3\u003e\n\u003cp\u003eThis is the last minor JJWT release branch that will support Java 7. Any necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including Java 8 compatible changes, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis \u003ccode\u003e0.13.0\u003c/code\u003e minor release has only one change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims\ntype converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance.  See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.7\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM, useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.6\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See\n\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003eIssue 947\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a \u003ccode\u003ezip\u003c/code\u003e header of \u003ccode\u003eGZIP\u003c/code\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/949\"\u003eIssue 949\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUpgrades BouncyCastle to 1.78 via \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/941\"\u003ePR 941\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsures that a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e list member is no longer considered secret and is not redacted by default. However, each individual JWK element within the \u003ccode\u003ekeys\u003c/code\u003e list may still have \u003ca href=\"https://github.com/jwtk/jjwt?tab=readme-ov-file#jwk-tostring-safety\"\u003eredacted private or secret members\u003c/a\u003e as expected. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.5\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that builders' \u003ccode\u003eNestedCollection\u003c/code\u003e changes are applied to the collection immediately as mutation methods are called, no longer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b\"\u003e\u003ccode\u003ea757add\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 0.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d\"\u003e\u003ccode\u003ee357463\u003c/code\u003e\u003c/a\u003e Preparing for the 0.13.0 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342\"\u003e\u003ccode\u003eb6f8cb8\u003c/code\u003e\u003c/a\u003e Made constructor public to allow users their own objectMapper instance (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14\"\u003e\u003ccode\u003e03f088a\u003c/code\u003e\u003c/a\u003e Bumping development version to 0.13.0-SNAPSHOT (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1014\"\u003e#1014\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca\"\u003e\u003ccode\u003e3f2697f\u003c/code\u003e\u003c/a\u003e Release 0.12.7 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1012\"\u003e#1012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9\"\u003e\u003ccode\u003eefed1cf\u003c/code\u003e\u003c/a\u003e Updated 0.12.7 change list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8\"\u003e\u003ccode\u003eca27b12\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1010\"\u003e#1010\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478\"\u003e\u003ccode\u003e55c7b9a\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/771\"\u003e#771\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e\"\u003e\u003ccode\u003e6e9c6a5\u003c/code\u003e\u003c/a\u003e Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/7ec7dd1a19a38a1829903f88b9512697bfb7be3c\"\u003e\u003ccode\u003e7ec7dd1\u003c/code\u003e\u003c/a\u003e Enable JwtParser empty nested algorithm collections. (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.11.5...0.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.jsonwebtoken:jjwt-jackson` from 0.11.5 to 0.13.0\n\nUpdates `io.jsonwebtoken:jjwt-impl` from 0.11.5 to 0.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/releases\"\u003eio.jsonwebtoken:jjwt-impl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.13.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the last minor JJWT release branch that will support Java 7\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eAny necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including \u003ca href=\"https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8\"\u003eJava 8 compatible changes\u003c/a\u003e, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release contains a single change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims  type converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance. Thank you to \u003ca href=\"https://github.com/kesrishubham2510\"\u003e\u003ccode\u003e@​kesrishubham2510\u003c/code\u003e\u003c/a\u003e for PR \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.7\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM! This is useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigpwned\"\u003e\u003ccode\u003e@​sigpwned\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/968\"\u003ejwtk/jjwt#968\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TheMrMilchmann\"\u003e\u003ccode\u003e@​TheMrMilchmann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/979\"\u003ejwtk/jjwt#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/atanasg\"\u003e\u003ccode\u003e@​atanasg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/974\"\u003ejwtk/jjwt#974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.6\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003ejwtk/jjwt#947\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md\"\u003eio.jsonwebtoken:jjwt-impl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e0.13.0\u003c/h3\u003e\n\u003cp\u003eThis is the last minor JJWT release branch that will support Java 7. Any necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including Java 8 compatible changes, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis \u003ccode\u003e0.13.0\u003c/code\u003e minor release has only one change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims\ntype converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance.  See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.7\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM, useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.6\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See\n\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003eIssue 947\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a \u003ccode\u003ezip\u003c/code\u003e header of \u003ccode\u003eGZIP\u003c/code\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/949\"\u003eIssue 949\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUpgrades BouncyCastle to 1.78 via \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/941\"\u003ePR 941\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsures that a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e list member is no longer considered secret and is not redacted by default. However, each individual JWK element within the \u003ccode\u003ekeys\u003c/code\u003e list may still have \u003ca href=\"https://github.com/jwtk/jjwt?tab=readme-ov-file#jwk-tostring-safety\"\u003eredacted private or secret members\u003c/a\u003e as expected. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.5\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that builders' \u003ccode\u003eNestedCollection\u003c/code\u003e changes are applied to the collection immediately as mutation methods are called, no longer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b\"\u003e\u003ccode\u003ea757add\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 0.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d\"\u003e\u003ccode\u003ee357463\u003c/code\u003e\u003c/a\u003e Preparing for the 0.13.0 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342\"\u003e\u003ccode\u003eb6f8cb8\u003c/code\u003e\u003c/a\u003e Made constructor public to allow users their own objectMapper instance (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14\"\u003e\u003ccode\u003e03f088a\u003c/code\u003e\u003c/a\u003e Bumping development version to 0.13.0-SNAPSHOT (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1014\"\u003e#1014\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca\"\u003e\u003ccode\u003e3f2697f\u003c/code\u003e\u003c/a\u003e Release 0.12.7 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1012\"\u003e#1012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9\"\u003e\u003ccode\u003eefed1cf\u003c/code\u003e\u003c/a\u003e Updated 0.12.7 change list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8\"\u003e\u003ccode\u003eca27b12\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1010\"\u003e#1010\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478\"\u003e\u003ccode\u003e55c7b9a\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/771\"\u003e#771\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e\"\u003e\u003ccode\u003e6e9c6a5\u003c/code\u003e\u003c/a\u003e Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/7ec7dd1a19a38a1829903f88b9512697bfb7be3c\"\u003e\u003ccode\u003e7ec7dd1\u003c/code\u003e\u003c/a\u003e Enable JwtParser empty nested algorithm collections. (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.11.5...0.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.jsonwebtoken:jjwt-jackson` from 0.11.5 to 0.13.0\n\nUpdates `org.projectlombok:lombok` from 1.18.30 to 1.18.42\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown\"\u003eorg.projectlombok:lombok's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003ev1.18.42 (September 18th, 2025)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFEATURE: All the various \u003ccode\u003e@Log\u003c/code\u003e annotations now allow you to change their access level (they still default to \u003ccode\u003eprivate\u003c/code\u003e). \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2280\"\u003e#2280\u003c/a\u003e. Thanks to new contributor Liam Pace!\u003c/li\u003e\n\u003cli\u003eBUGFIX: Javadoc parsing was broken in Netbeans and ErrorProne for JDK25 \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3940\"\u003e#3940\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.40 (September 4th, 2025)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: JDK25 support added \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3859\"\u003e#3859\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBUGFIX: Recent versions of eclipse (or the eclipse-based java lang server for VSCode) caused \u003ccode\u003ejava.lang.IllegalArgumentException: Document does not match the AST\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3886\"\u003e#3886\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3886\"\u003eprojectlombok/lombok#3886\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePERFORMANCE: \u003ccode\u003e@ExtensionMethod\u003c/code\u003e is now significantly faster [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3866\"\u003e#3866\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3866\"\u003eprojectlombok/lombok#3866\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: the command line \u003ccode\u003econfig\u003c/code\u003e tool would emit incorrect output for nullity annotations. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3931\"\u003e#3931\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3931\"\u003eprojectlombok/lombok#3931\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFEATURE: \u003ccode\u003e@Jacksonized @Accessors(fluent=true)\u003c/code\u003e automatically creates the relevant annotations such that Jackson correctly identifies fluent accessors. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3265\"\u003e#3265\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3265\"\u003eprojectlombok/lombok#3265\u003c/a\u003e), [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3270\"\u003e#3270\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3270\"\u003eprojectlombok/lombok#3270\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: From versions 1.18.16 to 1.18.38, lombok automatically copies certain Jackson annotations (e.g., \u003ccode\u003e@JsonProperty\u003c/code\u003e) from fields to the corresponding accessors (getters/setters). However, it turned out to be harmful in certain situations. Thus, Lombok does not automatically copy those annotations any more. You can restore the old behavior using the \u003ca href=\"https://projectlombok.org/features/configuration\"\u003econfig key\u003c/a\u003e \u003ccode\u003elombok.copyJacksonAnnotationsToAccessors = true\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.38 (March 31st, 2025)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: JDK24 support added.\u003c/li\u003e\n\u003cli\u003eFEATURE: Lombok's nullity annotation now supports \u003ca href=\"https://jspecify.dev\"\u003eJSpecify\u003c/a\u003e out of the box, using \u003ca href=\"https://projectlombok.org/features/configuration\"\u003econfig key\u003c/a\u003e \u003ccode\u003ejspecify\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eBUGFIX: Recent eclipse releases would get you 'negative length' error. The bug had always been in lombok but didn't matter until recent releases. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3823\"\u003e#3823\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3823\"\u003eprojectlombok/lombok#3823\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: The 'extract local variable' refactor script of VSCode wouldn't replace all occurrences if run on a method call to a lombok generated method. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3783\"\u003e#3783\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3783\"\u003eprojectlombok/lombok#3783\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.36 (November 15th, 2024)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: JDK23 support added.\u003c/li\u003e\n\u003cli\u003eBUGFIX: Eclipse projects using the \u003ccode\u003ecom.pro-crafting.tools:jasperreports-maven-plugin\u003c/code\u003e will now compile.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.34 (June 28th, 2024)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: Added support for Eclipse 2024-06; you'd get some \u003ccode\u003eNoSuchMethodError\u003c/code\u003e traces in your logs if using \u003ccode\u003e@Builder\u003c/code\u003e or \u003ccode\u003e@Singular\u003c/code\u003e prior to this fix. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3638\"\u003e#3638\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3638\"\u003eprojectlombok/lombok#3638\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: Lombok now adds \u003ccode\u003e@lombok.Generated\u003c/code\u003e by default to methods and types it generates. This may result in accidentally increasing your test coverage percentage. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3667\"\u003e#3667\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3667\"\u003eprojectlombok/lombok#3667\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: When \u003ccode\u003elombok.config\u003c/code\u003e contains \u003ccode\u003elombok.onX.flagUsage = WARNING\u003c/code\u003e, from now on warnings will actually be generated if onX is used.[Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2848\"\u003e#2848\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2848\"\u003eprojectlombok/lombok#2848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBUGFIX: When \u003ccode\u003e@SuperBuilder\u003c/code\u003e was used on a type with an generic array type, it would error \u003ccode\u003ewrong number of type arguments\u003c/code\u003e.  [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3694\"\u003e#3694\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3694\"\u003eprojectlombok/lombok#3694\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFEATURE: Lombok generates javadoc for you for most of the methods it adds; with this release, javadoc is also added to generated constructors. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/933\"\u003e#933\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/933\"\u003eprojectlombok/lombok#933\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.32 (March 20th, 2024)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: Initial JDK22 support added.\u003c/li\u003e\n\u003cli\u003ePLAFTORM  Added support for Eclipse 2024-03. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3620\"\u003e#3620\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3620\"\u003eprojectlombok/lombok#3620\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePLATFORM: Added support for recent versions of eclipse (released Q4 2023 or later or so) which would cause failures in the eclipse logs such as \u003ccode\u003ejava.lang.NoSuchMethodError: 'java.lang.StringBuffer org.eclipse.jdt…\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3564\"\u003e#3564\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3564\"\u003eprojectlombok/lombok#3564\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFEATURE: \u003ccode\u003e@Locked\u003c/code\u003e has been introduced. Like \u003ccode\u003e@Synchronized\u003c/code\u003e but with \u003ccode\u003ejava.util.concurrent.locks\u003c/code\u003e locks instead of the \u003ccode\u003esynchronized\u003c/code\u003e primitive. Thanks, Pim van der Loos for the PR! [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3506\"\u003e#3506\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3506\"\u003eprojectlombok/lombok#3506\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eNECROMANCY: Inlining a generated getter in eclipse would result in eclipse incorrectly replacing calls with \u003ccode\u003e@Getter\u003c/code\u003e instead of the actual field's name. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/562\"\u003e#562\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/562\"\u003eprojectlombok/lombok#562\u003c/a\u003e). This issue is almost old enough to drink. Points for dedication go to Rawi for fixing this one.\u003c/li\u003e\n\u003cli\u003eBUGFIX: When \u003ccode\u003e@SuperBuilder\u003c/code\u003e was used on a type with an annotated generic type, it would error \u003ccode\u003ewrong number of type arguments\u003c/code\u003e.  [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3592\"\u003e#3592\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3592\"\u003eprojectlombok/lombok#3592\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: It was possible to create an infinite build loop using \u003ccode\u003e@ExtensionMethod\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3225\"\u003e#3225\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3225\"\u003eprojectlombok/lombok#3225\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: Using \u003ccode\u003e@Getter(lazy=true)\u003c/code\u003e would fail if the expression contained a variable called \u003ccode\u003evalue\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2917\"\u003e#2917\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2917\"\u003eprojectlombok/lombok#2917\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: Many lombok features wouldn't work properly on records contained within an outer type unless you explicitly marked it \u003ccode\u003estatic\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3497\"\u003e#3497\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3497\"\u003eprojectlombok/lombok#3497\u003c/a\u003e) [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3559\"\u003e#3559\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3559\"\u003eprojectlombok/lombok#3559\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: Eclipse projects using the \u003ccode\u003ecom.pro-crafting.tools:jasperreports-plugin\u003c/code\u003e will now compile.\u003c/li\u003e\n\u003cli\u003eBUGFIX: \u003ccode\u003e@FieldNameConstants\u003c/code\u003e now works when generated fields are involved. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3529\"\u003e#3529\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3529\"\u003eprojectlombok/lombok#3529\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: For JSpecify, the package name changed from \u003ccode\u003eorg.jspecify.nullness\u003c/code\u003e to \u003ccode\u003eorg.jspecify.annotations\u003c/code\u003e, which might lead to a different null analysis. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3608\"\u003e#3608\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/pull/3608\"\u003eprojectlombok/lombok#3608\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/2031eb0880942b5f0b7281580f6e877a3e87279a\"\u003e\u003ccode\u003e2031eb0\u003c/code\u003e\u003c/a\u003e [release] pre-release version bump for v1.18.42\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/c95a6c127e58868a16869254e47bbe2598f8c82f\"\u003e\u003ccode\u003ec95a6c1\u003c/code\u003e\u003c/a\u003e Merge branch 'logger-access'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/71d85caef501ce987f26e498154574489dbe36ee\"\u003e\u003ccode\u003e71d85ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2280\"\u003e#2280\u003c/a\u003e Add delivery of this '\u003ccode\u003eaccess\u003c/code\u003e for logging' to the changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/99ba3e31daee7772af4eb712b0a108acdbc86962\"\u003e\u003ccode\u003e99ba3e3\u003c/code\u003e\u003c/a\u003e [trivial] Slightly reworded the javadoc on each \u003ccode\u003e@Log\u003c/code\u003e annotation's `access()...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/e9cf11ef01081ee1e4446666afadf36368939e96\"\u003e\u003ccode\u003ee9cf11e\u003c/code\u003e\u003c/a\u003e [trivial][style]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/a6d556856cec89be2786e5598d904497d13ed5be\"\u003e\u003ccode\u003ea6d5568\u003c/code\u003e\u003c/a\u003e [deprecation] Marked \u003ccode\u003eAccessLevel.MODULE\u003c/code\u003e as deprecated. It was written for a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/492011df4fa72dfa9bb2a5cef38199fb292253be\"\u003e\u003ccode\u003e492011d\u003c/code\u003e\u003c/a\u003e Refactored to use Javac/Eclipse utility function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/c1f7f660c596ed65997974b70b0eecb0675c43f1\"\u003e\u003ccode\u003ec1f7f66\u003c/code\u003e\u003c/a\u003e Update copyright in logger files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/f63f40aa48eee97d9bb99416cfe252a104420e29\"\u003e\u003ccode\u003ef63f40a\u003c/code\u003e\u003c/a\u003e Add myself to AUTHORS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/9152c3408f7f058e40db570b38fc5ccb46149ae8\"\u003e\u003ccode\u003e9152c34\u003c/code\u003e\u003c/a\u003e Fix failing tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/projectlombok/lombok/compare/v1.18.30...v1.18.42\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.opentelemetry.instrumentation:opentelemetry-spring-boot-starter` from 2.0.0-alpha to 2.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases\"\u003eio.opentelemetry.instrumentation:opentelemetry-spring-boot-starter's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.22.0\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.56.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch3\u003e⚠️ Breaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAWS SDK 2.x attributes updated to align with semantic conventions (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15028\"\u003e#15028\u003c/a\u003e)  - The following attributes have been renamed:  - \u003ccode\u003eaws.bucket.name\u003c/code\u003e (S3) → \u003ccode\u003eaws.s3.bucket\u003c/code\u003e  - \u003ccode\u003eaws.queue.url\u003c/code\u003e (SQS) → \u003ccode\u003eaws.sqs.queue.url\u003c/code\u003e  - \u003ccode\u003eaws.stream.name\u003c/code\u003e (Kinesis) → \u003ccode\u003eaws.kinesis.stream_name\u003c/code\u003e  - \u003ccode\u003eaws.table.name\u003c/code\u003e (DynamoDB) → \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e  - \u003ccode\u003eaws.dynamodb.provisioned_throughput.read_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_read_capacity\u003c/code\u003e (type changed from long to double)  - \u003ccode\u003eaws.dynamodb.provisioned_throughput.write_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_write_capacity\u003c/code\u003e (type changed from long to double)  - \u003ccode\u003eaws.dynamodb.exclusive_start_table_name\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.exclusive_start_table\u003c/code\u003e  - \u003ccode\u003eaws.dynamodb.projection_expression\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.projection\u003c/code\u003e  - \u003ccode\u003eaws.dynamodb.scan_index_forward\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.scan_forward\u003c/code\u003e  - The following attribute types have changed:  - \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.consumed_capacity\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.global_secondary_indexes\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.local_secondary_indexes\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.consistent_read\u003c/code\u003e: string → boolean  - \u003ccode\u003eaws.dynamodb.table_count\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.limit\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.attributes_to_get\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.segment\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.total_segments\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.count\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.scanned_count\u003c/code\u003e: string → long  - The following attributes are no longer emitted by default but can be enabled with \u003ccode\u003eotel.instrumentation.aws-sdk.experimental-span-attributes=true\u003c/code\u003e:  - \u003ccode\u003eaws.queue.name\u003c/code\u003e (SQS)  - \u003ccode\u003eaws.lambda.function.name\u003c/code\u003e (Lambda)  - \u003ccode\u003eaws.lambda.function.arn\u003c/code\u003e (Lambda)\u003c/li\u003e\n\u003cli\u003eJDBC library data source instrumentation now disabled by default (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15074\"\u003e#15074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eJMX state metrics unit changed from empty string to \u003ccode\u003e1\u003c/code\u003e to align with semantic conventions (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15093\"\u003e#15093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAWS SDK 1.x attributes updated to align with semantic conventions (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15094\"\u003e#15094\u003c/a\u003e)  - Only affects users with \u003ccode\u003eotel.instrumentation.aws-sdk.experimental-span-attributes=true\u003c/code\u003e  - The following attributes have been renamed and are now emitted by default (no experimental flag required):  - \u003ccode\u003eaws.bucket.name\u003c/code\u003e (S3) → \u003ccode\u003eaws.s3.bucket\u003c/code\u003e  - \u003ccode\u003eaws.queue.url\u003c/code\u003e (SQS) → \u003ccode\u003eaws.sqs.queue.url\u003c/code\u003e  - \u003ccode\u003eaws.stream.name\u003c/code\u003e (Kinesis) → \u003ccode\u003eaws.kinesis.stream_name\u003c/code\u003e  - \u003ccode\u003eaws.table.name\u003c/code\u003e (DynamoDB) → \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFinatra controller spans now disabled by default to match other controller spans (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15118\"\u003e#15118\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNetty HTTP request wrapper class renamed from HttpRequestAndChannel to NettyRequest (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15247\"\u003e#15247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eJSP compile spans now disabled by default to match other view spans (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15261\"\u003e#15261\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚫 Deprecations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTracingConsumerInterceptor and TracingProducerInterceptor deprecated in favor of new configurable interceptors (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14929\"\u003e#14929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVarious builder methods updated to use UnaryOperator\u003c!-- raw HTML omitted --\u003e instead of Function\u0026lt;X, X\u0026gt; (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15101\"\u003e#15101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDbClientCommonAttributesGetter deprecated in favor of DbClientAttributesGetter (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15139\"\u003e#15139\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🌟 New javaagent instrumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JFinal instrumentation (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15216\"\u003e#15216\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📈 Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid Unsafe usage on Java 23+ (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14855\"\u003e#14855\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15091\"\u003e#15091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Azure SDK instrumentation so \u003ccode\u003eaz.namespace\u003c/code\u003e can be used for sampling (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15068\"\u003e#15068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSpring Boot Starter: Add cache to reduce environment variable lookups (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15132\"\u003e#15132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHTTP instrumentations now emit semantic convention schema URL (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15144\"\u003e#15144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded instrumentation support for AsyncHttpClient version 1.8 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15195\"\u003e#15195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInstrumenter customizer now receives instrumentation type (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15227\"\u003e#15227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Spring Framework 7.0 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15287\"\u003e#15287\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15299\"\u003e#15299\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15301\"\u003e#15301\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15304\"\u003e#15304\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15311\"\u003e#15311\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15362\"\u003e#15362\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15371\"\u003e#15371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded span status customizer to incubating InstrumenterCustomizer API (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15288\"\u003e#15288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded configuration options for sqlcommenter (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15169\"\u003e#15169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGraphQL instrumentation now records data fetcher errors (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15289\"\u003e#15289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd http client url template customizer (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15217\"\u003e#15217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIntroduce idiomatic \u003ccode\u003eJmxTelemetry\u003c/code\u003e API for JMX metrics library (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15220\"\u003e#15220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd instrumentation for OpenTelemetry API incubator's \u003ccode\u003eExtendedOpenTelemetry\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15178\"\u003e#15178\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix missing \u003ccode\u003epeer.service\u003c/code\u003e in Netty HTTP spans (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14963\"\u003e#14963\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Couchbase span kind to be \u003ccode\u003eCLIENT\u003c/code\u003e instead of \u003ccode\u003eINTERNAL\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14995\"\u003e#14995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLink attributes are now bridged to the Java agent when using OpenTelemetry API (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15143\"\u003e#15143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePotential race condition in JFR runtime metrics initialization fixed (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15231\"\u003e#15231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRegression fixed related to context propagation when using Spring \u003ccode\u003e@EnableAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15249\"\u003e#15249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDeclarative configuration now uses snake_case for distro resource provider attribute name (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15260\"\u003e#15260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLogback appender fixed to capture Logstash \u003ccode\u003eStructuredArguments.entries()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15341\"\u003e#15341\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/CHANGELOG.md\"\u003eio.opentelemetry.instrumentation:opentelemetry-spring-boot-starter's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.22.0 (2025-11-20)\u003c/h2\u003e\n\u003ch3\u003e⚠️ Breaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAWS SDK 2.x attributes updated to align with semantic conventions\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15028\"\u003e#15028\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe following attributes have been renamed:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaws.bucket.name\u003c/code\u003e (S3) → \u003ccode\u003eaws.s3.bucket\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.queue.url\u003c/code\u003e (SQS) → \u003ccode\u003eaws.sqs.queue.url\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.stream.name\u003c/code\u003e (Kinesis) → \u003ccode\u003eaws.kinesis.stream_name\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.table.name\u003c/code\u003e (DynamoDB) → \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.provisioned_throughput.read_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_read_capacity\u003c/code\u003e (type changed from long to double)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.provisioned_throughput.write_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_write_capacity\u003c/code\u003e (type changed from long to double)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.exclusive_start_table_name\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.exclusive_start_table\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.projection_expression\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.projection\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.scan_index_forward\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.scan_forward\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eThe following attribute types have changed:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.consumed_capacity\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.global_secondary_indexes\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.local_secondary_indexes\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.consistent_read\u003c/code\u003e: string → boolean\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.table_count\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.limit\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.attributes_to_get\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.segment\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.total_segments\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.count\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.scanned_count\u003c/code\u003e: string → long\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eThe following attributes are no longer emitted by default but can be enabled with\n\u003ccode\u003eotel.instrumentation.aws-sdk.experimental-span-attributes=true\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaws.queue.name\u003c/code\u003e (SQS)\u003c/l...\n\n_Description has been truncated_","html_url":"https://github.com/Yoriyoi-drop/Domian_name_.nexa/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Yoriyoi-drop%2FDomian_name_.nexa/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"3602141390","node_id":"PR_kwDOQRb2v86yO5aZ","number":1,"state":"open","title":"Bump the all-version group with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-07T21:52:16.000Z","updated_at":"2025-11-08T22:39:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-version","update_count":7,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"2.6.7","new_version":"3.5.7","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"commons-io:commons-io","old_version":"2.6","new_version":"2.21.0","repository_url":"https://github.com/apache/commons-io"},{"name":"org.apache.commons:commons-collections4","old_version":"4.0","new_version":"4.5.0"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.1","new_version":"1.3.1","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.maven.plugins:maven-assembly-plugin","old_version":"3.1.1","new_version":"3.7.1","repository_url":"https://github.com/apache/maven-assembly-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-version group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `2.6.7` | `3.5.7` |\n| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.6` | `2.21.0` |\n| org.apache.commons:commons-collections4 | `4.0` | `4.5.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.1` | `1.3.1` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.7.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.7.1` |\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 2.6.7 to 3.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TWENTY_FIVE to JavaVersion enum \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47609\"\u003e#47609\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSigned jar verification fails when nested in an uber war running on an Oracle JVM \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47771\"\u003e#47771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIn an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47737\"\u003e#47737\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHomebrew formula for the CLI should use libexec \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47722\"\u003e#47722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47717\"\u003e#47717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47678\"\u003e#47678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnBeanCondition no longer correctly finds annotations on scoped target proxy beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47635\"\u003e#47635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavaVersion doesn't work reliably in native-image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47620\"\u003e#47620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47346\"\u003e#47346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLauncher fails to find main method when it is parameterless \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47311\"\u003e#47311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackage private Main class using Java 25 is not found by build plugins \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47309\"\u003e#47309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBitnami legacy images are not automatically detected \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47275\"\u003e#47275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMaven plugin does not provide an easy way to exclude optional dependencies from uber jar \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/25403\"\u003e#25403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSome spring.test.* properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47775\"\u003e#47775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency management for Maven AntRun Plugin is missing changelog link \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47744\"\u003e#47744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeveloping Your First Spring Boot Application has outdated tools \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47700\"\u003e#47700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude deprecated configuration properties in the reference documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47669\"\u003e#47669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAggregated Javadoc should link to the proper version of JakartaEE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47593\"\u003e#47593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate javadoc of TestRestTemplate following change to redirect behavior \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47474\"\u003e#47474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse non-deprecated syntax to configure sourceCompatibility \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47343\"\u003e#47343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix link to Framework's \u003ccode\u003e@Bean\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47330\"\u003e#47330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate managed dependency version override examples in documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47306\"\u003e#47306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ActiveMQ 6.1.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47767\"\u003e#47767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47525\"\u003e#47525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47526\"\u003e#47526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47527\"\u003e#47527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Cassandra Driver 4.19.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47768\"\u003e#47768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47528\"\u003e#47528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47671\"\u003e#47671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Glassfish JAXB 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47529\"\u003e#47529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to GraphQL Java 24.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47755\"\u003e#47755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 4.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47713\"\u003e#47713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.33.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47530\"\u003e#47530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47531\"\u003e#47531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpCore5 5.3.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47532\"\u003e#47532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta Mail 2.1.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47533\"\u003e#47533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta XML Bind 4.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47242\"\u003e#47242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47728\"\u003e#47728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/d3152ea442dcb70976ca7fbe9ad818e67438967f\"\u003e\u003ccode\u003ed3152ea\u003c/code\u003e\u003c/a\u003e Release v3.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/af07358549ca23f95decb5f6d1ccb239d78f7ddc\"\u003e\u003ccode\u003eaf07358\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b0bef35478cfad7efcc3d065cd6b2652703ef1d6\"\u003e\u003ccode\u003eb0bef35\u003c/code\u003e\u003c/a\u003e Document missing spring.test.* properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/6683d0f49665a14821b5f6165a04d68bc29da755\"\u003e\u003ccode\u003e6683d0f\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/5ba3642364fda0988902ac3456ba8c4530ae7ec5\"\u003e\u003ccode\u003e5ba3642\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.12-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/59aba4e54d75bad73b744667dc08cfb19b7febfb\"\u003e\u003ccode\u003e59aba4e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4525a0c3d4221aa26f0b5cedca56d282ae231ad1\"\u003e\u003ccode\u003e4525a0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47284\"\u003e#47284\u003c/a\u003e from DKARAGODIN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/43d91aee384e83b6e4d3a2195141547d8c1f315e\"\u003e\u003ccode\u003e43d91ae\u003c/code\u003e\u003c/a\u003e Write signature files to uber wars for Oracle Java 17 verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/eaad688dd253601e47b96746a4fe3d51dec1194d\"\u003e\u003ccode\u003eeaad688\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Batch 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/edee2de8371dd8d2f25c1fec1121a80849959817\"\u003e\u003ccode\u003eedee2de\u003c/code\u003e\u003c/a\u003e Upgrade to Cassandra Driver 4.19.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v2.6.7...v3.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.6 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt\"\u003ecommons-io:commons-io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eApache Commons IO 2.21.0 Release Notes\u003c/p\u003e\n\u003cp\u003eThe Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.\u003c/p\u003e\n\u003ch2\u003eIntroduction\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons IO library contains utility classes, stream implementations, file filters,\nfile comparators, endian transformation classes, and much more.\u003c/p\u003e\n\u003cp\u003eVersion 2.21.0: Java 8 or later is required.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cp\u003eo          FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_RB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_QB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory.\no          Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz.\no          Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz.\no          Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory.\no          Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory.\no          Add IOIterable.asIterable(). Thanks to Gary Gregory.\no          Add NIO channel support to \u003ccode\u003eAbstractStreamBuilder\u003c/code\u003e. Thanks to Piotr P. Karwasz.\no          Add CloseShieldChannel to close-shielded NIO Channels \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/786\"\u003e#786\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/790\"\u003e#790\u003c/a\u003e. Thanks to Piotr P. Karwasz.\u003c/p\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cp\u003eo          When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.\no          When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory.\no          ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory.\no          BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz.\no          BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz.\no          Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz.\no          Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray() now throws EOFException when not enough data is available \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/796\"\u003e#796\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz.\no          [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/806\"\u003e#806\u003c/a\u003e. Thanks to J Hawkins.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cp\u003eo          Bump org.apache.commons:commons-parent from 85 to 91 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/774\"\u003e#774\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/783\"\u003e#783\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/808\"\u003e#808\u003c/a\u003e. Thanks to Gary Gregory, Dependabot.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/54073d3b5fdd2985b98a48040ede95eb59c7ee53\"\u003e\u003ccode\u003e54073d3\u003c/code\u003e\u003c/a\u003e Prepare for the release candidate 2.21.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/f141f09d91368543e4f0754cbd649c484768c55c\"\u003e\u003ccode\u003ef141f09\u003c/code\u003e\u003c/a\u003e Prepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/adcf1350152faf4dbd8cf53fb2f2649f25dbe227\"\u003e\u003ccode\u003eadcf135\u003c/code\u003e\u003c/a\u003e Add license header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/0f499d060adbd4b36bbd9f47393a7ea6af8149ff\"\u003e\u003ccode\u003e0f499d0\u003c/code\u003e\u003c/a\u003e Use new oak logo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/34a961c3ed58ed96c73836db154ae50f0c45110f\"\u003e\u003ccode\u003e34a961c\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/9e511181a03096b77c3a4b9c6077a4ac0b56b510\"\u003e\u003ccode\u003e9e51118\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/d715865ee705fdb8ed786582bd6bd4ee996b0665\"\u003e\u003ccode\u003ed715865\u003c/code\u003e\u003c/a\u003e Add dependabot email [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/3d6a7e113633e1a33ca254d744c3fcbab61663f3\"\u003e\u003ccode\u003e3d6a7e1\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/ad875d566f273f54094b6b872bf9433be9fd86a7\"\u003e\u003ccode\u003ead875d5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 4.6.2 to 5.0.0 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/810\"\u003e#810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/bc01dee31ec0ff10aa0841ff245b770fa1ecfade\"\u003e\u003ccode\u003ebc01dee\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.30.9 to 4.31.2 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/811\"\u003e#811\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/commons-io/compare/commons-io-2.6...rel/commons-io-2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-collections4` from 4.0 to 4.5.0\n\nUpdates `org.owasp.encoder:encoder` from 1.2.1 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/owasp/owasp-java-encoder/releases\"\u003eorg.owasp.encoder:encoder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: java.lang.NoSuchMethodError when running on Java 8 by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/80\"\u003eOWASP/owasp-java-encoder#80\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add OSGi related entries in the MANIFEST.MF file by \u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd automatic module name by \u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect javadoc for Encode class. by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/52\"\u003eOWASP/owasp-java-encoder#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd badge for javadoc by \u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTiny typo Fix by \u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spring-core from 5.1.3.RELEASE to 5.3.19 in /jsp by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneral Maintenance by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/61\"\u003eOWASP/owasp-java-encoder#61\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Encode.forHtmlAttribute docs by \u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update esapi thunk by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/76\"\u003eOWASP/owasp-java-encoder#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: multi-release jars - add module name by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/77\"\u003eOWASP/owasp-java-encoder#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support jakarta jsp by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/75\"\u003eOWASP/owasp-java-encoder#75\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to  make the manifest OSGi-compliant (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/39\"\u003e#39\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eUpdate to support ESAPI 2.2 and later (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/37\"\u003e#37\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/be0670b6880483412f8da17211a5d084ff43cd24\"\u003e\u003ccode\u003ebe0670b\u003c/code\u003e\u003c/a\u003e docs: update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/7e203bd6d47ca2c3d04a073ff215021702217289\"\u003e\u003ccode\u003e7e203bd\u003c/code\u003e\u003c/a\u003e fix for issues 81 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/72e415a87b3c40eaf8d6c4629a9f49ddb47bf35b\"\u003e\u003ccode\u003e72e415a\u003c/code\u003e\u003c/a\u003e fix: java.lang.NoSuchMethodError when running on Java 8 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/d1a0294a21d60ef4ce26d7746e897e17fc2d276f\"\u003e\u003ccode\u003ed1a0294\u003c/code\u003e\u003c/a\u003e fix: build status badge (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/78\"\u003e#78\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/9942889ccb68ed95a1577cd0f6e3ee09841e78de\"\u003e\u003ccode\u003e9942889\u003c/code\u003e\u003c/a\u003e feat: support jakarta jsp (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/2f151ce3219efdfb7f957b6836c976382f629a26\"\u003e\u003ccode\u003e2f151ce\u003c/code\u003e\u003c/a\u003e feat: multi-release jars - add module name (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/0fc8cdee14d4f798010fe866555b1b6e223bfcc1\"\u003e\u003ccode\u003e0fc8cde\u003c/code\u003e\u003c/a\u003e fix: update esapi (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/76\"\u003e#76\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/58bd93dc7e9511500cebd50b3cbf8523d6720a7d\"\u003e\u003ccode\u003e58bd93d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/72\"\u003e#72\u003c/a\u003e from meeque/issue/71-forHtmlAttribute-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/351e999dcfe4fee38c4aa4bc584d15d3de2ccbb6\"\u003e\u003ccode\u003e351e999\u003c/code\u003e\u003c/a\u003e docs: correct javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/604a78f9b926391bd3768ac4545a7c7396b90cca\"\u003e\u003ccode\u003e604a78f\u003c/code\u003e\u003c/a\u003e Be clearer about quotes in forHtmlAttribute docs.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/owasp/owasp-java-encoder/compare/v1.2.1...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/maven-assembly-plugin/releases\"\u003eorg.apache.maven.plugins:maven-assembly-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12354406\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.1\u003c/a\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/192\"\u003eapache/maven-assembly-plugin#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/191\"\u003eapache/maven-assembly-plugin#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/195\"\u003eapache/maven-assembly-plugin#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1022] Unresolved artifacts should be not processed by \u003ca href=\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/194\"\u003eapache/maven-assembly-plugin#194\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\"\u003ehttps://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.7.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12353243\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.0\u003c/a\u003e\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/0afbb3e1252e0cdfb5e4abe3c4b2a108567059a7\"\u003e\u003ccode\u003e0afbb3e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74e858ad40849cc3f8bef462e310336a8c6a0cd5\"\u003e\u003ccode\u003e74e858a\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1022] Unresolved artifacts should be not processed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/cb5638223ebaf93ff06290a6ebb64c6dac12ebd4\"\u003e\u003ccode\u003ecb56382\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/86bbed043dbe78f6c32e99c1e433e052b2d78f69\"\u003e\u003ccode\u003e86bbed0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/bdcc4d0d093de4484820b2f9c4f84b5d0f7eaaa0\"\u003e\u003ccode\u003ebdcc4d0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74fe92e979db0479ee58db580d0e7295e6113e78\"\u003e\u003ccode\u003e74fe92e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/9be6e8733f187b15c0e6c0fb856765e12fb2c055\"\u003e\u003ccode\u003e9be6e87\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/e8630dc91637860d1ca690b2c64c2c18e240eae7\"\u003e\u003ccode\u003ee8630dc\u003c/code\u003e\u003c/a\u003e Bump apache/maven-gh-actions-shared from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/98f97a5dca6eac582ea5e52d7d62e186d9b8e25f\"\u003e\u003ccode\u003e98f97a5\u003c/code\u003e\u003c/a\u003e Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/c84e11089a785d56441fac2314224c0bf86b200d\"\u003e\u003ccode\u003ec84e110\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot-action-test/demo_repository_self_hosted/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot-action-test%2Fdemo_repository_self_hosted/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"3602124098","node_id":"PR_kwDOQRbtR86yO2h0","number":1,"state":"open","title":"Bump the all-version group with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-07T21:45:40.000Z","updated_at":"2025-11-17T02:41:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-version","update_count":7,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"2.6.7","new_version":"3.5.7","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"commons-io:commons-io","old_version":"2.6","new_version":"2.21.0","repository_url":"https://github.com/apache/commons-io"},{"name":"org.apache.commons:commons-collections4","old_version":"4.0","new_version":"4.5.0"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.1","new_version":"1.3.1","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.maven.plugins:maven-assembly-plugin","old_version":"3.1.1","new_version":"3.7.1","repository_url":"https://github.com/apache/maven-assembly-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-version group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `2.6.7` | `3.5.7` |\n| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.6` | `2.21.0` |\n| org.apache.commons:commons-collections4 | `4.0` | `4.5.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.1` | `1.3.1` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.7.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.7.1` |\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 2.6.7 to 3.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TWENTY_FIVE to JavaVersion enum \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47609\"\u003e#47609\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSigned jar verification fails when nested in an uber war running on an Oracle JVM \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47771\"\u003e#47771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIn an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47737\"\u003e#47737\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHomebrew formula for the CLI should use libexec \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47722\"\u003e#47722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47717\"\u003e#47717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47678\"\u003e#47678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnBeanCondition no longer correctly finds annotations on scoped target proxy beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47635\"\u003e#47635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavaVersion doesn't work reliably in native-image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47620\"\u003e#47620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47346\"\u003e#47346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLauncher fails to find main method when it is parameterless \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47311\"\u003e#47311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackage private Main class using Java 25 is not found by build plugins \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47309\"\u003e#47309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBitnami legacy images are not automatically detected \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47275\"\u003e#47275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMaven plugin does not provide an easy way to exclude optional dependencies from uber jar \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/25403\"\u003e#25403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSome spring.test.* properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47775\"\u003e#47775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency management for Maven AntRun Plugin is missing changelog link \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47744\"\u003e#47744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeveloping Your First Spring Boot Application has outdated tools \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47700\"\u003e#47700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude deprecated configuration properties in the reference documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47669\"\u003e#47669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAggregated Javadoc should link to the proper version of JakartaEE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47593\"\u003e#47593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate javadoc of TestRestTemplate following change to redirect behavior \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47474\"\u003e#47474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse non-deprecated syntax to configure sourceCompatibility \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47343\"\u003e#47343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix link to Framework's \u003ccode\u003e@Bean\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47330\"\u003e#47330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate managed dependency version override examples in documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47306\"\u003e#47306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ActiveMQ 6.1.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47767\"\u003e#47767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47525\"\u003e#47525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47526\"\u003e#47526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47527\"\u003e#47527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Cassandra Driver 4.19.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47768\"\u003e#47768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47528\"\u003e#47528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47671\"\u003e#47671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Glassfish JAXB 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47529\"\u003e#47529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to GraphQL Java 24.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47755\"\u003e#47755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 4.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47713\"\u003e#47713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.33.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47530\"\u003e#47530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47531\"\u003e#47531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpCore5 5.3.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47532\"\u003e#47532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta Mail 2.1.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47533\"\u003e#47533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta XML Bind 4.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47242\"\u003e#47242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47728\"\u003e#47728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/d3152ea442dcb70976ca7fbe9ad818e67438967f\"\u003e\u003ccode\u003ed3152ea\u003c/code\u003e\u003c/a\u003e Release v3.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/af07358549ca23f95decb5f6d1ccb239d78f7ddc\"\u003e\u003ccode\u003eaf07358\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b0bef35478cfad7efcc3d065cd6b2652703ef1d6\"\u003e\u003ccode\u003eb0bef35\u003c/code\u003e\u003c/a\u003e Document missing spring.test.* properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/6683d0f49665a14821b5f6165a04d68bc29da755\"\u003e\u003ccode\u003e6683d0f\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/5ba3642364fda0988902ac3456ba8c4530ae7ec5\"\u003e\u003ccode\u003e5ba3642\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.12-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/59aba4e54d75bad73b744667dc08cfb19b7febfb\"\u003e\u003ccode\u003e59aba4e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4525a0c3d4221aa26f0b5cedca56d282ae231ad1\"\u003e\u003ccode\u003e4525a0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47284\"\u003e#47284\u003c/a\u003e from DKARAGODIN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/43d91aee384e83b6e4d3a2195141547d8c1f315e\"\u003e\u003ccode\u003e43d91ae\u003c/code\u003e\u003c/a\u003e Write signature files to uber wars for Oracle Java 17 verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/eaad688dd253601e47b96746a4fe3d51dec1194d\"\u003e\u003ccode\u003eeaad688\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Batch 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/edee2de8371dd8d2f25c1fec1121a80849959817\"\u003e\u003ccode\u003eedee2de\u003c/code\u003e\u003c/a\u003e Upgrade to Cassandra Driver 4.19.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v2.6.7...v3.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.6 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt\"\u003ecommons-io:commons-io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eApache Commons IO 2.21.0 Release Notes\u003c/p\u003e\n\u003cp\u003eThe Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.\u003c/p\u003e\n\u003ch2\u003eIntroduction\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons IO library contains utility classes, stream implementations, file filters,\nfile comparators, endian transformation classes, and much more.\u003c/p\u003e\n\u003cp\u003eVersion 2.21.0: Java 8 or later is required.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cp\u003eo          FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_RB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_QB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory.\no          Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz.\no          Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz.\no          Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory.\no          Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory.\no          Add IOIterable.asIterable(). Thanks to Gary Gregory.\no          Add NIO channel support to \u003ccode\u003eAbstractStreamBuilder\u003c/code\u003e. Thanks to Piotr P. Karwasz.\no          Add CloseShieldChannel to close-shielded NIO Channels \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/786\"\u003e#786\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/790\"\u003e#790\u003c/a\u003e. Thanks to Piotr P. Karwasz.\u003c/p\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cp\u003eo          When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.\no          When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory.\no          ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory.\no          BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz.\no          BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz.\no          Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz.\no          Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray() now throws EOFException when not enough data is available \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/796\"\u003e#796\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz.\no          [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/806\"\u003e#806\u003c/a\u003e. Thanks to J Hawkins.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cp\u003eo          Bump org.apache.commons:commons-parent from 85 to 91 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/774\"\u003e#774\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/783\"\u003e#783\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/808\"\u003e#808\u003c/a\u003e. Thanks to Gary Gregory, Dependabot.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/54073d3b5fdd2985b98a48040ede95eb59c7ee53\"\u003e\u003ccode\u003e54073d3\u003c/code\u003e\u003c/a\u003e Prepare for the release candidate 2.21.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/f141f09d91368543e4f0754cbd649c484768c55c\"\u003e\u003ccode\u003ef141f09\u003c/code\u003e\u003c/a\u003e Prepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/adcf1350152faf4dbd8cf53fb2f2649f25dbe227\"\u003e\u003ccode\u003eadcf135\u003c/code\u003e\u003c/a\u003e Add license header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/0f499d060adbd4b36bbd9f47393a7ea6af8149ff\"\u003e\u003ccode\u003e0f499d0\u003c/code\u003e\u003c/a\u003e Use new oak logo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/34a961c3ed58ed96c73836db154ae50f0c45110f\"\u003e\u003ccode\u003e34a961c\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/9e511181a03096b77c3a4b9c6077a4ac0b56b510\"\u003e\u003ccode\u003e9e51118\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/d715865ee705fdb8ed786582bd6bd4ee996b0665\"\u003e\u003ccode\u003ed715865\u003c/code\u003e\u003c/a\u003e Add dependabot email [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/3d6a7e113633e1a33ca254d744c3fcbab61663f3\"\u003e\u003ccode\u003e3d6a7e1\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/ad875d566f273f54094b6b872bf9433be9fd86a7\"\u003e\u003ccode\u003ead875d5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 4.6.2 to 5.0.0 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/810\"\u003e#810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/bc01dee31ec0ff10aa0841ff245b770fa1ecfade\"\u003e\u003ccode\u003ebc01dee\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.30.9 to 4.31.2 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/811\"\u003e#811\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/commons-io/compare/commons-io-2.6...rel/commons-io-2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-collections4` from 4.0 to 4.5.0\n\nUpdates `org.owasp.encoder:encoder` from 1.2.1 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/owasp/owasp-java-encoder/releases\"\u003eorg.owasp.encoder:encoder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: java.lang.NoSuchMethodError when running on Java 8 by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/80\"\u003eOWASP/owasp-java-encoder#80\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add OSGi related entries in the MANIFEST.MF file by \u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd automatic module name by \u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect javadoc for Encode class. by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/52\"\u003eOWASP/owasp-java-encoder#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd badge for javadoc by \u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTiny typo Fix by \u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spring-core from 5.1.3.RELEASE to 5.3.19 in /jsp by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneral Maintenance by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/61\"\u003eOWASP/owasp-java-encoder#61\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Encode.forHtmlAttribute docs by \u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update esapi thunk by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/76\"\u003eOWASP/owasp-java-encoder#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: multi-release jars - add module name by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/77\"\u003eOWASP/owasp-java-encoder#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support jakarta jsp by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/75\"\u003eOWASP/owasp-java-encoder#75\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to  make the manifest OSGi-compliant (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/39\"\u003e#39\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eUpdate to support ESAPI 2.2 and later (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/37\"\u003e#37\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/be0670b6880483412f8da17211a5d084ff43cd24\"\u003e\u003ccode\u003ebe0670b\u003c/code\u003e\u003c/a\u003e docs: update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/7e203bd6d47ca2c3d04a073ff215021702217289\"\u003e\u003ccode\u003e7e203bd\u003c/code\u003e\u003c/a\u003e fix for issues 81 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/72e415a87b3c40eaf8d6c4629a9f49ddb47bf35b\"\u003e\u003ccode\u003e72e415a\u003c/code\u003e\u003c/a\u003e fix: java.lang.NoSuchMethodError when running on Java 8 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/d1a0294a21d60ef4ce26d7746e897e17fc2d276f\"\u003e\u003ccode\u003ed1a0294\u003c/code\u003e\u003c/a\u003e fix: build status badge (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/78\"\u003e#78\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/9942889ccb68ed95a1577cd0f6e3ee09841e78de\"\u003e\u003ccode\u003e9942889\u003c/code\u003e\u003c/a\u003e feat: support jakarta jsp (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/2f151ce3219efdfb7f957b6836c976382f629a26\"\u003e\u003ccode\u003e2f151ce\u003c/code\u003e\u003c/a\u003e feat: multi-release jars - add module name (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/0fc8cdee14d4f798010fe866555b1b6e223bfcc1\"\u003e\u003ccode\u003e0fc8cde\u003c/code\u003e\u003c/a\u003e fix: update esapi (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/76\"\u003e#76\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/58bd93dc7e9511500cebd50b3cbf8523d6720a7d\"\u003e\u003ccode\u003e58bd93d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/72\"\u003e#72\u003c/a\u003e from meeque/issue/71-forHtmlAttribute-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/351e999dcfe4fee38c4aa4bc584d15d3de2ccbb6\"\u003e\u003ccode\u003e351e999\u003c/code\u003e\u003c/a\u003e docs: correct javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/604a78f9b926391bd3768ac4545a7c7396b90cca\"\u003e\u003ccode\u003e604a78f\u003c/code\u003e\u003c/a\u003e Be clearer about quotes in forHtmlAttribute docs.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/owasp/owasp-java-encoder/compare/v1.2.1...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/maven-assembly-plugin/releases\"\u003eorg.apache.maven.plugins:maven-assembly-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12354406\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.1\u003c/a\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/192\"\u003eapache/maven-assembly-plugin#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/191\"\u003eapache/maven-assembly-plugin#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/195\"\u003eapache/maven-assembly-plugin#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1022] Unresolved artifacts should be not processed by \u003ca href=\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/194\"\u003eapache/maven-assembly-plugin#194\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\"\u003ehttps://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.7.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12353243\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.0\u003c/a\u003e\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/0afbb3e1252e0cdfb5e4abe3c4b2a108567059a7\"\u003e\u003ccode\u003e0afbb3e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74e858ad40849cc3f8bef462e310336a8c6a0cd5\"\u003e\u003ccode\u003e74e858a\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1022] Unresolved artifacts should be not processed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/cb5638223ebaf93ff06290a6ebb64c6dac12ebd4\"\u003e\u003ccode\u003ecb56382\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/86bbed043dbe78f6c32e99c1e433e052b2d78f69\"\u003e\u003ccode\u003e86bbed0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/bdcc4d0d093de4484820b2f9c4f84b5d0f7eaaa0\"\u003e\u003ccode\u003ebdcc4d0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74fe92e979db0479ee58db580d0e7295e6113e78\"\u003e\u003ccode\u003e74fe92e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/9be6e8733f187b15c0e6c0fb856765e12fb2c055\"\u003e\u003ccode\u003e9be6e87\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/e8630dc91637860d1ca690b2c64c2c18e240eae7\"\u003e\u003ccode\u003ee8630dc\u003c/code\u003e\u003c/a\u003e Bump apache/maven-gh-actions-shared from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/98f97a5dca6eac582ea5e52d7d62e186d9b8e25f\"\u003e\u003ccode\u003e98f97a5\u003c/code\u003e\u003c/a\u003e Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/c84e11089a785d56441fac2314224c0bf86b200d\"\u003e\u003ccode\u003ec84e110\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot-actions-legacy/demo_repository_not_self_hosted/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot-actions-legacy%2Fdemo_repository_not_self_hosted/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"3592200265","node_id":"PR_kwDOQPX6386xtkPe","number":1,"state":"open","title":"Bump the all-version group with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-05T17:56:06.000Z","updated_at":"2026-02-02T23:37:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-version","update_count":7,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"2.6.7","new_version":"3.5.7","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"commons-io:commons-io","old_version":"2.6","new_version":"2.20.0","repository_url":"https://github.com/apache/commons-io"},{"name":"org.apache.commons:commons-collections4","old_version":"4.0","new_version":"4.5.0"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.1","new_version":"1.3.1","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.maven.plugins:maven-assembly-plugin","old_version":"3.1.1","new_version":"3.7.1","repository_url":"https://github.com/apache/maven-assembly-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-version group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `2.6.7` | `3.5.7` |\n| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.6` | `2.20.0` |\n| org.apache.commons:commons-collections4 | `4.0` | `4.5.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.1` | `1.3.1` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.7.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.7.1` |\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 2.6.7 to 3.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TWENTY_FIVE to JavaVersion enum \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47609\"\u003e#47609\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSigned jar verification fails when nested in an uber war running on an Oracle JVM \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47771\"\u003e#47771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIn an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47737\"\u003e#47737\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHomebrew formula for the CLI should use libexec \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47722\"\u003e#47722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47717\"\u003e#47717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47678\"\u003e#47678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnBeanCondition no longer correctly finds annotations on scoped target proxy beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47635\"\u003e#47635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavaVersion doesn't work reliably in native-image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47620\"\u003e#47620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47346\"\u003e#47346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLauncher fails to find main method when it is parameterless \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47311\"\u003e#47311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackage private Main class using Java 25 is not found by build plugins \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47309\"\u003e#47309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBitnami legacy images are not automatically detected \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47275\"\u003e#47275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMaven plugin does not provide an easy way to exclude optional dependencies from uber jar \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/25403\"\u003e#25403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSome spring.test.* properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47775\"\u003e#47775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency management for Maven AntRun Plugin is missing changelog link \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47744\"\u003e#47744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeveloping Your First Spring Boot Application has outdated tools \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47700\"\u003e#47700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude deprecated configuration properties in the reference documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47669\"\u003e#47669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAggregated Javadoc should link to the proper version of JakartaEE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47593\"\u003e#47593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate javadoc of TestRestTemplate following change to redirect behavior \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47474\"\u003e#47474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse non-deprecated syntax to configure sourceCompatibility \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47343\"\u003e#47343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix link to Framework's \u003ccode\u003e@Bean\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47330\"\u003e#47330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate managed dependency version override examples in documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47306\"\u003e#47306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ActiveMQ 6.1.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47767\"\u003e#47767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47525\"\u003e#47525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47526\"\u003e#47526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47527\"\u003e#47527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Cassandra Driver 4.19.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47768\"\u003e#47768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47528\"\u003e#47528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47671\"\u003e#47671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Glassfish JAXB 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47529\"\u003e#47529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to GraphQL Java 24.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47755\"\u003e#47755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 4.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47713\"\u003e#47713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.33.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47530\"\u003e#47530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47531\"\u003e#47531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpCore5 5.3.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47532\"\u003e#47532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta Mail 2.1.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47533\"\u003e#47533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta XML Bind 4.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47242\"\u003e#47242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47728\"\u003e#47728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/d3152ea442dcb70976ca7fbe9ad818e67438967f\"\u003e\u003ccode\u003ed3152ea\u003c/code\u003e\u003c/a\u003e Release v3.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/af07358549ca23f95decb5f6d1ccb239d78f7ddc\"\u003e\u003ccode\u003eaf07358\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b0bef35478cfad7efcc3d065cd6b2652703ef1d6\"\u003e\u003ccode\u003eb0bef35\u003c/code\u003e\u003c/a\u003e Document missing spring.test.* properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/6683d0f49665a14821b5f6165a04d68bc29da755\"\u003e\u003ccode\u003e6683d0f\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/5ba3642364fda0988902ac3456ba8c4530ae7ec5\"\u003e\u003ccode\u003e5ba3642\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.12-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/59aba4e54d75bad73b744667dc08cfb19b7febfb\"\u003e\u003ccode\u003e59aba4e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4525a0c3d4221aa26f0b5cedca56d282ae231ad1\"\u003e\u003ccode\u003e4525a0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47284\"\u003e#47284\u003c/a\u003e from DKARAGODIN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/43d91aee384e83b6e4d3a2195141547d8c1f315e\"\u003e\u003ccode\u003e43d91ae\u003c/code\u003e\u003c/a\u003e Write signature files to uber wars for Oracle Java 17 verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/eaad688dd253601e47b96746a4fe3d51dec1194d\"\u003e\u003ccode\u003eeaad688\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Batch 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/edee2de8371dd8d2f25c1fec1121a80849959817\"\u003e\u003ccode\u003eedee2de\u003c/code\u003e\u003c/a\u003e Upgrade to Cassandra Driver 4.19.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v2.6.7...v3.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.6 to 2.20.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt\"\u003ecommons-io:commons-io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eApache Commons IO 2.21.0 Release Notes\u003c/p\u003e\n\u003cp\u003eThe Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.\u003c/p\u003e\n\u003ch2\u003eIntroduction\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons IO library contains utility classes, stream implementations, file filters,\nfile comparators, endian transformation classes, and much more.\u003c/p\u003e\n\u003cp\u003eVersion 2.21.0: Java 8 or later is required.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cp\u003eo          FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_RB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_QB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory.\no          Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz.\no          Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz.\no          Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory.\no          Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory.\no          Add IOIterable.asIterable(). Thanks to Gary Gregory.\no          Add NIO channel support to \u003ccode\u003eAbstractStreamBuilder\u003c/code\u003e. Thanks to Piotr P. Karwasz.\no          Add CloseShieldChannel to close-shielded NIO Channels \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/786\"\u003e#786\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/790\"\u003e#790\u003c/a\u003e. Thanks to Piotr P. Karwasz.\u003c/p\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cp\u003eo          When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.\no          When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory.\no          ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory.\no          BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz.\no          BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz.\no          Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz.\no          Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray() now throws EOFException when not enough data is available \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/796\"\u003e#796\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz.\no          [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/806\"\u003e#806\u003c/a\u003e. Thanks to J Hawkins.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cp\u003eo          Bump org.apache.commons:commons-parent from 85 to 91 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/774\"\u003e#774\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/783\"\u003e#783\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/808\"\u003e#808\u003c/a\u003e. Thanks to Gary Gregory, Dependabot.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/c224bce839494ed651e5eba320b27c73ce8d804e\"\u003e\u003ccode\u003ec224bce\u003c/code\u003e\u003c/a\u003e Prepare for the release candidate 2.20.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/8981a5c9664574003f5d7620cf5133325161e543\"\u003e\u003ccode\u003e8981a5c\u003c/code\u003e\u003c/a\u003e Remove workaround for\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/4ef481f14220c19f6114a3f793df2202bb1336a6\"\u003e\u003ccode\u003e4ef481f\u003c/code\u003e\u003c/a\u003e Prepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/d23228f4a94bd070b0505e5a528da1413915c8a4\"\u003e\u003ccode\u003ed23228f\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/apache/commons-io.git\"\u003ehttps://github.com/apache/commons-io.git\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/5d2737ffe489b91c4af7ccddfeda93d860750729\"\u003e\u003ccode\u003e5d2737f\u003c/code\u003e\u003c/a\u003e Add \u003ca href=\"https://github.com/SuppressWarnings\"\u003e\u003ccode\u003e@​SuppressWarnings\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/e5c80d6eff29b9a3b2b917356345d90237e84e57\"\u003e\u003ccode\u003ee5c80d6\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/761\"\u003e#761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/2017ac063c1cc284dc855265a15a4e2dfdc653e4\"\u003e\u003ccode\u003e2017ac0\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/761\"\u003e#761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/07ce798898b6c6ca639e6ad0e2beecf55cf00d7a\"\u003e\u003ccode\u003e07ce798\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/a828efa09f5b32f80485c2302caf78b8ee3c857c\"\u003e\u003ccode\u003ea828efa\u003c/code\u003e\u003c/a\u003e Add ciManagement element to POM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/46bd1c2955a29d676bfbc3fea6cce84918ba6ac5\"\u003e\u003ccode\u003e46bd1c2\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/commons-io/compare/commons-io-2.6...rel/commons-io-2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-collections4` from 4.0 to 4.5.0\n\nUpdates `org.owasp.encoder:encoder` from 1.2.1 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/owasp/owasp-java-encoder/releases\"\u003eorg.owasp.encoder:encoder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: java.lang.NoSuchMethodError when running on Java 8 by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/80\"\u003eOWASP/owasp-java-encoder#80\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add OSGi related entries in the MANIFEST.MF file by \u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd automatic module name by \u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect javadoc for Encode class. by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/52\"\u003eOWASP/owasp-java-encoder#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd badge for javadoc by \u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTiny typo Fix by \u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spring-core from 5.1.3.RELEASE to 5.3.19 in /jsp by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneral Maintenance by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/61\"\u003eOWASP/owasp-java-encoder#61\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Encode.forHtmlAttribute docs by \u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update esapi thunk by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/76\"\u003eOWASP/owasp-java-encoder#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: multi-release jars - add module name by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/77\"\u003eOWASP/owasp-java-encoder#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support jakarta jsp by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/75\"\u003eOWASP/owasp-java-encoder#75\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to  make the manifest OSGi-compliant (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/39\"\u003e#39\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eUpdate to support ESAPI 2.2 and later (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/37\"\u003e#37\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/be0670b6880483412f8da17211a5d084ff43cd24\"\u003e\u003ccode\u003ebe0670b\u003c/code\u003e\u003c/a\u003e docs: update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/7e203bd6d47ca2c3d04a073ff215021702217289\"\u003e\u003ccode\u003e7e203bd\u003c/code\u003e\u003c/a\u003e fix for issues 81 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/72e415a87b3c40eaf8d6c4629a9f49ddb47bf35b\"\u003e\u003ccode\u003e72e415a\u003c/code\u003e\u003c/a\u003e fix: java.lang.NoSuchMethodError when running on Java 8 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/d1a0294a21d60ef4ce26d7746e897e17fc2d276f\"\u003e\u003ccode\u003ed1a0294\u003c/code\u003e\u003c/a\u003e fix: build status badge (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/78\"\u003e#78\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/9942889ccb68ed95a1577cd0f6e3ee09841e78de\"\u003e\u003ccode\u003e9942889\u003c/code\u003e\u003c/a\u003e feat: support jakarta jsp (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/2f151ce3219efdfb7f957b6836c976382f629a26\"\u003e\u003ccode\u003e2f151ce\u003c/code\u003e\u003c/a\u003e feat: multi-release jars - add module name (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/0fc8cdee14d4f798010fe866555b1b6e223bfcc1\"\u003e\u003ccode\u003e0fc8cde\u003c/code\u003e\u003c/a\u003e fix: update esapi (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/76\"\u003e#76\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/58bd93dc7e9511500cebd50b3cbf8523d6720a7d\"\u003e\u003ccode\u003e58bd93d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/72\"\u003e#72\u003c/a\u003e from meeque/issue/71-forHtmlAttribute-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/351e999dcfe4fee38c4aa4bc584d15d3de2ccbb6\"\u003e\u003ccode\u003e351e999\u003c/code\u003e\u003c/a\u003e docs: correct javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/604a78f9b926391bd3768ac4545a7c7396b90cca\"\u003e\u003ccode\u003e604a78f\u003c/code\u003e\u003c/a\u003e Be clearer about quotes in forHtmlAttribute docs.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/owasp/owasp-java-encoder/compare/v1.2.1...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/maven-assembly-plugin/releases\"\u003eorg.apache.maven.plugins:maven-assembly-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12354406\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.1\u003c/a\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/192\"\u003eapache/maven-assembly-plugin#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/191\"\u003eapache/maven-assembly-plugin#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/195\"\u003eapache/maven-assembly-plugin#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1022] Unresolved artifacts should be not processed by \u003ca href=\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/194\"\u003eapache/maven-assembly-plugin#194\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\"\u003ehttps://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.7.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12353243\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.0\u003c/a\u003e\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/0afbb3e1252e0cdfb5e4abe3c4b2a108567059a7\"\u003e\u003ccode\u003e0afbb3e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74e858ad40849cc3f8bef462e310336a8c6a0cd5\"\u003e\u003ccode\u003e74e858a\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1022] Unresolved artifacts should be not processed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/cb5638223ebaf93ff06290a6ebb64c6dac12ebd4\"\u003e\u003ccode\u003ecb56382\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/86bbed043dbe78f6c32e99c1e433e052b2d78f69\"\u003e\u003ccode\u003e86bbed0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/bdcc4d0d093de4484820b2f9c4f84b5d0f7eaaa0\"\u003e\u003ccode\u003ebdcc4d0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74fe92e979db0479ee58db580d0e7295e6113e78\"\u003e\u003ccode\u003e74fe92e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/9be6e8733f187b15c0e6c0fb856765e12fb2c055\"\u003e\u003ccode\u003e9be6e87\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/e8630dc91637860d1ca690b2c64c2c18e240eae7\"\u003e\u003ccode\u003ee8630dc\u003c/code\u003e\u003c/a\u003e Bump apache/maven-gh-actions-shared from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/98f97a5dca6eac582ea5e52d7d62e186d9b8e25f\"\u003e\u003ccode\u003e98f97a5\u003c/code\u003e\u003c/a\u003e Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/c84e11089a785d56441fac2314224c0bf86b200d\"\u003e\u003ccode\u003ec84e110\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot-action-test/demo-java-dependabot/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot-action-test%2Fdemo-java-dependabot/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2819544911","node_id":"PR_kwDOBv681M6oDtdP","number":104,"state":"closed","title":"Bump org.owasp.esapi:esapi from 2.5.2.0 to 2.6.0.0 in /logicaldoc-webapp","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-10-01T09:01:40.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-09-11T14:55:25.000Z","updated_at":"2025-10-01T09:01:40.000Z","time_to_close":1706775,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.5.2.0","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":"/logicaldoc-webapp","ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.5.2.0 to 2.6.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.2.0...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.5.2.0\u0026new-version=2.6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/logicaldoc/community/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/logicaldoc/community/pull/104","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/logicaldoc%2Fcommunity/issues/104","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/104/packages"},{"uuid":"2760041920","node_id":"PR_kwDOPGBN6M6kguXA","number":8,"state":"open","title":"Bump the maven group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-20T14:34:02.000Z","updated_at":"2025-08-20T14:34:03.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":8,"packages":[{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.14.1","new_version":"2.17.1"},{"name":"org.springframework.ldap:spring-ldap-core","old_version":"2.3.5.RELEASE","new_version":"2.4.4","repository_url":"https://github.com/spring-projects/spring-ldap"},{"name":"org.springframework:spring-web","old_version":"5.3.18","new_version":"6.1.21","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-context","old_version":"5.3.18","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-webmvc","old_version":"5.3.18","new_version":"6.2.10","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.apache.shiro:shiro-core","old_version":"1.8.0","new_version":"1.13.0","repository_url":"https://github.com/apache/shiro"},{"name":"org.owasp.esapi:esapi","old_version":"2.2.3.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"io.pebbletemplates:pebble","old_version":"3.1.5","new_version":"3.2.4","repository_url":"https://github.com/PebbleTemplates/pebble"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 8 updates in the /java/ql/test/utils/flowtestcasegenerator directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.logging.log4j:log4j-core | `2.14.1` | `2.17.1` |\n| [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) | `2.3.5.RELEASE` | `2.4.4` |\n| [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.1.21` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.1.20` |\n| [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.2.10` |\n| [org.apache.shiro:shiro-core](https://github.com/apache/shiro) | `1.8.0` | `1.13.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.2.3.1` | `2.6.0.0` |\n| [io.pebbletemplates:pebble](https://github.com/PebbleTemplates/pebble) | `3.1.5` | `3.2.4` |\n\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.14.1 to 2.17.1\n\nUpdates `org.springframework.ldap:spring-ldap-core` from 2.3.5.RELEASE to 2.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-ldap/releases\"\u003eorg.springframework.ldap:spring-ldap-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.4.4\u003c/h2\u003e\n\u003ch2\u003eNew Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpecify Locale in Case Functions \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/965\"\u003e#965\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Spring Security 5.8.15 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/962\"\u003e#962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to SLF4J 1.7.36 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/961\"\u003e#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Hibernate 5.6.15 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/960\"\u003e#960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Freemarker 2.3.33 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/959\"\u003e#959\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Apache HttpClient 4.5.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/958\"\u003e#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to AspectJ 1.9.22.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/957\"\u003e#957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Jackson 2.13.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/956\"\u003e#956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Spring Data 2021.1.10 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/955\"\u003e#955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Spring Framework 5.3.39 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/954\"\u003e#954\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.2\u003c/h2\u003e\n\u003ch2\u003eNew Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how DnAttriubte name and index are mutually exclusive \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/941\"\u003e#941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove from Jenkins CI \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/918\"\u003e#918\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ejava.lang.reflect.UndeclaredThrowableException with spring-ldap-core 2.3.2.RELEASE and above \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/939\"\u003e#939\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.1\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWrong Project Information in Maven POM (2.4.0) \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/663\"\u003e#663\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Spring Framework 5.3.21 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/673\"\u003e#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Jackson 2.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/672\"\u003e#672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to unboundid-ldapsdk 6.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/671\"\u003e#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to AspectJ 1.9.9.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/670\"\u003e#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to EasyMock 2.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/669\"\u003e#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to FreeMarker 2.3.31 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/668\"\u003e#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Hibernate 5.6.9.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/667\"\u003e#667\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to hsqldb 2.6.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/666\"\u003e#666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Spring Security 5.6.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/665\"\u003e#665\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe package \u003ccode\u003eorg.springframework.ldap.core\u003c/code\u003e is split \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/632\"\u003e#632\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/ec1d0ac90185536002854d37ea2b413bfe47a19b\"\u003e\u003ccode\u003eec1d0ac\u003c/code\u003e\u003c/a\u003e Release 2.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/1bfb466c385ecd4d0a6cd587e5392b3526c7bf0e\"\u003e\u003ccode\u003e1bfb466\u003c/code\u003e\u003c/a\u003e Polish toLower/UpperCase Usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/ec09768097450955953036c583e839cbc9aecef1\"\u003e\u003ccode\u003eec09768\u003c/code\u003e\u003c/a\u003e Update to Spring Security 5.8.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/1838e6e4010e5e883c9a3e99c6f9c228cd9ca9fc\"\u003e\u003ccode\u003e1838e6e\u003c/code\u003e\u003c/a\u003e Update to SLF4J 1.7.36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/08a5f530720f93f9808c026ebb0acd4c368929fa\"\u003e\u003ccode\u003e08a5f53\u003c/code\u003e\u003c/a\u003e Update to Hibernate 5.6.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/db231b33f572d848232807335d489b9028447f9c\"\u003e\u003ccode\u003edb231b3\u003c/code\u003e\u003c/a\u003e Update to Freemarker 2.3.33\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/361681885d93accb97581afed76ae8a1836be8bd\"\u003e\u003ccode\u003e3616818\u003c/code\u003e\u003c/a\u003e Update to Apache HttpClient 4.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/41a9adb62d265dbcfcdaa1b4d7b68f43e85fd1ee\"\u003e\u003ccode\u003e41a9adb\u003c/code\u003e\u003c/a\u003e Update to AspectJ 1.9.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/a2a42ac0609a04c621994e3bb33d42bea9641376\"\u003e\u003ccode\u003ea2a42ac\u003c/code\u003e\u003c/a\u003e Update to Jackson 2.13.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/bd7600320c44eb3552da7d6db9825d837a1d34e1\"\u003e\u003ccode\u003ebd76003\u003c/code\u003e\u003c/a\u003e Update to Spring Data 2021.1.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-ldap/compare/2.3.5.RELEASE...2.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 5.3.18 to 6.1.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.21\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEncode non-printable character in Content-Disposition parameter \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35035\"\u003e#35035\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow update of existing \u003ccode\u003eWebSession\u003c/code\u003e after max sessions limit is reached \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35018\"\u003e#35018\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnhanced configuration class fails to call package-visible superclass constructor on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34951\"\u003e#34951\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.19 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35022\"\u003e#35022\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/fa36b342ebafc488f29f7d30c8e69a3d4b988ae6\"\u003e\u003ccode\u003efa36b34\u003c/code\u003e\u003c/a\u003e Release v6.1.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/498ccda8fc354a905875a79f2d29e25a447b718b\"\u003e\u003ccode\u003e498ccda\u003c/code\u003e\u003c/a\u003e Upgrade to Gradle 8.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/fd68ea6fcbf94fc1d38bfefd3692fe094652ab3d\"\u003e\u003ccode\u003efd68ea6\u003c/code\u003e\u003c/a\u003e Encode non-printable character in Content-Disposition parameter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/28caa39020a9f7d73f0c181ae265093bedbe9139\"\u003e\u003ccode\u003e28caa39\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8ecc553696cec1cc33a7c4c7e5748d0915f3c9b3\"\u003e\u003ccode\u003e8ecc553\u003c/code\u003e\u003c/a\u003e Polish contribution\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cd44efaf687ce9a13e28e5569ee9c4fd4ee134f6\"\u003e\u003ccode\u003ecd44efa\u003c/code\u003e\u003c/a\u003e Allow update of existing WebSession after max sessions limit is reached\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/59d2895c8289642ba233de93f38e7a109fc971c1\"\u003e\u003ccode\u003e59d2895\u003c/code\u003e\u003c/a\u003e Fix InMemoryWebSessionStoreTests.startsSessionImplicitly() test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a876bb41af418c35ff3409146e29c28e4ed1b619\"\u003e\u003ccode\u003ea876bb4\u003c/code\u003e\u003c/a\u003e Polish WebSession support and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/3b6becac014f55e896de7e28344e2863ff90425a\"\u003e\u003ccode\u003e3b6beca\u003c/code\u003e\u003c/a\u003e Check for package-visible constructor in case of ClassLoader mismatch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/59ffbd7a598af7cc7ef3efa81061cb06a06371e5\"\u003e\u003ccode\u003e59ffbd7\u003c/code\u003e\u003c/a\u003e Test conversion support in PropertySourcesPlaceholderConfigurer\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.1.21\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 5.3.18 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-webmvc` from 5.3.18 to 6.2.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-webmvc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.10\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize NIO path resolution in \u003ccode\u003ePathEditor\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35304\"\u003e#35304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etype\u003c/code\u003e in \u003ccode\u003eProblemDetail\u003c/code\u003e nullable \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35294\"\u003e#35294\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefine UriUtils#decode and StringUtils#uriDecode implementation and documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35253\"\u003e#35253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide configurable \u003ccode\u003euseCaches\u003c/code\u003e option for \u003ccode\u003eURLConnection\u003c/code\u003e usage in \u003ccode\u003eUrlResource\u003c/code\u003e (avoiding jar file leak) \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35218\"\u003e#35218\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@Scheduled\u003c/code\u003e tasks running in \u003ccode\u003eSimpleAsyncTaskScheduler\u003c/code\u003e are interrupted immediately on context close \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35254\"\u003e#35254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eScriptUtils.executeSqlScript()\u003c/code\u003e does not support multiple results per statement \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35248\"\u003e#35248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSuccessful Autowiring Dependent on Configuration ordering and Primary Bean flag \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35239\"\u003e#35239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLocale parameter in MessageSource#getMessage methods should be nullable \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35230\"\u003e#35230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow any \u003ccode\u003e@Transactional\u003c/code\u003e propagation for \u003ccode\u003e@TransactionalEventListener\u003c/code\u003e with BEFORE_COMMIT phase \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35150\"\u003e#35150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCatalog name should be handled with the provided case \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35064\"\u003e#35064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccept support for generated keys column name array on HSQLDB and Derby as well \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34790\"\u003e#34790\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle direct CanncelationException on timeout in JdkClientHttpRequest \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34721\"\u003e#34721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd documentation of RequestMapping about SpEL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35232\"\u003e#35232\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument SqlBinaryValue behaviour with PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34786\"\u003e#34786\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.10 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35313\"\u003e#35313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35312\"\u003e#35312\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Allan-QLB\"\u003e\u003ccode\u003e@​Allan-QLB\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carsago\"\u003e\u003ccode\u003e@​carsago\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cw-dimedis\"\u003e\u003ccode\u003e@​cw-dimedis\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/giampa91\"\u003e\u003ccode\u003e@​giampa91\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8f64480c9f91aa4f8dcf56c53e5e967a1a65d0b8\"\u003e\u003ccode\u003e8f64480\u003c/code\u003e\u003c/a\u003e Release v6.2.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edda4731e133dd785271cccd032fb4bb028d2720\"\u003e\u003ccode\u003eedda473\u003c/code\u003e\u003c/a\u003e Build against Java 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/9fa2d7d190160bc1a4a713c40c0d3a5d229010e5\"\u003e\u003ccode\u003e9fa2d7d\u003c/code\u003e\u003c/a\u003e Upgrade to Jackson 2.18.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c30427fd4e18088c02c19be66567440a5878a369\"\u003e\u003ccode\u003ec30427f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.124.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1d908f1847a2ee1d3e24ba2a789b881691494eeb\"\u003e\u003ccode\u003e1d908f1\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.9 and Micrometer 1.14.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/37b076be5121edbe0412f6b8ef190d595692b0e0\"\u003e\u003ccode\u003e37b076b\u003c/code\u003e\u003c/a\u003e Support multiple result sets in ScriptUtils.executeSqlScript()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a9453a59594dfb547a3411135dce210f6f9b1588\"\u003e\u003ccode\u003ea9453a5\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/3781ba223ed76823b99e9c699e0957b391e22bf9\"\u003e\u003ccode\u003e3781ba2\u003c/code\u003e\u003c/a\u003e Optimize NIO path resolution in PathEditor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f11a1e6f827ed7c1bfb18b8318c1f60f2634fc83\"\u003e\u003ccode\u003ef11a1e6\u003c/code\u003e\u003c/a\u003e Polish tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/ffc785471bbe579aaef282720baef00a44d46435\"\u003e\u003ccode\u003effc7854\u003c/code\u003e\u003c/a\u003e Fix checkstyle error\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.2.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.shiro:shiro-core` from 1.8.0 to 1.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/shiro/releases\"\u003eorg.apache.shiro:shiro-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Shiro 1.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump spring.version from 5.3.28 to 5.3.29 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1008\"\u003eapache/shiro#1008\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.13 to 2.7.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1017\"\u003eapache/shiro#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.google.guava:guava from 32.1.1-jre to 32.1.2-jre by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1024\"\u003eapache/shiro#1024\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.owasp:dependency-check-maven from 8.3.1 to 8.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1038\"\u003eapache/shiro#1038\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.mockito:mockito-core from 5.4.0 to 5.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1041\"\u003eapache/shiro#1041\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.codehaus.groovy:groovy from 2.5.22 to 2.5.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1040\"\u003eapache/shiro#1040\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.14 to 2.7.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1047\"\u003eapache/shiro#1047\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 3.5.3 to 3.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1045\"\u003eapache/shiro#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump jetty.version from 9.4.51.v20230217 to 9.4.52.v20230823 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1051\"\u003eapache/shiro#1051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.easymock:easymock from 5.1.0 to 5.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1055\"\u003eapache/shiro#1055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.17.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1063\"\u003eapache/shiro#1063\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 3.6.0 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1064\"\u003eapache/shiro#1064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring.version from 5.3.29 to 5.3.30 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1072\"\u003eapache/shiro#1072\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.0 to 2.16.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1075\"\u003eapache/shiro#1075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.15 to 2.7.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1080\"\u003eapache/shiro#1080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.3 to 0.18.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1084\"\u003eapache/shiro#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.0.0 to 4.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1087\"\u003eapache/shiro#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.mycila:license-maven-plugin from 4.2 to 4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1090\"\u003eapache/shiro#1090\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 3.0.0 to 3.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1093\"\u003eapache/shiro#1093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.0 to 0.18.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1094\"\u003eapache/shiro#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.mockito:mockito-core from 5.5.0 to 5.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1106\"\u003eapache/shiro#1106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump jetty.version from 9.4.52.v20230823 to 9.4.53.v20231009 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1110\"\u003eapache/shiro#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.google.guava:guava from 32.1.2-jre to 32.1.3-jre by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1112\"\u003eapache/shiro#1112\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1113\"\u003eapache/shiro#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.1.0 to 4.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1116\"\u003eapache/shiro#1116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.1 to 0.18.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1119\"\u003eapache/shiro#1119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDisable dependency convergence report by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/933\"\u003eapache/shiro#933\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.16 to 2.7.17 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1122\"\u003eapache/shiro#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump jersey.version from 2.40 to 2.41 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1130\"\u003eapache/shiro#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix naming of WebContainer Tests/IT by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1123\"\u003eapache/shiro#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove dashboard-maven-plugin from build by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1124\"\u003eapache/shiro#1124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.owasp:dependency-check-maven from 8.4.0 to 8.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1134\"\u003eapache/shiro#1134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/apache/shiro/issues/1138\"\u003e#1138\u003c/a\u003e Upgrade to Common-cli 1.6.0 by \u003ca href=\"https://github.com/fpapon\"\u003e\u003ccode\u003e@​fpapon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1139\"\u003eapache/shiro#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkipping tests while running release by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1137\"\u003eapache/shiro#1137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/apache/shiro/issues/1140\"\u003e#1140\u003c/a\u003e Upgrade to Common-codec 1.16.0 by \u003ca href=\"https://github.com/fpapon\"\u003e\u003ccode\u003e@​fpapon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1141\"\u003eapache/shiro#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/apache/shiro/issues/1143\"\u003e#1143\u003c/a\u003e Upgrade to ASF pom parent 30 by \u003ca href=\"https://github.com/fpapon\"\u003e\u003ccode\u003e@​fpapon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1144\"\u003eapache/shiro#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.ibm.icu:icu4j from 73.2 to 74.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1148\"\u003eapache/shiro#1148\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/shiro/compare/shiro-root-1.12.0...shiro-root-1.13.0\"\u003ehttps://github.com/apache/shiro/compare/shiro-root-1.12.0...shiro-root-1.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eshiro-root-1.12.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump mockito-core from 4.9.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/645\"\u003eapache/shiro#645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump dependency-check-maven from 7.4.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/646\"\u003eapache/shiro#646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump htmlunit from 2.66.0 to 2.69.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/636\"\u003eapache/shiro#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3.2.0 to 3.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/631\"\u003eapache/shiro#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump easymock from 5.0.1 to 5.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/628\"\u003eapache/shiro#628\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/86819589b3fe4442f4ec1b1cf34e6113afbba73b\"\u003e\u003ccode\u003e8681958\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release shiro-root-1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/f4daf3a5095ed6c35e81aaf522d6e788d75d3b52\"\u003e\u003ccode\u003ef4daf3a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/apache/shiro/issues/1148\"\u003e#1148\u003c/a\u003e from apache/dependabot/maven/1.13.x/com.ibm.icu-icu4...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/02e1f669bf7a99a4059615647428977a83669174\"\u003e\u003ccode\u003e02e1f66\u003c/code\u003e\u003c/a\u003e build(deps): bump com.ibm.icu:icu4j from 73.2 to 74.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/d62387dc576a56a694f0353b3245a892f2f28835\"\u003e\u003ccode\u003ed62387d\u003c/code\u003e\u003c/a\u003e Add tests for SavedRequest redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/3b80f5c8e5a95ba31e92e4825ecc0ba3148b555a\"\u003e\u003ccode\u003e3b80f5c\u003c/code\u003e\u003c/a\u003e The InvalidRequestFilter is more flexible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/443135bf8b2ee960b25c93c5d9619c4aa8c15830\"\u003e\u003ccode\u003e443135b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[maven-release-plugin] prepare release shiro-root-1.13.0\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/208e0b89288b8714410b28ca3d2aefd1cb748bce\"\u003e\u003ccode\u003e208e0b8\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[maven-release-plugin] prepare for next development iteration\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/e4c217c40fec439217daba4bb6e31811b4af360a\"\u003e\u003ccode\u003ee4c217c\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/fb469762d32cf2fbaaa3f296475e50680c384961\"\u003e\u003ccode\u003efb46976\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release shiro-root-1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/4e71c79d08eed140791abb8691f3de9c3c5a1acc\"\u003e\u003ccode\u003e4e71c79\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/apache/shiro/issues/1144\"\u003e#1144\u003c/a\u003e from fpapon/SHIRO-1143\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/shiro/compare/shiro-root-1.8.0...shiro-root-1.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.2.3.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.2.3.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.pebbletemplates:pebble` from 3.1.5 to 3.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PebbleTemplates/pebble/releases\"\u003eio.pebbletemplates:pebble's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.2.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/005e1af80b4501c26acde63093e2ebf138b1ae4c\"\u003e\u003ccode\u003e005e1af\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/6cb1a88d556386acb8fd352c3e25599a54594b24\"\u003e\u003ccode\u003e6cb1a88\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release v3.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/a824b047377a44c4d6d0eaee21f1279c352e449f\"\u003e\u003ccode\u003ea824b04\u003c/code\u003e\u003c/a\u003e Slow VM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/9e218a0d4eb7bee4843901e82ca245383831bf93\"\u003e\u003ccode\u003e9e218a0\u003c/code\u003e\u003c/a\u003e Add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/6c76a54cfff2f5e699349e37ce2b722e10563e2f\"\u003e\u003ccode\u003e6c76a54\u003c/code\u003e\u003c/a\u003e Buy me a coffee\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/84abcf052e895c5f1819b71c979264ed06040ee3\"\u003e\u003ccode\u003e84abcf0\u003c/code\u003e\u003c/a\u003e Fix the problem of unit test failure under JDK 21 (\u003ca href=\"https://redirect.github.com/PebbleTemplates/pebble/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/4105d2c3c80fe4c2048dcf4782f992a3fc20026d\"\u003e\u003ccode\u003e4105d2c\u003c/code\u003e\u003c/a\u003e Fix the problem of not resolving reactive values in models (\u003ca href=\"https://redirect.github.com/PebbleTemplates/pebble/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/948362bfce9c6f939b8d4815c583e3bb7fc7a801\"\u003e\u003ccode\u003e948362b\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/a7f89e37bb52749cc3d58c524318833e65b78770\"\u003e\u003ccode\u003ea7f89e3\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release v3.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/d5bcd3528f38b2a6547673a04f517b3f486c3653\"\u003e\u003ccode\u003ed5bcd35\u003c/code\u003e\u003c/a\u003e Update nexus plugin for release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PebbleTemplates/pebble/compare/3.1.5...3.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/PeezoslugOG/codeql/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/PeezoslugOG/codeql/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/PeezoslugOG%2Fcodeql/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"2744337968","node_id":"PR_kwDOM6hIp86jk0Yw","number":2,"state":"open","title":"Bump the maven group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-13T23:08:27.000Z","updated_at":"2025-08-13T23:08:28.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":16,"packages":[{"name":"com.google.code.gson:gson","old_version":"1.7.2","new_version":"2.8.9","repository_url":"https://github.com/google/gson"},{"name":"com.google.guava:guava","old_version":"31.1-jre","new_version":"32.0.0-jre","repository_url":"https://github.com/google/guava"},{"name":"com.rabbitmq:amqp-client","old_version":"5.17.0","new_version":"5.18.0","repository_url":"https://github.com/rabbitmq/rabbitmq-java-client"},{"name":"com.thoughtworks.xstream:xstream","old_version":"1.4.20","new_version":"1.4.21","repository_url":"https://github.com/x-stream/xstream"},{"name":"commons-io:commons-io","old_version":"2.8.0","new_version":"2.14.0"},{"name":"commons-net:commons-net","old_version":"3.7.2","new_version":"3.9.0"},{"name":"com.mysql:mysql-connector-j","old_version":"8.0.33","new_version":"8.2.0","repository_url":"https://github.com/mysql/mysql-connector-j"},{"name":"org.apache.commons:commons-lang3","old_version":"3.11","new_version":"3.18.0"},{"name":"org.apache.kafka:kafka-clients","old_version":"2.7.0","new_version":"3.9.1"},{"name":"org.apache.tomcat.embed:tomcat-embed-core","old_version":"10.0.22","new_version":"10.1.42"},{"name":"org.eclipse.jetty:jetty-servlets","old_version":"9.4.51.v20230217","new_version":"9.4.54.v20240208"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.springframework:spring-context","old_version":"5.3.26","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.testng:testng","old_version":"7.1.0","new_version":"7.5.1","repository_url":"https://github.com/cbeust/testng"},{"name":"com.puppycrawl.tools:checkstyle","old_version":"8.18","new_version":"11.0.0","repository_url":"https://github.com/checkstyle/checkstyle"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [com.google.code.gson:gson](https://github.com/google/gson) | `1.7.2` | `2.8.9` |\n| [com.google.guava:guava](https://github.com/google/guava) | `31.1-jre` | `32.0.0-jre` |\n| [com.rabbitmq:amqp-client](https://github.com/rabbitmq/rabbitmq-java-client) | `5.17.0` | `5.18.0` |\n| [com.thoughtworks.xstream:xstream](https://github.com/x-stream/xstream) | `1.4.20` | `1.4.21` |\n| commons-io:commons-io | `2.8.0` | `2.14.0` |\n| commons-net:commons-net | `3.7.2` | `3.9.0` |\n| [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j) | `8.0.33` | `8.2.0` |\n| org.apache.commons:commons-lang3 | `3.11` | `3.18.0` |\n| org.apache.kafka:kafka-clients | `2.7.0` | `3.9.1` |\n| org.apache.tomcat.embed:tomcat-embed-core | `10.0.22` | `10.1.42` |\n| org.eclipse.jetty:jetty-servlets | `9.4.51.v20230217` | `9.4.54.v20240208` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.6.0.0` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.26` | `6.1.20` |\n| [org.testng:testng](https://github.com/cbeust/testng) | `7.1.0` | `7.5.1` |\n| [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) | `8.18` | `11.0.0` |\n\n\nUpdates `com.google.code.gson:gson` from 1.7.2 to 2.8.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/gson/releases\"\u003ecom.google.code.gson:gson's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGson 2.8.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake OSGi bundle's dependency on \u003ccode\u003esun.misc\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/issues/1993\"\u003e#1993\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eGson.excluder()\u003c/code\u003e exposing internal \u003ccode\u003eExcluder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/issues/1986\"\u003e#1986\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePrevent Java deserialization of internal classes (\u003ca href=\"https://redirect.github.com/google/gson/issues/1991\"\u003e#1991\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove number strategy implementation (\u003ca href=\"https://redirect.github.com/google/gson/issues/1987\"\u003e#1987\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix LongSerializationPolicy null handling being inconsistent with Gson (\u003ca href=\"https://redirect.github.com/google/gson/issues/1990\"\u003e#1990\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eSupport arbitrary Number implementation for Object and Number deserialization (\u003ca href=\"https://redirect.github.com/google/gson/issues/1290\"\u003e#1290\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBump proguard-maven-plugin from 2.4.0 to 2.5.1 (\u003ca href=\"https://redirect.github.com/google/gson/issues/1980\"\u003e#1980\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDon't exclude static local classes (\u003ca href=\"https://redirect.github.com/google/gson/issues/1969\"\u003e#1969\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRuntimeTypeAdapterFactory\u003c/code\u003e depending on internal \u003ccode\u003eStreams\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/issues/1959\"\u003e#1959\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove Maven build (\u003ca href=\"https://redirect.github.com/google/gson/issues/1964\"\u003e#1964\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMake dependency on \u003ccode\u003ejava.sql\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/issues/1707\"\u003e#1707\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGson 2.8.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed issue with recursive types (\u003ca href=\"https://redirect.github.com/google/gson/issues/1390\"\u003e#1390\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBetter behaviour with Java 9+ and \u003ccode\u003eUnsafe\u003c/code\u003e if there is a security manager (\u003ca href=\"https://redirect.github.com/google/gson/issues/1712\"\u003e#1712\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnumTypeAdapter\u003c/code\u003e now works better when ProGuard has obfuscated enum fields (\u003ca href=\"https://redirect.github.com/google/gson/issues/1495\"\u003e#1495\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/gson/blob/main/CHANGELOG.md\"\u003ecom.google.code.gson:gson's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.8.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake OSGi bundle's dependency on \u003ccode\u003esun.misc\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/pull/1993\"\u003egoogle/gson#1993\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eGson.excluder()\u003c/code\u003e exposing internal \u003ccode\u003eExcluder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/pull/1986\"\u003egoogle/gson#1986\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePrevent Java deserialization of internal classes (\u003ca href=\"https://redirect.github.com/google/gson/pull/1991\"\u003egoogle/gson#1991\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove number strategy implementation (\u003ca href=\"https://redirect.github.com/google/gson/pull/1987\"\u003egoogle/gson#1987\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix LongSerializationPolicy null handling being inconsistent with Gson (\u003ca href=\"https://redirect.github.com/google/gson/pull/1990\"\u003egoogle/gson#1990\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eSupport arbitrary Number implementation for Object and Number deserialization (\u003ca href=\"https://redirect.github.com/google/gson/pull/1290\"\u003egoogle/gson#1290\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBump proguard-maven-plugin from 2.4.0 to 2.5.1 (\u003ca href=\"https://redirect.github.com/google/gson/pull/1980\"\u003egoogle/gson#1980\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDon't exclude static local classes (\u003ca href=\"https://redirect.github.com/google/gson/pull/1969\"\u003egoogle/gson#1969\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRuntimeTypeAdapterFactory\u003c/code\u003e depending on internal \u003ccode\u003eStreams\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/pull/1959\"\u003egoogle/gson#1959\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove Maven build (\u003ca href=\"https://redirect.github.com/google/gson/pull/1964\"\u003egoogle/gson#1964\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMake dependency on \u003ccode\u003ejava.sql\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/pull/1707\"\u003egoogle/gson#1707\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed issue with recursive types (\u003ca href=\"https://redirect.github.com/google/gson/issues/1390\"\u003egoogle/gson#1390\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBetter behaviour with Java 9+ and \u003ccode\u003eUnsafe\u003c/code\u003e if there is a security manager (\u003ca href=\"https://redirect.github.com/google/gson/pull/1712\"\u003egoogle/gson#1712\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnumTypeAdapter\u003c/code\u003e now works better when ProGuard has obfuscated enum fields (\u003ca href=\"https://redirect.github.com/google/gson/pull/1495\"\u003egoogle/gson#1495\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eISO8601UtilsTest\u003c/code\u003e failing on systems with UTC+X.\u003c/li\u003e\n\u003cli\u003eImproved javadoc for \u003ccode\u003eJsonStreamParser\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated proguard.cfg (\u003ca href=\"https://redirect.github.com/google/gson/pull/1693\"\u003egoogle/gson#1693\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eIllegalStateException\u003c/code\u003e in \u003ccode\u003eJsonTreeWriter\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/google/gson/issues/1592\"\u003egoogle/gson#1592\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eJsonArray.isEmpty()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/google/gson/pull/1640\"\u003egoogle/gson#1640\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded new test cases (\u003ca href=\"https://redirect.github.com/google/gson/pull/1638\"\u003egoogle/gson#1638\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed OSGi metadata generation to work on JavaSE \u0026lt; 9 (\u003ca href=\"https://redirect.github.com/google/gson/pull/1603\"\u003egoogle/gson#1603\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.6\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2019-10-04\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.5...gson-parent-2.8.6\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded static methods \u003ccode\u003eJsonParser.parseString\u003c/code\u003e and \u003ccode\u003eJsonParser.parseReader\u003c/code\u003e and deprecated instance method \u003ccode\u003eJsonParser.parse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eJava 9 module-info support\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.5\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2018-05-21\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.4...gson-parent-2.8.5\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrint Gson version while throwing AssertionError and IllegalArgumentException\u003c/li\u003e\n\u003cli\u003eMoved \u003ccode\u003eutils.VersionUtils\u003c/code\u003e class to \u003ccode\u003einternal.JavaVersion\u003c/code\u003e. This is a potential backward incompatible change from 2.8.4\u003c/li\u003e\n\u003cli\u003eFixed issue \u003ca href=\"https://redirect.github.com/google/gson/issues/1310\"\u003egoogle/gson#1310\u003c/a\u003e by supporting Debian Java 9\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2018-05-01\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.3...gson-parent-2.8.4\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a new FieldNamingPolicy, \u003ccode\u003eLOWER_CASE_WITH_DOTS\u003c/code\u003e that mapps JSON name \u003ccode\u003esomeFieldName\u003c/code\u003e to \u003ccode\u003esome.field.name\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed issue \u003ca href=\"https://redirect.github.com/google/gson/issues/1305\"\u003egoogle/gson#1305\u003c/a\u003e by removing compile/runtime dependency on \u003ccode\u003esun.misc.Unsafe\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2018-04-27\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.2...gson-parent-2.8.3\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a new API, \u003ccode\u003eGsonBuilder.newBuilder()\u003c/code\u003e that clones the current builder\u003c/li\u003e\n\u003cli\u003ePreserving DateFormatter behavior on JDK 9\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/6a368d89da37917be7714c3072b8378f4120110a\"\u003e\u003ccode\u003e6a368d8\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release gson-parent-2.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/ba96d53bad35f7466073f14cb3d89d09383e1a2d\"\u003e\u003ccode\u003eba96d53\u003c/code\u003e\u003c/a\u003e Fix missing bounds checks for JsonTreeReader.getPath() (\u003ca href=\"https://redirect.github.com/google/gson/issues/2001\"\u003e#2001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/ca1df7f7e09f6b1a763882029dd7057f475b31de\"\u003e\u003ccode\u003eca1df7f\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/gson/issues/1981\"\u003e#1981\u003c/a\u003e: Optional OSGi bundle's dependency on sun.misc package (\u003ca href=\"https://redirect.github.com/google/gson/issues/1993\"\u003e#1993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/c54caf308c3f7d4a6088cf3085c2caa9617e0458\"\u003e\u003ccode\u003ec54caf3\u003c/code\u003e\u003c/a\u003e Deprecate \u003ccode\u003eGson.excluder()\u003c/code\u003e exposing internal \u003ccode\u003eExcluder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/issues/1986\"\u003e#1986\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/e6fae590cf2a758c47cd5a17f9bf3780ce62c986\"\u003e\u003ccode\u003ee6fae59\u003c/code\u003e\u003c/a\u003e Prevent Java deserialization of internal classes (\u003ca href=\"https://redirect.github.com/google/gson/issues/1991\"\u003e#1991\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/bda2e3d16af776e0f607d56bbab6eac22f8f2d58\"\u003e\u003ccode\u003ebda2e3d\u003c/code\u003e\u003c/a\u003e Improve number strategy implementation (\u003ca href=\"https://redirect.github.com/google/gson/issues/1987\"\u003e#1987\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/cd748df7122ea4260d35dfe90cfab0c079a1504d\"\u003e\u003ccode\u003ecd748df\u003c/code\u003e\u003c/a\u003e Fix LongSerializationPolicy null handling being inconsistent with Gson (\u003ca href=\"https://redirect.github.com/google/gson/issues/1990\"\u003e#1990\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/fe30b85224316cabf19f5dd3223843437c297802\"\u003e\u003ccode\u003efe30b85\u003c/code\u003e\u003c/a\u003e Support arbitrary Number implementation for Object and Number deserialization...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/1cc16274235f89650349884dd04760bf15a95d96\"\u003e\u003ccode\u003e1cc1627\u003c/code\u003e\u003c/a\u003e Fix incorrect feature request template label (\u003ca href=\"https://redirect.github.com/google/gson/issues/1982\"\u003e#1982\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/7b9a283a7a5d66878c9be01227b15e631afe2a5a\"\u003e\u003ccode\u003e7b9a283\u003c/code\u003e\u003c/a\u003e Bump bnd-maven-plugin from 5.3.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/google/gson/issues/1985\"\u003e#1985\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/gson/compare/gson-1.7.2...gson-parent-2.8.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e32.0.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n  \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\n  \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\n  \u0026lt;version\u0026gt;32.0.0-jre\u0026lt;/version\u0026gt;\n  \u0026lt;!-- or, for Android: --\u0026gt;\n  \u0026lt;version\u0026gt;32.0.0-android\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-jre/guava-32.0.0-jre.jar\"\u003e32.0.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-android/guava-32.0.0-android.jar\"\u003e32.0.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca href=\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone runtime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar\"\u003efailureaccess-1.0.1.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/docs/\"\u003e32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/docs/\"\u003e32.0.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/diffs/\"\u003e32.0.0-jre vs. 31.1-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/diffs/\"\u003e32.0.0-android vs. 31.1-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/androiddiffs/\"\u003e32.0.0-android vs. 32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003ch4\u003eSecurity fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReimplemented \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e to further address CVE-2020-8908 (\u003ca href=\"https://redirect.github.com/google/guava/issues/4011\"\u003e#4011\u003c/a\u003e) and CVE-2023-2976 (\u003ca href=\"https://redirect.github.com/google/guava/issues/2575\"\u003e#2575\u003c/a\u003e). (feb83a1c8f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eWhile CVE-2020-8908 was officially closed when we deprecated \u003ccode\u003eFiles.createTempDir\u003c/code\u003e in \u003ca href=\"https://github.com/google/guava/releases/tag/v30.0\"\u003eGuava 30.0\u003c/a\u003e, we've heard from users that even recent versions of Guava have been listed as vulnerable in \u003cem\u003eother\u003c/em\u003e databases of security vulnerabilities. In response, we've reimplemented the method (and the very rarely used \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e class, which had a similar issue) to eliminate the insecure behavior entirely. This change could technically affect users in a number of different ways (discussed under \u0026quot;Incompatible changes\u0026quot; below), but in practice, the only problem users are likely to encounter is with Windows. If you are using those APIs under Windows, you should skip 32.0.0 and go straight to \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e which fixes the problem. (Unfortunately, we didn't think of the Windows problem until after the release. And while we \u003ca href=\"https://github.com/google/guava#important-warnings\"\u003ewarn that \u003ccode\u003ecommon.io\u003c/code\u003e in particular may not work under Windows\u003c/a\u003e, we didn't intend to regress support.) Sorry for the trouble.\u003c/p\u003e\n\u003ch4\u003eIncompatible changes\u003c/h4\u003e\n\u003cp\u003eAlthough this release bumps Guava's major version number, it makes \u003cstrong\u003eno binary-incompatible changes to the \u003ccode\u003eguava\u003c/code\u003e artifact\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eOne change could cause issues for Widows users, and a few other changes could cause issues for users in more usual situations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThe new implementations of \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e \u003ca href=\"https://redirect.github.com/google/guava/issues/6535\"\u003ethrow an exception under Windows\u003c/a\u003e.\u003c/strong\u003e This is fixed in \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e. Sorry for the trouble.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eguava-gwt\u003c/code\u003e now \u003ca href=\"https://redirect.github.com/google/guava/issues/6627\"\u003erequires\u003c/a\u003e GWT \u003ca href=\"https://github.com/gwtproject/gwt/releases/tag/2.10.0\"\u003e2.10.0\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThis release makes a binary-incompatible change to a \u003ccode\u003e@Beta\u003c/code\u003e API in the \u003cstrong\u003eseparate artifact\u003c/strong\u003e \u003ccode\u003eguava-testlib\u003c/code\u003e. Specifically, we changed the return type of \u003ccode\u003eTestingExecutors.sameThreadScheduledExecutor\u003c/code\u003e to \u003ccode\u003eListeningScheduledExecutorService\u003c/code\u003e. The old return type was a package-private class, which caused the Kotlin compiler to produce warnings. (dafaa3e435)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.rabbitmq:amqp-client` from 5.17.0 to 5.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/releases\"\u003ecom.rabbitmq:amqp-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.18.0\u003c/h2\u003e\n\u003ch1\u003eChanges between 5.17.0 and 5.18.0\u003c/h1\u003e\n\u003cp\u003eThis is a minor release with usability improvements and dependency upgrades. It is compatible with 5.17.x. All users of the 5.x.x series are encouraged to upgrade.\u003c/p\u003e\n\u003cp\u003eInbound message size is now enforced, with default limit being 64 MiB.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JHahnHRO\"\u003e\u003ccode\u003e@​JHahnHRO\u003c/code\u003e\u003c/a\u003e and Sérgio Faria (\u003ca href=\"https://github.com/sergio91pt\"\u003e\u003ccode\u003e@​sergio91pt\u003c/code\u003e\u003c/a\u003e) for their contribution.\u003c/p\u003e\n\u003ch2\u003eAdd ability to specify maximum message size\u003c/h2\u003e\n\u003cp\u003eGitHub issue: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1062\"\u003e#1062\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDo not confirmSelect more than once per channel\u003c/h2\u003e\n\u003cp\u003eGitHub PR: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1057\"\u003e#1057\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eMake RpcClient (Auto)Closeable\u003c/h2\u003e\n\u003cp\u003eGitHub issue: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1032\"\u003e#1032\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBump dependencies\u003c/h2\u003e\n\u003cp\u003eGitHub issue: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/999\"\u003e#999\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eDependency\u003c/h1\u003e\n\u003ch2\u003eMaven\u003c/h2\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n  \u0026lt;groupId\u0026gt;com.rabbitmq\u0026lt;/groupId\u0026gt;\n  \u0026lt;artifactId\u0026gt;amqp-client\u0026lt;/artifactId\u0026gt;\n  \u0026lt;version\u0026gt;5.18.0\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eGradle\u003c/h2\u003e\n\u003cpre lang=\"groovy\"\u003e\u003ccode\u003ecompile 'com.rabbitmq:amqp-client:5.18.0'\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev5.17.1\u003c/h2\u003e\n\u003ch1\u003eChanges between 5.17.0 and 5.17.1\u003c/h1\u003e\n\u003cp\u003eThis is a minor release with a usability improvement. It is compatible with 5.17.0.\u003c/p\u003e\n\u003cp\u003eInbound message size is now enforced, with the default limit being 64 MiB.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/dcc284ee1b199057a1094055b7eac597539c9942\"\u003e\u003ccode\u003edcc284e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release v5.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/75d1d1eb2d365f5a8f0fbc1ff5408f3dd706f4ec\"\u003e\u003ccode\u003e75d1d1e\u003c/code\u003e\u003c/a\u003e Set release version to 5.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/dc7952eaa41feba4c616ffbeb47d99974d16f2dc\"\u003e\u003ccode\u003edc7952e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1064\"\u003e#1064\u003c/a\u003e from rabbitmq/dependabot/maven/5.x.x-stable/org.mock...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/e2fa38f0d8c985a539bdee3a3d40d401a7141a55\"\u003e\u003ccode\u003ee2fa38f\u003c/code\u003e\u003c/a\u003e Bump mockito-core from 5.3.1 to 5.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/04f1801ae6eaac10af7bf802c8fb7065284624e6\"\u003e\u003ccode\u003e04f1801\u003c/code\u003e\u003c/a\u003e Tweak error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8\"\u003e\u003ccode\u003e714aae6\u003c/code\u003e\u003c/a\u003e Add max inbound message size to ConnectionFactory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/83cf551fb0142f7a5d042bd54e0cf3c1e47ed419\"\u003e\u003ccode\u003e83cf551\u003c/code\u003e\u003c/a\u003e Fix flaky test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/0dc9ea2e464158685cd206e35cb52105c156a64c\"\u003e\u003ccode\u003e0dc9ea2\u003c/code\u003e\u003c/a\u003e Do not confirmSelect more than once per channel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/129dc6abb0cbc36b36cdb6f3d5915f470203277f\"\u003e\u003ccode\u003e129dc6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1060\"\u003e#1060\u003c/a\u003e from rabbitmq/dependabot/maven/5.x.x-stable/io.micro...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/671efdcb1adbed4242ce0c954874eeef0d3de0ad\"\u003e\u003ccode\u003e671efdc\u003c/code\u003e\u003c/a\u003e Bump micrometer-core from 1.11.0 to 1.11.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/compare/v5.17.0...v5.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.thoughtworks.xstream:xstream` from 1.4.20 to 1.4.21\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/x-stream/xstream/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.8.0 to 2.14.0\n\nUpdates `commons-net:commons-net` from 3.7.2 to 3.9.0\n\nUpdates `com.mysql:mysql-connector-j` from 8.0.33 to 8.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGES\"\u003ecom.mysql:mysql-connector-j's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://dev.mysql.com/doc/relnotes/connector-j/en/\"\u003ehttps://dev.mysql.com/doc/relnotes/connector-j/en/\u003c/a\u003e\u003c/h1\u003e\n\u003cp\u003eVersion 9.4.0\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#116120 (Bug#37079448), Inappropriate charset selected for connection when jdk.charsets not included.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#98620 (Bug#31503893), Using DatabaseMetaData.getColumns() gives collation mix error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118389 (Bug#38044940), OCI ephemeral keys not working after change in OCI CLI.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#22473405, GETOBJECT(STRING , CLASS\u003c!-- raw HTML omitted --\u003e) METHOD RETURNS ERROR FOR POOLED CONNECTION.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWL#17009, Upgrade 3rd party libraries and tools.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118201 (Bug#37971552), A potential bug in Mysql Connector/J.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#44791 (Bug#11753361), Setting/getting holdability on connection does not work properly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#21294134, DBMD.GETPROCEDURECOLUMNS() IS UNABLE TO DEAL WITH PROCEDURE COLUMNS WITH SPACES.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#77658 (Bug#21946136), Incorrect java.sql.Statement.cancel() behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118100 (Bug#37900711), \u003ccode\u003eYou have an error in your SQL syntax\u003c/code\u003e exception thrown after \u003ccode\u003emysql-connector-j\u003c/code\u003e \u003ccode\u003e9.2.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.3.0\u003c/code\u003e upgrade.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118079 (Bug#37888527), An output message error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#117579 (Bug#37639722), Contribution: Return UUID from ResultSet#getObject().\nThanks to Iwao Abe for his contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#20279578, REGISTEROUTPARAMETER() FAILS WHEN PROCEDURE NAME CONTAINS SOME SPECIAL CHARACTER.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#109339 (Bug#34898663), Failed to insert bignums due to overflow.\nThanks to Yohei Ueki for his contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#77766 (Bug#21503942), CallableStatement.getObject have inconsistent behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWL#16917, Remove IterateBlock class.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#117873 (Bug#37785888), Time instances created from negative milliseconds are encoded without fractional seconds.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#115845 (Bug#36954268), Contribution: Set correct OTel Span name for transaction commits.\nThanks to Willem Fibbe for his contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#75615 (Bug#21181249), Incorrect implementation of Connection.setNetworkTimeout().\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#75441 (Bug#20344798), com.mysql.jdbc.CallableStatement.extractProcedureName fragile.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#19948601, UNEXPECTED BEHAVIOUR NOTICED WITH FEW OF THE MYSQL C/JAVA CONNECTION PARAMETERS.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/06a1f724497fd81c6a659131fda822c9e5085b6c\"\u003e\u003ccode\u003e06a1f72\u003c/code\u003e\u003c/a\u003e Fix for Bug#35811592, Missing implementation for Connection.releaseSavepoint().\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/9df3820b2b63d727bf5157e2732f58e7ce9a28fc\"\u003e\u003ccode\u003e9df3820\u003c/code\u003e\u003c/a\u003e Update for GPL license book.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/ff822cfe1bb6a57526f1d76db61a983ba8ecaa43\"\u003e\u003ccode\u003eff822cf\u003c/code\u003e\u003c/a\u003e Fix for tests failing due to expecting unsupported TLS versions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/429db0004e750a9e2f9f0134342b091d473051d7\"\u003e\u003ccode\u003e429db00\u003c/code\u003e\u003c/a\u003e Fix for test SecureSessionTest.testXdevapiTlsVersionsAndCiphersuites() failur...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/d52033a67f0cda0baafbf32555d063c57813d1eb\"\u003e\u003ccode\u003ed52033a\u003c/code\u003e\u003c/a\u003e Fix for tests failing due to using unsupported cipher suites in MySQL 5.7.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/e18e626c53dc5b2afaab9aabd0af199d000a469e\"\u003e\u003ccode\u003ee18e626\u003c/code\u003e\u003c/a\u003e Fix for tests failing due to using deprecated cipher suites.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/4f70ec3e4e115166ad5e1058cf1802995c722dcb\"\u003e\u003ccode\u003e4f70ec3\u003c/code\u003e\u003c/a\u003e Fix for Bug#91351 (Bug#28225464), MysqlConnectionPoolDataSource - autocommit ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/71e4c6b08ccec2911cfbdd114cd1178df7d398f0\"\u003e\u003ccode\u003e71e4c6b\u003c/code\u003e\u003c/a\u003e Fix for property description 'ConnectionProperties.treatMysqlDatetimeAsTimest...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/bae6356c0f924cddeb4cc40e0b1b7438d37e900c\"\u003e\u003ccode\u003ebae6356\u003c/code\u003e\u003c/a\u003e Fix for property description 'ConnectionProperties.authenticationPlugins'.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/5701086339834c86fd92ab60d29d31a8bbe356f3\"\u003e\u003ccode\u003e5701086\u003c/code\u003e\u003c/a\u003e GPL license book update.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mysql/mysql-connector-j/compare/8.0.33...8.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.11 to 3.18.0\n\nUpdates `org.apache.kafka:kafka-clients` from 2.7.0 to 3.9.1\n\nUpdates `org.apache.tomcat.embed:tomcat-embed-core` from 10.0.22 to 10.1.42\n\nUpdates `org.eclipse.jetty:jetty-servlets` from 9.4.51.v20230217 to 9.4.54.v20240208\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 5.3.26 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.26...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 5.3.26 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.26...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.testng:testng` from 7.1.0 to 7.5.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cbeust/testng/releases\"\u003eorg.testng:testng's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTestNG v7.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCherrypick Zip Slip Vulnerability to 7.5 release by \u003ca href=\"https://github.com/prashil-g\"\u003e\u003ccode\u003e@​prashil-g\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cbeust/testng/pull/2899\"\u003ecbeust/testng#2899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prashil-g\"\u003e\u003ccode\u003e@​prashil-g\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cbeust/testng/pull/2899\"\u003ecbeust/testng#2899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cbeust/testng/compare/7.5...7.5.1\"\u003ehttps://github.com/cbeust/testng/compare/7.5...7.5.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/testng-team/testng/blob/master/CHANGES.txt\"\u003eorg.testng:testng's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eCurrent (7.12.0)\nFixed: GITHUB-3227: assertEqualsNoOrder false positive when collection has same size and actual Collection is subset of expected collection (Krishnan Mahadevan)\nFixed: GITHUB-3177: Method org.testng.xml.XmlSuite#toXml do not save new properties like \u0026quot;share-thread-pool-for-data-providers\u0026quot; (Krishnan Mahadevan)\nFixed: GITHUB-3179: ClassCastException when use shouldUseGlobalThreadPool(true) property (Krishnan Mahadevan)\nFixed: GITHUB-2765: Test timeouts using existing Executor now propagate the stack trace to the ThreadTimeoutException (Charlie Hayes)\u003c/p\u003e\n\u003cp\u003e7.11.0\nFixed: GITHUB-3180: TestNG testng-failed.xml 'invocation-numbers' values are not calculated correctly with retry and dataproviders (Krishnan Mahadevan)\nFixed: GITHUB-3170: Specifying dataProvider and successPercentage causes test to always pass (Krishnan Mahadevan)\nFixed: GITHUB-3028: Execution stalls when using \u0026quot;use-global-thread-pool\u0026quot; (Krishnan Mahadevan)\nFixed: GITHUB-3122: Update JCommander to 1.83 (Antoine Dessaigne)\nFixed: GITHUB-3135: assertEquals on arrays - Failure message is missing information about the array index when an array element is unexpectedly null or non-null (Albert Choi)\nFixed: GITHUB-3140: assertEqualsDeep on Sets - Deep comparison was using the wrong expected value\nFixed: GITHUB-3189: Incorrect number of ignored tests displayed in the XML results\nFixed: GITHUB-3196: support to execlude somes tests in option of command line\u003c/p\u003e\n\u003cp\u003e7.10.2\nFixed: GITHUB-3117: ListenerComparator doesn't work (Krishnan Mahadevan)\u003c/p\u003e\n\u003cp\u003e7.10.1\nFixed: GITHUB-3110: Update from testng 7.9.0 to 7.10.0 break maven build with junit5 (Krishnan Mahadevan)\u003c/p\u003e\n\u003cp\u003e7.10.0\nFixed: GITHUB-3000: Method predecessors lookup and/or method sorting is broken in certain inheritance and naming setups (Krishnan Mahadevan)\nFixed: GITHUB-3095: Super class annotated with ITestNGListenerFactory makes derived test class throw TestNGException on execution (Krishnan Mahadevan)\nFixed: GITHUB-3081: Discrepancy with combination of (Shared Thread pool and Method Interceptor) (Krishnan Mahadevan)\nFixed: GITHUB-2381: Controlling the inclusion of the listener at runtime (Krishnan Mahadevan)\nFixed: GITHUB-3082: IInvokedMethodListener Iinvoked method does not return correct instance during \u003ca href=\"https://github.com/BeforeMethod\"\u003e\u003ccode\u003e@​BeforeMethod\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/AfterMethod\"\u003e\u003ccode\u003e@​AfterMethod\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AfterClass\"\u003e\u003ccode\u003e@​AfterClass\u003c/code\u003e\u003c/a\u003e (Krishnan Mahadevan)\nFixed: GITHUB-3084: Document project's PGP artifact signing keys (Krishnan Mahadevan)\nFixed: GITHUB-3079: Associate a unique id with every test class object instantiated by TestNG (Krishnan Mahadevan)\nFixed: GITHUB-3040: replace the usages of synchronized with ReentrantLock (Krishnan Mahadevan)\nFixed: GITHUB-3041: TestNG 7.x DataProvider works in opposite to TestNG 6.x when retrying tests. (Krishnan Mahadevan)\nFixed: GITHUB-3066: How to dynamically adjust the number of TestNG threads after IExecutorFactory is deprecated? (Krishnan Mahadevan)\nNew:   GITHUB-2874: Allow users to define ordering for TestNG listeners (Krishnan Mahadevan)\nFixed: GITHUB-3033: Moved ant support under own repository \u003ca href=\"https://github.com/testng-team/testng-ant\"\u003ehttps://github.com/testng-team/testng-ant\u003c/a\u003e (Julien Herr)\nFixed: GITHUB-3064: TestResult lost if failure creating RetryAnalyzer (Krishnan Mahadevan)\nFixed: GITHUB-3048: ConcurrentModificationException when injecting values (Krishnan Mahadevan)\nFixed: GITHUB-3050: Race condition when creating Guice Modules (Krishnan Mahadevan)\nFixed: GITHUB-3059: Support the ability to inject custom listener factory (Krishnan Mahadevan)\nFixed: GITHUB-3045: IDataProviderListener - beforeDataProviderExecution and afterDataProviderExecution are called twice in special setup (Krishnan Mahadevan)\nFixed: GITHUB-3038: java.lang.IllegalStateException: Results per method should NOT have been empty (Krishnan Mahadevan)\nFixed: GITHUB-3022: Remove deprecated JUnit related support in TestNG (Krishnan Mahadevan)\u003c/p\u003e\n\u003cp\u003e7.9.0\nFixed: GITHUB-2019: Total thread count in testng parallel tests with dataproviders (Krishnan Mahadevan)\nFixed: GITHUB-3006: ITestResult injected at \u003ca href=\"https://github.com/AfterMethod\"\u003e\u003ccode\u003e@​AfterMethod\u003c/code\u003e\u003c/a\u003e incorrect when a configuration method failed (Krishnan Mahadevan)\nFixed: GITHUB-2980: Data Provider Threads configuration in the suite don't match the documentation (Krishnan Mahadevan)\nFixed: GITHUB-3003: BeforeClass|AfterClass with inheritedGroups triggers cyclic dependencies (Krishnan Mahadevan)\nNew:   Added \u003ca href=\"https://github.com/Inherited\"\u003e\u003ccode\u003e@​Inherited\u003c/code\u003e\u003c/a\u003e to the Listeners annotation, allowing it to be used in forming meta-annotations. (Pavlo Glushchenko)\nFixed: GITHUB-2991: Suite attributes map should be thread safe (Krishnan Mahadevan)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cbeust/testng/commits/7.5.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.puppycrawl.tools:checkstyle` from 8.18 to 11.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/checkstyle/checkstyle/releases\"\u003ecom.puppycrawl.tools:checkstyle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003echeckstyle-11.0.0\u003c/h2\u003e\n\u003cp\u003eCheckstyle 11.0.0 - \u003ca href=\"https://checkstyle.org/releasenotes.html#Release_11.0.0\"\u003ehttps://checkstyle.org/releasenotes.html#Release_11.0.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eBreaking backward compatibility:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/13209\"\u003e#13209\u003c/a\u003e - Migrate project to JDK 17\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17321\"\u003e#17321\u003c/a\u003e - Use jdk17 as minimial required\u003c/p\u003e\n\u003cp\u003eNew:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17366\"\u003e#17366\u003c/a\u003e - FinalParameters - missing several tokens to check\u003c/p\u003e\n\u003cp\u003eBug fixes:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17332\"\u003e#17332\u003c/a\u003e - False positive from JavadocType: Unused \u003ccode\u003e@\u003c/code\u003eparam tag\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/8205\"\u003e#8205\u003c/a\u003e - fix all false-negatives about there is no single space between a type annotation and [] or .... for Google Style\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17158\"\u003e#17158\u003c/a\u003e - InvalidJavadocPosition false-positive for record compact constructor with package-private accessibility\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14291\"\u003e#14291\u003c/a\u003e - Escape sequences in TextBlock, IllegalTokenText module should violate them for Google style\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17193\"\u003e#17193\u003c/a\u003e - Google-style: Improper enforcement of horizontal whitespace for double slash \u003ccode\u003e//\u003c/code\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/a0745b152682f8dad7f0bac32d17e4d355ce19ef\"\u003e\u003ccode\u003ea0745b1\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release checkstyle-11.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/7ea982e5f9bbbc5f9cfc742c8ac0aa2abafd0c1d\"\u003e\u003ccode\u003e7ea982e\u003c/code\u003e\u003c/a\u003e doc: release notes for 11.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/bf67bad989f0ea9ee61a0516d9880e9a26b04bae\"\u003e\u003ccode\u003ebf67bad\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17269\"\u003e#17269\u003c/a\u003e: Changind Docker Script to latest groovy Image\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/1931995f97afe8065abed545f453befdc2c9cef8\"\u003e\u003ccode\u003e1931995\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented modifier package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/cb690d09debd060d4086edb1c99fe932ddc2e6ee\"\u003e\u003ccode\u003ecb690d0\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented metrics package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/4869fe56b5c3edc14f9c5f051b101b7bde5a2b95\"\u003e\u003ccode\u003e4869fe5\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented javadoc package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/77bf83e35f107ac9cbc4ee67ac298b6722d91f43\"\u003e\u003ccode\u003e77bf83e\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented indentation package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/0b012bae87dcf36cd54ce01b78f33d2791e3187f\"\u003e\u003ccode\u003e0b012ba\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented imports package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/6b0f6388f24c1049ba2ef66e7254c5fb052943f5\"\u003e\u003ccode\u003e6b0f638\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;minor: trim whitespaces after regression report comment\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/ed7df15f1212fdb85adbeb93a8c06223dedf8b78\"\u003e\u003ccode\u003eed7df15\u003c/code\u003e\u003c/a\u003e minor: trim whitespaces after regression report comment\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/checkstyle/checkstyle/compare/checkstyle-8.18...checkstyle-11.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/luci-digital/cloudstack/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/luci-digital/cloudstack/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/luci-digital%2Fcloudstack/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2738313291","node_id":"PR_kwDOE4PiQc6jN1hL","number":268,"state":"open","title":"build(deps): bump org.owasp.esapi:esapi from 2.5.1.0 to 2.7.0.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-12T09:07:15.000Z","updated_at":"2025-08-12T09:07:16.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.5.1.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.5.1.0 to 2.7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.1.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=gradle\u0026previous-version=2.5.1.0\u0026new-version=2.7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guidewire-oss/uaa/pull/268","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guidewire-oss%2Fuaa/issues/268","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/268/packages"},{"uuid":"2726454738","node_id":"PR_kwDOBErimM6igmXS","number":8310,"state":"closed","title":"Bump the all-maven-deps group across 3 directories with 62 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-07T15:53:31.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-07T05:10:48.000Z","updated_at":"2025-08-07T15:53:31.000Z","time_to_close":38563,"merged_at":"2025-08-07T15:53:31.000Z","merged_by":"sumerjabri","closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-maven-deps","update_count":62,"packages":[{"name":"org.springframework:spring-core","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-context","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-context-support","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-beans","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-expression","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-web","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-webmvc","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-tx","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-oxm","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-aop","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-jdbc","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-websocket","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-messaging","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-test","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework.security:spring-security-core","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-config","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-web","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-messaging","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-ldap","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.ldap:spring-ldap-core","old_version":"3.3.1","new_version":"3.3.2","repository_url":"https://github.com/spring-projects/spring-ldap"},{"name":"org.springframework.data:spring-data-commons","old_version":"3.5.1","new_version":"3.5.2","repository_url":"https://github.com/spring-projects/spring-data-commons"},{"name":"commons-codec:commons-codec","old_version":"1.18.0","new_version":"1.19.0","repository_url":"https://github.com/apache/commons-codec"},{"name":"org.apache.commons:commons-compress","old_version":"1.27.1","new_version":"1.28.0","repository_url":"https://github.com/apache/commons-compress"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxws","old_version":"4.1.2","new_version":"4.1.3"},{"name":"org.apache.cxf:cxf-rt-transports-http","old_version":"4.1.2","new_version":"4.1.3"},{"name":"org.apache.cxf:cxf-rt-ws-policy","old_version":"4.1.2","new_version":"4.1.3"},{"name":"commons-cli:commons-cli","old_version":"1.9.0","new_version":"1.10.0","repository_url":"https://github.com/apache/commons-cli"},{"name":"org.apache.commons:commons-text","old_version":"1.13.1","new_version":"1.14.0","repository_url":"https://github.com/apache/commons-text"},{"name":"org.owasp.esapi:esapi","old_version":"2.6.2.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"com.graphql-java:graphql-java","old_version":"24.1","new_version":"24.2","repository_url":"https://github.com/graphql-java/graphql-java"},{"name":"com.graphql-java:graphql-java-extended-scalars","old_version":"22.0","new_version":"24.0","repository_url":"https://github.com/graphql-java/graphql-java-extended-scalars"},{"name":"io.methvin:directory-watcher","old_version":"0.19.0","new_version":"0.19.1","repository_url":"https://github.com/gmethvin/directory-watcher"},{"name":"org.apache.tomcat:tomcat-jasper-el","old_version":"11.0.8","new_version":"11.0.10"},{"name":"org.apache.tomcat.embed:tomcat-embed-websocket","old_version":"11.0.8","new_version":"11.0.10"},{"name":"org.junit.jupiter:junit-jupiter-engine","old_version":"5.13.1","new_version":"5.13.4","repository_url":"https://github.com/junit-team/junit-framework"},{"name":"org.xmlunit:xmlunit-core","old_version":"2.10.2","new_version":"2.10.3","repository_url":"https://github.com/xmlunit/xmlunit"},{"name":"org.opensearch.client:opensearch-rest-high-level-client","old_version":"2.19.2","new_version":"2.19.3","repository_url":"https://github.com/opensearch-project/OpenSearch"},{"name":"org.opensearch.client:opensearch-java","old_version":"2.25.0","new_version":"2.26.0","repository_url":"https://github.com/opensearch-project/opensearch-java"},{"name":"org.apache.tika:tika-core","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/apache/tika"},{"name":"org.apache.tika:tika-parsers-standard-package","old_version":"3.2.0","new_version":"3.2.1"},{"name":"com.squareup.okhttp3:okhttp","old_version":"4.12.0","new_version":"5.1.0","repository_url":"https://github.com/square/okhttp"},{"name":"org.dom4j:dom4j","old_version":"2.1.4","new_version":"2.2.0","repository_url":"https://github.com/dom4j/dom4j"},{"name":"org.jsoup:jsoup","old_version":"1.20.1","new_version":"1.21.1","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.mariadb.jdbc:mariadb-java-client","old_version":"3.5.3","new_version":"3.5.4","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-j"},{"name":"net.sf.saxon:Saxon-HE","old_version":"12.7","new_version":"12.8"},{"name":"com.github.ben-manes.caffeine:caffeine","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/ben-manes/caffeine"},{"name":"de.flapdoodle.embed:de.flapdoodle.embed.mongo","old_version":"4.20.1","new_version":"4.21.0","repository_url":"https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo"},{"name":"com.icegreen:greenmail","old_version":"2.1.3","new_version":"2.1.4","repository_url":"https://github.com/greenmail-mail-test/greenmail"},{"name":"org.codehaus.gmavenplus:gmavenplus-plugin","old_version":"4.2.0","new_version":"4.2.1","repository_url":"https://github.com/groovy/GMavenPlus"},{"name":"org.apache.maven.plugins:maven-gpg-plugin","old_version":"3.2.7","new_version":"3.2.8","repository_url":"https://github.com/apache/maven-gpg-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-maven-deps group with 50 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-context-support](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-beans](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-expression](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-tx](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-oxm](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-aop](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-websocket](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-messaging](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-test](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-config](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-web](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-messaging](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-ldap](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) | `3.3.1` | `3.3.2` |\n| [org.springframework.data:spring-data-commons](https://github.com/spring-projects/spring-data-commons) | `3.5.1` | `3.5.2` |\n| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.18.0` | `1.19.0` |\n| [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.27.1` | `1.28.0` |\n| org.apache.cxf:cxf-rt-frontend-jaxws | `4.1.2` | `4.1.3` |\n| org.apache.cxf:cxf-rt-transports-http | `4.1.2` | `4.1.3` |\n| org.apache.cxf:cxf-rt-ws-policy | `4.1.2` | `4.1.3` |\n| [commons-cli:commons-cli](https://github.com/apache/commons-cli) | `1.9.0` | `1.10.0` |\n| [org.apache.commons:commons-text](https://github.com/apache/commons-text) | `1.13.1` | `1.14.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.6.2.0` | `2.7.0.0` |\n| [com.graphql-java:graphql-java](https://github.com/graphql-java/graphql-java) | `24.1` | `24.2` |\n| [com.graphql-java:graphql-java-extended-scalars](https://github.com/graphql-java/graphql-java-extended-scalars) | `22.0` | `24.0` |\n| [io.methvin:directory-watcher](https://github.com/gmethvin/directory-watcher) | `0.19.0` | `0.19.1` |\n| org.apache.tomcat:tomcat-jasper-el | `11.0.8` | `11.0.10` |\n| org.apache.tomcat.embed:tomcat-embed-websocket | `11.0.8` | `11.0.10` |\n| [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework) | `5.13.1` | `5.13.4` |\n| [org.xmlunit:xmlunit-core](https://github.com/xmlunit/xmlunit) | `2.10.2` | `2.10.3` |\n| [org.opensearch.client:opensearch-rest-high-level-client](https://github.com/opensearch-project/OpenSearch) | `2.19.2` | `2.19.3` |\n| [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) | `2.25.0` | `2.26.0` |\n| [org.apache.tika:tika-core](https://github.com/apache/tika) | `3.2.0` | `3.2.1` |\n| org.apache.tika:tika-parsers-standard-package | `3.2.0` | `3.2.1` |\n| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `4.12.0` | `5.1.0` |\n| [org.dom4j:dom4j](https://github.com/dom4j/dom4j) | `2.1.4` | `2.2.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.20.1` | `1.21.1` |\n| [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) | `3.5.3` | `3.5.4` |\n| net.sf.saxon:Saxon-HE | `12.7` | `12.8` |\n| [com.github.ben-manes.caffeine:caffeine](https://github.com/ben-manes/caffeine) | `3.2.1` | `3.2.2` |\n| [de.flapdoodle.embed:de.flapdoodle.embed.mongo](https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo) | `4.20.1` | `4.21.0` |\n| [com.icegreen:greenmail](https://github.com/greenmail-mail-test/greenmail) | `2.1.3` | `2.1.4` |\n| [org.codehaus.gmavenplus:gmavenplus-plugin](https://github.com/groovy/GMavenPlus) | `4.2.0` | `4.2.1` |\n| [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) | `3.2.7` | `3.2.8` |\n\nBumps the all-maven-deps group with 10 updates in the /shared-dependencies directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| software.amazon.awssdk:bom | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:s3 | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:s3-transfer-manager | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:sts | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:cloudfront | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:cloudformation | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:elastictranscoder | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:mediaconvert | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:sso | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:ssooidc | `2.32.14` | `2.32.16` |\n\nBumps the all-maven-deps group with 3 updates in the /spring-boot directory: [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin), [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) and [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot).\n\nUpdates `org.springframework:spring-core` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context-support` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context-support's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-beans` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-beans's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-expression` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-expression's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-webmvc` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-webmvc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-tx` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-tx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eIn...\n\n_Description has been truncated_","html_url":"https://github.com/craftercms/craftercms/pull/8310","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/craftercms%2Fcraftercms/issues/8310","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8310/packages"},{"uuid":"2707816002","node_id":"PR_kwDOPVa3786hZf5C","number":1,"state":"open","title":"Bump the maven group across 1 directory with 21 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-30T16:48:25.000Z","updated_at":"2025-07-30T16:48:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":21,"packages":[{"name":"org.json:json","old_version":"20230227","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.jsoup:jsoup","old_version":"1.14.2","new_version":"1.15.3","repository_url":"https://github.com/jhy/jsoup"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.commons:commons-compress","old_version":"1.19","new_version":"1.26.0"},{"name":"org.apache.commons:commons-lang3","old_version":"3.4","new_version":"3.18.0"},{"name":"commons-io:commons-io","old_version":"2.7","new_version":"2.14.0"},{"name":"org.springframework:spring-context","old_version":"5.3.20","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework.security:spring-security-core","old_version":"5.7.5","new_version":"5.7.14","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.apache.poi:poi","old_version":"3.17","new_version":"4.1.1"},{"name":"org.apache.poi:poi-ooxml","old_version":"3.17","new_version":"5.4.0"},{"name":"com.fasterxml.jackson.core:jackson-core","old_version":"2.12.6","new_version":"2.15.0","repository_url":"https://github.com/FasterXML/jackson-core"},{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.12.6.1","new_version":"2.12.7.1","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.thoughtworks.xstream:xstream","old_version":"1.4.9","new_version":"1.4.21","repository_url":"https://github.com/x-stream/xstream"},{"name":"org.apache.camel:camel-core","old_version":"2.22.3","new_version":"4.13.0"},{"name":"org.apache.camel:camel-spring","old_version":"2.22.3","new_version":"4.13.0"},{"name":"org.apache.camel:camel-ftp","old_version":"2.22.3","new_version":"4.13.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20230227` | `20231013` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.6.0.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.14.2` | `1.15.3` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-compress | `1.19` | `1.26.0` |\n| org.apache.commons:commons-lang3 | `3.4` | `3.18.0` |\n| commons-io:commons-io | `2.7` | `2.14.0` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.20` | `6.1.20` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `5.7.5` | `5.7.14` |\n| org.apache.poi:poi | `3.17` | `4.1.1` |\n| org.apache.poi:poi-ooxml | `3.17` | `5.4.0` |\n| [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.12.6` | `2.15.0` |\n| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.12.6.1` | `2.12.7.1` |\n| [com.thoughtworks.xstream:xstream](https://github.com/x-stream/xstream) | `1.4.9` | `1.4.21` |\n| org.apache.camel:camel-core | `2.22.3` | `4.13.0` |\n| org.apache.camel:camel-spring | `2.22.3` | `4.13.0` |\n| org.apache.camel:camel-ftp | `2.22.3` | `4.13.0` |\n\n\nUpdates `org.json:json` from 20230227 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.jsoup:jsoup` from 1.14.2 to 1.15.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup 1.15.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.15.3\u003c/strong\u003e is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.\u003c/p\u003e\n\u003cp\u003eDetails:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003eSecurity advisory\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/news/release-1.15.3\"\u003eRelease notes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/download\"\u003eDownload\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ejsoup 1.15.2 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.2\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ejsoup 1.15.1 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.1\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.14.3\u003c/strong\u003e is out now, adding native \u003cstrong\u003eXPath\u003c/strong\u003e selector support, improved \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e support, and also includes a bunch of bug fixes, improvements, and performance enhancements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.3\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/blob/jsoup-1.15.3/CHANGES\"\u003eorg.jsoup:jsoup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ejsoup changelog\u003c/p\u003e\n\u003cp\u003eRelease 1.15.3 [2022-Aug-24]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if\nSafeList.preserveRelativeLinks is enabled.\n\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003ehttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the\noriginal parse.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the error messages output from Validate are more descriptive. Exceptions are now ValidationExceptions\n(extending IllegalArgumentException). Stack traces do not include the Validate class, to make it simpler to see\nwhere the exception originated. Common validation errors including malformed URLs and empty selector results have\nmore explicit error messages.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: the DataUtil would incorrectly read from InputStreams that emitted reads less than the requested size. This\nlead to incorrect results when parsing from chunked server responses, for e.g.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1807\"\u003ejhy/jsoup#1807\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBuild Improvement: added implementation version and related fields to the jar manifest.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1809\"\u003ejhy/jsoup#1809\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e*** Release 1.15.2 [2022-Jul-04]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added the ability to track the position (line, column, index) in the original input source from where\na given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange().\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1790\"\u003ejhy/jsoup#1790\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(),\nas convenient accessors to those child nodes and elements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning\na null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort\nprocessing if an expected match is not found.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1664\"\u003ejhy/jsoup#1664\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible,\nso that they are indented correctly.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1798\"\u003ejhy/jsoup#1798\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements\nby their simple local name, regardless of whether an xmlns attribute was set.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1801\"\u003ejhy/jsoup#1801\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not\nalready been parsed and must be read fully, and there is any maximum buffer size being applied, only the default\ninternal buffer size is read.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1774\"\u003ejhy/jsoup#1774\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c5964172763e1495786ad584c368ac3346d0ca8c\"\u003e\u003ccode\u003ec596417\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release jsoup-1.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/d2d9ac341dbd48e75c6dd09c571216a81939604f\"\u003e\u003ccode\u003ed2d9ac3\u003c/code\u003e\u003c/a\u003e Changelog for URL cleaner improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/4ea768d96b3d232e63edef9594766d44597b3882\"\u003e\u003ccode\u003e4ea768d\u003c/code\u003e\u003c/a\u003e Strip control characters from URLs when resolving absolute URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/985f1fe13aa0b1d37c6f6f17a948fc240a03dcef\"\u003e\u003ccode\u003e985f1fe\u003c/code\u003e\u003c/a\u003e Include help link for malformed URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/6b67d05d883fdfe0f978d77d219e80324e0a223d\"\u003e\u003ccode\u003e6b67d05\u003c/code\u003e\u003c/a\u003e Improved Validate error messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/653da57a61dc6fcb5a94efb44f514239bdef8613\"\u003e\u003ccode\u003e653da57\u003c/code\u003e\u003c/a\u003e Normalized API doc link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5ed84f631e8889abc9b20ebcc898d053d77bb05d\"\u003e\u003ccode\u003e5ed84f6\u003c/code\u003e\u003c/a\u003e Simplified the Test Server startup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c58112a2eddd630a4f6d76450034c1227ef5f842\"\u003e\u003ccode\u003ec58112a\u003c/code\u003e\u003c/a\u003e Set the read size correctly when capped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/fa13c8066b13f27a92d0057d55bf64e6d66ddff2\"\u003e\u003ccode\u003efa13c80\u003c/code\u003e\u003c/a\u003e Added jar manifest default implementation entries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5b193902029a453b95cfc8850d17e630079cf0a2\"\u003e\u003ccode\u003e5b19390\u003c/code\u003e\u003c/a\u003e Bump maven-resources-plugin from 3.2.0 to 3.3.0 (\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1814\"\u003e#1814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jhy/jsoup/compare/jsoup-1.14.2...jsoup-1.15.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.commons:commons-compress` from 1.19 to 1.26.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.4 to 3.18.0\n\nUpdates `commons-io:commons-io` from 2.7 to 2.14.0\n\nUpdates `org.springframework:spring-context` from 5.3.20 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.20...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-webmvc` from 5.3.20 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-webmvc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.20...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 5.3.20 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.20...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-core` from 5.7.5 to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/5.7.5...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-config` from 5.7.5 to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-config's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/5.7.5...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-web` from 5.7.5 to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/5.7.5...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.poi:poi` from 3.17 to 4.1.1\n\nUpdates `org.apache.poi:poi-ooxml` from 3.17 to 5.4.0\n\nUpdates `com.fasterxml.jackson.core:jackson-core` from 2.12.6 to 2.15.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/FasterXML/jackson-core/blob/jackson-core-2.15.0/release.properties\"\u003ecom.fasterxml.jackson.core:jackson-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e#release configuration\n#Sun Apr 23 14:19:10 PDT 2023\nscm.commentPrefix=[maven-release-plugin]\nexec.pomFileName=pom.xml\npushChanges=false\nreleaseStrategyId=default\nproject.dev.com.fasterxml.jackson.core:jackson-core=2.15.1-SNAPSHOT\nproject.scm.com.fasterxml.jackson.core:jackson-core.connection=scm:git:\u003ca href=\"mailto:git@github.com\"\u003egit@github.com\u003c/a\u003e:FasterXML/jackson-core.git\nscm.tag=jackson-core-2.15.0\nremoteTagging=true\nproject.scm.com.fasterxml.jackson.core:jackson-core.developerConnection=scm:git:\u003ca href=\"mailto:git@github.com\"\u003egit@github.com\u003c/a\u003e:FasterXML/jackson-core.git\nexec.additionalArguments=-Prelease\nscm.branchCommitComment=@{prefix} prepare branch @{releaseLabel}\nprojectVersionPolicyId=default\nscm.url=scm:git:\u003ca href=\"mailto:git@github.com\"\u003egit@github.com\u003c/a\u003e:FasterXML/jackson-core.git\nscm.tagNameFormat=@{project.artifactId}-@{project.version}\nproject.scm.com.fasterxml.jackson.core:jackson-core.tag=HEAD\npinExternals=false\nproject.rel.com.fasterxml.jackson.core:jackson-core=2.15.0\npreparationGoals=clean verify\nscm.releaseCommitComment=@{prefix} prepare release @{releaseLabel}\nexec.snapshotReleasePluginAllowed=false\nproject.scm.com.fasterxml.jackson.core:jackson-core.url=https://github.com/FasterXML/jackson-core\nscm.developmentCommitComment=@{prefix} prepare for next development iteration\nscm.rollbackCommitComment=@{prefix} rollback the release of @{releaseLabel}\ncompletedPhase=end-release\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/a2c0bdcfb9aae8fca555240e63e57c1d9e6f8079\"\u003e\u003ccode\u003ea2c0bdc\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release jackson-core-2.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/180027aeaf6bf1e1d3a8e215cf69ed8f33373552\"\u003e\u003ccode\u003e180027a\u003c/code\u003e\u003c/a\u003e Prepare for 2.15.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/2b4192590f3cfa67df105b160ce022b559fe3d70\"\u003e\u003ccode\u003e2b41925\u003c/code\u003e\u003c/a\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/85340aa204cd4e5f279ab38f44be4e3273d5fa11\"\u003e\u003ccode\u003e85340aa\u003c/code\u003e\u003c/a\u003e Merge branch '2.14' into 2.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/ed846d9497c187f194b7fa8bfb9ec5ba83bd71fa\"\u003e\u003ccode\u003eed846d9\u003c/code\u003e\u003c/a\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/94ea208ab8199d8fa381c438db3a375506cc3319\"\u003e\u003ccode\u003e94ea208\u003c/code\u003e\u003c/a\u003e Update release notes wrt \u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/990\"\u003e#990\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/a4f208696cb6982dd4ddfa3d25522d1349d6cd56\"\u003e\u003ccode\u003ea4f2086\u003c/code\u003e\u003c/a\u003e [2.14 only] backport removal of BigDecimal to BigInt conversion (\u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/990\"\u003e#990\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/1976c0dc7f13fbc4f22e9529d1221fc39091cafe\"\u003e\u003ccode\u003e1976c0d\u003c/code\u003e\u003c/a\u003e Try to get Release workflow working wrt SLSA provenance (fix \u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/844\"\u003e#844\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/989\"\u003e#989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/0ee3ad8f4622bf39c7176d9f57c25f17e364ca97\"\u003e\u003ccode\u003e0ee3ad8\u003c/code\u003e\u003c/a\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/163540e385b01a6d1e6d8d3d28c7ca439e975380\"\u003e\u003ccode\u003e163540e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/FasterXML/jackson-core/compare/jackson-core-2.12.6...jackson-core-2.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.12.6.1 to 2.12.7.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.thoughtworks.xstream:xstream` from 1.4.9 to 1.4.21\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/x-stream/xstream/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.camel:camel-core` from 2.22.3 to 4.13.0\n\nUpdates `org.apache.camel:camel-spring` from 2.22.3 to 4.13.0\n\nUpdates `org.apache.camel:camel-ftp` from 2.22.3 to 4.13.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yours...\n\n_Description has been truncated_","html_url":"https://github.com/rex21919/EUSURVEY/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rex21919%2FEUSURVEY/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2686622871","node_id":"PR_kwDOPRB_kc6gIpyX","number":2,"state":"open","title":"Bump org.owasp.esapi:esapi from 2.1.0.1 to 2.6.0.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-22T19:40:47.000Z","updated_at":"2025-07-22T19:40:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.1.0.1 to 2.6.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.1.0.1\u0026new-version=2.6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/essuarezdeveloper/copilot-case-study-devops-devsecops/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/essuarezdeveloper/copilot-case-study-devops-devsecops/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/essuarezdeveloper%2Fcopilot-case-study-devops-devsecops/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2657226423","node_id":"PR_kwDOPKf3EM6eYg63","number":2,"state":"open","title":"Bump org.owasp.esapi:esapi from 2.6.0.0 to 2.7.0.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-10T21:31:52.000Z","updated_at":"2025-07-10T21:31:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.6.0.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.6.0.0 to 2.7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.6.0.0\u0026new-version=2.7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/cx-benjamin-simpson/java-benchie-cx/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cx-benjamin-simpson%2Fjava-benchie-cx/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2654704407","node_id":"PR_kwDOBErimM6eO5MX","number":8258,"state":"open","title":"Bump the all-maven-deps group across 2 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-10T05:33:24.000Z","updated_at":"2025-07-10T05:33:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-maven-deps","update_count":26,"packages":[{"name":"org.apache.commons:commons-lang3","old_version":"3.17.0","new_version":"3.18.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.6.2.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"com.graphql-java:graphql-java-extended-scalars","old_version":"22.0","new_version":"24.0","repository_url":"https://github.com/graphql-java/graphql-java-extended-scalars"},{"name":"org.opensearch.client:opensearch-java","old_version":"2.25.0","new_version":"2.26.0","repository_url":"https://github.com/opensearch-project/opensearch-java"},{"name":"org.apache.tika:tika-core","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/apache/tika"},{"name":"org.apache.tika:tika-parsers-standard-package","old_version":"3.2.0","new_version":"3.2.1"},{"name":"com.squareup.okhttp3:okhttp","old_version":"4.12.0","new_version":"5.1.0","repository_url":"https://github.com/square/okhttp"},{"name":"org.mariadb.jdbc:mariadb-java-client","old_version":"3.5.3","new_version":"3.5.4","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-j"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-maven-deps group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.commons:commons-lang3 | `3.17.0` | `3.18.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.6.2.0` | `2.7.0.0` |\n| [com.graphql-java:graphql-java-extended-scalars](https://github.com/graphql-java/graphql-java-extended-scalars) | `22.0` | `24.0` |\n| [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) | `2.25.0` | `2.26.0` |\n| [org.apache.tika:tika-core](https://github.com/apache/tika) | `3.2.0` | `3.2.1` |\n| org.apache.tika:tika-parsers-standard-package | `3.2.0` | `3.2.1` |\n| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `4.12.0` | `5.1.0` |\n| [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) | `3.5.3` | `3.5.4` |\n\nBumps the all-maven-deps group with 18 updates in the /shared-dependencies directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.logging.log4j:log4j-api | `2.24.3` | `2.25.0` |\n| org.apache.logging.log4j:log4j-core | `2.24.3` | `2.25.0` |\n| org.apache.logging.log4j:log4j-jakarta-web | `2.24.3` | `2.25.0` |\n| org.apache.logging.log4j:log4j-slf4j2-impl | `2.24.3` | `2.25.0` |\n| [org.eclipse.jgit:org.eclipse.jgit](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| [org.eclipse.jgit:org.eclipse.jgit.archive](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| [org.eclipse.jgit:org.eclipse.jgit.ssh.apache](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| [org.eclipse.jgit:org.eclipse.jgit.junit](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| software.amazon.awssdk:bom | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:s3 | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:s3-transfer-manager | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:sts | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:cloudfront | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:cloudformation | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:elastictranscoder | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:mediaconvert | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:sso | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:ssooidc | `2.31.77` | `2.31.78` |\n\n\nUpdates `org.apache.commons:commons-lang3` from 3.17.0 to 3.18.0\n\nUpdates `org.owasp.esapi:esapi` from 2.6.2.0 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.graphql-java:graphql-java-extended-scalars` from 22.0 to 24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/releases\"\u003ecom.graphql-java:graphql-java-extended-scalars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.0\u003c/h2\u003e\n\u003cp\u003eThis new version updates the base dependency to graphql-java 24.0\u003c/p\u003e\n\u003cp\u003eWe have six new Scalars included from members of the community.  Thank you one and all.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eHexColorCode\u003c/li\u003e\n\u003cli\u003eYear\u003c/li\u003e\n\u003cli\u003eYearMonth\u003c/li\u003e\n\u003cli\u003eAccurateDuration\u003c/li\u003e\n\u003cli\u003eNominalDuration\u003c/li\u003e\n\u003cli\u003eSecondsSinceEpoch\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump gradle/wrapper-validation-action from 2 to 3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/137\"\u003egraphql-java/graphql-java-extended-scalars#137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump io.github.gradle-nexus.publish-plugin from 1.3.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/136\"\u003egraphql-java/graphql-java-extended-scalars#136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.20 to 3.0.21 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/130\"\u003egraphql-java/graphql-java-extended-scalars#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump com.graphql-java:graphql-java from 22.0 to 22.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/138\"\u003egraphql-java/graphql-java-extended-scalars#138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix BigDecimal and BigInteger package name in README by \u003ca href=\"https://github.com/Yunus1903\"\u003e\u003ccode\u003e@​Yunus1903\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/139\"\u003egraphql-java/graphql-java-extended-scalars#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.21 to 3.0.22 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/140\"\u003egraphql-java/graphql-java-extended-scalars#140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump com.graphql-java:graphql-java from 22.1 to 22.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/144\"\u003egraphql-java/graphql-java-extended-scalars#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.22 to 3.0.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/148\"\u003egraphql-java/graphql-java-extended-scalars#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing final for ExtendedScalars#UUID field by \u003ca href=\"https://github.com/TrianguloY\"\u003e\u003ccode\u003e@​TrianguloY\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/151\"\u003egraphql-java/graphql-java-extended-scalars#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd more DateTime test cases from specification by \u003ca href=\"https://github.com/dondonz\"\u003e\u003ccode\u003e@​dondonz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/150\"\u003egraphql-java/graphql-java-extended-scalars#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd HexColorCode Scalar by \u003ca href=\"https://github.com/onjik\"\u003e\u003ccode\u003e@​onjik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/122\"\u003egraphql-java/graphql-java-extended-scalars#122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Year and YearMonth Scalars by \u003ca href=\"https://github.com/wakita181009\"\u003e\u003ccode\u003e@​wakita181009\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/143\"\u003egraphql-java/graphql-java-extended-scalars#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.23 to 3.0.24 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/152\"\u003egraphql-java/graphql-java-extended-scalars#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed up failing compilation and tests by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/158\"\u003egraphql-java/graphql-java-extended-scalars#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd AccurateDuration and NominalDuration Scalars by \u003ca href=\"https://github.com/AlexandreCarlton\"\u003e\u003ccode\u003e@​AlexandreCarlton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/132\"\u003egraphql-java/graphql-java-extended-scalars#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix issue 126 - use MILLI_OF_SECOND by \u003ca href=\"https://github.com/sachin-bansal\"\u003e\u003ccode\u003e@​sachin-bansal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/129\"\u003egraphql-java/graphql-java-extended-scalars#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes master by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/161\"\u003egraphql-java/graphql-java-extended-scalars#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated to graphql-java 24.x by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/160\"\u003egraphql-java/graphql-java-extended-scalars#160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding new Sonatype URLs by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/164\"\u003egraphql-java/graphql-java-extended-scalars#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GitHub action to reduce CI flakes by \u003ca href=\"https://github.com/dondonz\"\u003e\u003ccode\u003e@​dondonz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/165\"\u003egraphql-java/graphql-java-extended-scalars#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add SecondsSinceEpochScalar by \u003ca href=\"https://github.com/clutcher\"\u003e\u003ccode\u003e@​clutcher\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/163\"\u003egraphql-java/graphql-java-extended-scalars#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThis removes all the deprecated Coercing methods and replaces them with the desired ones by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/159\"\u003egraphql-java/graphql-java-extended-scalars#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.24 to 3.0.25 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/162\"\u003egraphql-java/graphql-java-extended-scalars#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed docos for \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/105\"\u003e#105\u003c/a\u003e by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/167\"\u003egraphql-java/graphql-java-extended-scalars#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated doco for upcoming 24.0 by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/168\"\u003egraphql-java/graphql-java-extended-scalars#168\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Yunus1903\"\u003e\u003ccode\u003e@​Yunus1903\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/139\"\u003egraphql-java/graphql-java-extended-scalars#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TrianguloY\"\u003e\u003ccode\u003e@​TrianguloY\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/151\"\u003egraphql-java/graphql-java-extended-scalars#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/onjik\"\u003e\u003ccode\u003e@​onjik\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/122\"\u003egraphql-java/graphql-java-extended-scalars#122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wakita181009\"\u003e\u003ccode\u003e@​wakita181009\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/143\"\u003egraphql-java/graphql-java-extended-scalars#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/AlexandreCarlton\"\u003e\u003ccode\u003e@​AlexandreCarlton\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/132\"\u003egraphql-java/graphql-java-extended-scalars#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sachin-bansal\"\u003e\u003ccode\u003e@​sachin-bansal\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/129\"\u003egraphql-java/graphql-java-extended-scalars#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clutcher\"\u003e\u003ccode\u003e@​clutcher\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/163\"\u003egraphql-java/graphql-java-extended-scalars#163\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/compare/v22.0...v24.0\"\u003ehttps://github.com/graphql-java/graphql-java-extended-scalars/compare/v22.0...v24.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/2c594c2d3c071eed27e355625a5ed6c880a2534f\"\u003e\u003ccode\u003e2c594c2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/168\"\u003e#168\u003c/a\u003e from graphql-java/fix-doco-for-24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/2c86983566f474a80284ec215832bb0ca91b6cb6\"\u003e\u003ccode\u003e2c86983\u003c/code\u003e\u003c/a\u003e Updated doco for upcoming 24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/d2dd2616e87bac62704e08494d8c0b4eaf3792a8\"\u003e\u003ccode\u003ed2dd261\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/167\"\u003e#167\u003c/a\u003e from graphql-java/fix-doco\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/d8a609c9644af29bb0c6d95ac65fc23338a53e43\"\u003e\u003ccode\u003ed8a609c\u003c/code\u003e\u003c/a\u003e Fixed docos for \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/105\"\u003e#105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/05a3bb9380306324c4e020fccc1867fcc879e8e4\"\u003e\u003ccode\u003e05a3bb9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/162\"\u003e#162\u003c/a\u003e from graphql-java/dependabot/gradle/org.codehaus.groo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/850ae19c42c06e8a756505bec6806f464d90f044\"\u003e\u003ccode\u003e850ae19\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/159\"\u003e#159\u003c/a\u003e from graphql-java/valueToLiteral_support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/df78c808044543acf1b26931368d4bc892c198fe\"\u003e\u003ccode\u003edf78c80\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/163\"\u003e#163\u003c/a\u003e from clutcher/seconds_since_epoch_scalar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/4470f6089e1b697108808aee52914601e7672a75\"\u003e\u003ccode\u003e4470f60\u003c/code\u003e\u003c/a\u003e Update ExtendedScalars.java\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/64a24492692deaab321b2c30cb9f0fca46f17a84\"\u003e\u003ccode\u003e64a2449\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/165\"\u003e#165\u003c/a\u003e from graphql-java/update-github-actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/29eb91472233eea0b91d44d0cc2123cb269ee3dd\"\u003e\u003ccode\u003e29eb914\u003c/code\u003e\u003c/a\u003e Update GitHub action to reduce CI flakes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/compare/v22.0...v24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.opensearch.client:opensearch-java` from 2.25.0 to 2.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opensearch-project/opensearch-java/releases\"\u003eorg.opensearch.client:opensearch-java's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.26.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[AUTO] Increment version to 2.26.0. by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1595\"\u003eopensearch-project/opensearch-java#1595\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd missed changelog entry by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1597\"\u003eopensearch-project/opensearch-java#1597\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Fix Java 8 unit tests by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1637\"\u003eopensearch-project/opensearch-java#1637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Update the maven snapshot publish endpoint and credential (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1634\"\u003e#1634\u003c/a\u003e) by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1639\"\u003eopensearch-project/opensearch-java#1639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] jackson \u003ccode\u003eObjectMapper\u003c/code\u003e: auto-detect modules (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1643\"\u003e#1643\u003c/a\u003e) by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1648\"\u003eopensearch-project/opensearch-java#1648\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Specify head ref to checkout in dependabot PR workflow by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1654\"\u003eopensearch-project/opensearch-java#1654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Update maven publishing workflow to accommodate nexus EOL by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1659\"\u003eopensearch-project/opensearch-java#1659\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport fixes to 2.x and prepare v2.26.0 release by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1670\"\u003eopensearch-project/opensearch-java#1670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Updated doc for ConnectionConfigCallback by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1675\"\u003eopensearch-project/opensearch-java#1675\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/opensearch-project/opensearch-java/compare/v2.25.0...v2.26.0\"\u003ehttps://github.com/opensearch-project/opensearch-java/compare/v2.25.0...v2.26.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opensearch-project/opensearch-java/blob/main/CHANGELOG.md\"\u003eorg.opensearch.client:opensearch-java's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.26.0] - 07/10/2025\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Jackson \u003ccode\u003eObjectMapper\u003c/code\u003e module auto-detection (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1643\"\u003e#1643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.owasp.dependencycheck\u003c/code\u003e from 12.1.1 to 12.1.3 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1608\"\u003e#1608\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1607\"\u003e#1607\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.junit:junit-bom\u003c/code\u003e from 5.13.0 to 5.13.2 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1606\"\u003e#1606\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1650\"\u003e#1650\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1665\"\u003e#1665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.ajoberstar.grgit:grgit-gradle\u003c/code\u003e from 5.3.0 to 5.3.2 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1621\"\u003e#1621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eio.github.classgraph:classgraph\u003c/code\u003e from 4.8.179 to 4.8.180 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1651\"\u003e#1651\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eApacheHttpClient5Transport\u003c/code\u003e not honoring connect \u0026amp; socket timeouts configured on \u003ccode\u003eConnectionConfig\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1662\"\u003e#1662\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.1.0] - 06/04/2025\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003etemplate\u003c/code\u003e query type (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1586\"\u003e#1586\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Search Shards request \u003ccode\u003eslice\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1586\"\u003e#1586\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003escore-ranker-processor\u003c/code\u003e phase results processor (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1594\"\u003e#1594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.apache.httpcomponents.client5:httpclient5\u003c/code\u003e from 5.4.4 to 5.5 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1578\"\u003e#1578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.junit:junit-bom\u003c/code\u003e from 5.12.2 to 5.13.0 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1587\"\u003e#1587\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/bb1b2a172fd40054f3e02ffd738fbed13a6a5583\"\u003e\u003ccode\u003ebb1b2a1\u003c/code\u003e\u003c/a\u003e updated doc for ConnectionConfigCallback (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1674\"\u003e#1674\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1675\"\u003e#1675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/e4ae610c199d0fc6369e1dca8e1574573f8b66c3\"\u003e\u003ccode\u003ee4ae610\u003c/code\u003e\u003c/a\u003e Backport fixes to 2.x and prepare v2.26.0 release (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1670\"\u003e#1670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/64429a9bd65576c6e79edab9376e0fbbffdfa6d3\"\u003e\u003ccode\u003e64429a9\u003c/code\u003e\u003c/a\u003e Update maven publishing workflow to accommodate nexus EOL (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1658\"\u003e#1658\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1659\"\u003e#1659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/2cebe7b996a90ec5e47e63dae69750fa8d896cc1\"\u003e\u003ccode\u003e2cebe7b\u003c/code\u003e\u003c/a\u003e Specify head ref to checkout in dependabot PR workflow (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1653\"\u003e#1653\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1654\"\u003e#1654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/ddba1f276f7019fc81b50ac7ddb955f6adcdbe1e\"\u003e\u003ccode\u003eddba1f2\u003c/code\u003e\u003c/a\u003e jackson \u003ccode\u003eObjectMapper\u003c/code\u003e: auto-detect modules (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1643\"\u003e#1643\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1648\"\u003e#1648\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/f78d75dcf5f636a4f41889e2e2ab171162323152\"\u003e\u003ccode\u003ef78d75d\u003c/code\u003e\u003c/a\u003e Update the maven snapshot publish endpoint and credential (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1634\"\u003e#1634\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1639\"\u003e#1639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/3edeb966868a65443fea217b6d719d498c14a902\"\u003e\u003ccode\u003e3edeb96\u003c/code\u003e\u003c/a\u003e Fix Java 8 unit tests (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1631\"\u003e#1631\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/d638a63462e324e2ac930201234eb856e903d547\"\u003e\u003ccode\u003ed638a63\u003c/code\u003e\u003c/a\u003e Add missed changelog entry (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1597\"\u003e#1597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/86edcc5cbabbb352d904fc1eb878f7231c2bb29d\"\u003e\u003ccode\u003e86edcc5\u003c/code\u003e\u003c/a\u003e Increment version to 2.26.0 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1595\"\u003e#1595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/opensearch-project/opensearch-java/compare/v2.25.0...v2.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tika:tika-core` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/tika/blob/main/CHANGES.txt\"\u003eorg.apache.tika:tika-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eRelease 4.0.0-BETA1 - ???\nBREAKING CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHeaders are no longer injected into the body/content of MSG files (TIKA-4345). Please open\na ticket if you need this behavior across email formats.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe tika-batch module has been removed (TIKA-4333).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOTHER CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix concurrency bug in TikaToXMP (TIKA-4393)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.2.1 - ???\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix POIFSContainerDetector regression when wrapping an InputStream in\na TikaInputStream (TIKA-4441).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImportant bug fix for zip-based detection on a non-TikaInputStream (TIKA-4424).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove text extraction from EMF (TIKA-4432).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDependency updates (TIKA-4421).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.2.0 - 05/21/2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDetect inline images in MSG files (TIKA-4391).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove extraction of metadata in MSG files (TIKA-4381).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix concurrency bug in TikaToXMP (TIKA-4393).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix potential GDAL deadlock (TIKA-4385).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove extraction of properties from msg files (TIKA-4381).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eInclude internal attachment path in tika-eval reports (TIKA-4374).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade jsoup to 1.20.1 with workaround for change in self-closing tag behavior (TIKA-4419).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade dependencies (TIKA-4379).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.1.0 - 01/28/25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow users to turn off the injection of some headers into the content stream of MSG\nfiles (TIKA-4345).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd a wrapper for Google's magika detector (TIKA-4344).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for MachO via Alexey Pelykh (TIKA-4309).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apache/tika/commits/3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tika:tika-parsers-standard-package` from 3.2.0 to 3.2.1\n\nUpdates `org.apache.tika:tika-parsers-standard-package` from 3.2.0 to 3.2.1\n\nUpdates `com.squareup.okhttp3:okhttp` from 4.12.0 to 5.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/square/okhttp/blob/master/CHANGELOG.md\"\u003ecom.squareup.okhttp3:okhttp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 5.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-07\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: \u003ccode\u003eResponse.peekTrailers()\u003c/code\u003e. When we changed \u003ccode\u003eResponse.trailers()\u003c/code\u003e to block instead of\nthrowing in 5.0.0, we inadvertently removed the ability for callers to peek the trailers\n(by catching the \u003ccode\u003eIllegalStateException\u003c/code\u003e if they weren't available). This new API restores that\ncapability.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Don't crash on \u003ccode\u003etrailers()\u003c/code\u003e if the response doesn't have a body. We broke [Retrofit] users\nwho read the trailers on the \u003ccode\u003eraw()\u003c/code\u003e OkHttp response, after its body was decoded.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 5.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-02\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eThis is our first stable release of OkHttp since 2023. Here's the highlights if you're upgrading\nfrom OkHttp 4.x:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eOkHttp is now packaged as separate JVM and Android artifacts.\u003c/strong\u003e This allows us to offer\nplatform-specific features and optimizations. If your build system handles [Gradle module metadata],\nthis change should be automatic.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eMockWebServer has a new coordinate and package name.\u003c/strong\u003e We didn’t like that our old artifact\ndepends on JUnit 4 so the new one doesn’t. It also has a better API built on immutable values. (We\nintend to continue publishing the old \u003ccode\u003eokhttp3.mockwebserver\u003c/code\u003e artifact so there’s no urgency to\nmigrate.)\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth align=\"left\"\u003eCoordinate\u003c/th\u003e\n\u003cth align=\"left\"\u003ePackage Name\u003c/th\u003e\n\u003cth align=\"left\"\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver3:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003emockwebserver3\u003c/td\u003e\n\u003ctd align=\"left\"\u003eCore module. No JUnit dependency!\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver3-junit4:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003emockwebserver3.junit4\u003c/td\u003e\n\u003ctd align=\"left\"\u003eOptional JUnit 4 integration.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver3-junit5:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003emockwebserver3.junit5\u003c/td\u003e\n\u003ctd align=\"left\"\u003eOptional JUnit 5 integration.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003eokhttp3.mockwebserver\u003c/td\u003e\n\u003ctd align=\"left\"\u003eObsolete. Depends on JUnit 4.\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003e\u003cstrong\u003eOkHttp now supports Happy Eyeballs ([RFC 8305][rfc_8305]) for IPv4+IPv6 networks.\u003c/strong\u003e It attempts\nboth IPv6 and IPv4 connections concurrently, keeping whichever connects first.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eWe’ve improved our Kotlin APIs.\u003c/strong\u003e You can skip the builder:\u003c/p\u003e\n\u003cpre lang=\"kotlin\"\u003e\u003ccode\u003eval request = Request(\n  url = \u0026quot;https://cash.app/\u0026quot;.toHttpUrl(),\n)\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eOkHttp now supports [GraalVM].\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eHere’s what has changed since 5.0.0-alpha.17:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/d2dd1806973f7355b07a45fb1ef6a1bcfc094fdb\"\u003e\u003ccode\u003ed2dd180\u003c/code\u003e\u003c/a\u003e Prepare for release 5.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/61a87359f64fb9506122322176a0695a6dec672c\"\u003e\u003ccode\u003e61a8735\u003c/code\u003e\u003c/a\u003e New Response.peekTrailers() API (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8921\"\u003e#8921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/66844010f74a20bc076063620a06de478c6fcb26\"\u003e\u003ccode\u003e6684401\u003c/code\u003e\u003c/a\u003e Update dependency gradle to v8.14.3 (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8915\"\u003e#8915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/7adb2b637cd2d214cdad741a3a1ba056db55e049\"\u003e\u003ccode\u003e7adb2b6\u003c/code\u003e\u003c/a\u003e Update junit-framework monorepo (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8914\"\u003e#8914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/e41ff18df84982042e26fae6fa0cc482a55a47b8\"\u003e\u003ccode\u003ee41ff18\u003c/code\u003e\u003c/a\u003e Link to new mockwebserver artifacts (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8911\"\u003e#8911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/0ff87513e2f1c75f32290d0c24d475bc0459bb7f\"\u003e\u003ccode\u003e0ff8751\u003c/code\u003e\u003c/a\u003e Remove Graal init tracing (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8909\"\u003e#8909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/b9a2560e5647ff18c0a0538998c070938fc65380\"\u003e\u003ccode\u003eb9a2560\u003c/code\u003e\u003c/a\u003e Run graal on master (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8907\"\u003e#8907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/8339524463f56a7d68bc43ce7af562702e371f4c\"\u003e\u003ccode\u003e8339524\u003c/code\u003e\u003c/a\u003e Remove ExperimentalOkHttpApi references (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8908\"\u003e#8908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/ce29ef618240b8e4c82b5932e6bc0f7a4730adb9\"\u003e\u003ccode\u003ece29ef6\u003c/code\u003e\u003c/a\u003e Fix graal tests (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8906\"\u003e#8906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/85796896c3042935a98500e4d41b0f3ca49523e7\"\u003e\u003ccode\u003e8579689\u003c/code\u003e\u003c/a\u003e Don't force a response body read on all trailers (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8904\"\u003e#8904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/square/okhttp/compare/parent-4.12.0...parent-5.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.mariadb.jdbc:mariadb-java-client` from 3.5.3 to 3.5.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/releases\"\u003eorg.mariadb.jdbc:mariadb-java-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eMariaDB Connector/Java 3.5.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.5.4\"\u003e3.5.4\u003c/a\u003e (Jun 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.3...3.5.4\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eKey Enhancements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1261 - Added caching option for loadCodecs results to improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eIssues Resolved\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1234 - Fixed incorrect type definitions in DatabaseMetaData.getTypeInfo()\u003c/li\u003e\n\u003cli\u003eCONJ-1247 - Resolved potential race condition that could cause NullPointerException\u003c/li\u003e\n\u003cli\u003eCONJ-1250 - avoids redundant queries for CallableStatement.getParameterMetaData()\u003c/li\u003e\n\u003cli\u003eCONJ-1251 - Fixed SSL configuration issue where zero SSL settings only functioned without explicit SSL configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1252 - Resolved GSSAPI authentication error when server exchanges begin with 0x01 byte\u003c/li\u003e\n\u003cli\u003eCONJ-1254 - Corrected DatabaseMetadata.getTypeInfo() returning incorrect values for AUTO_INCREMENT, FIXED_PREC_SCALE, and CASE_SENSITIVE fields\u003c/li\u003e\n\u003cli\u003eCONJ-1255 - Fixed getString method on BIT(1) fields to properly honor transformedBitIsBoolean configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1259 - Enhanced metadata compatibility with MariaDB version 12.0\u003c/li\u003e\n\u003cli\u003eCONJ-1260 - Improved performance of DatabaseMetaData.getExportedKeys method\u003c/li\u003e\n\u003cli\u003eCONJ-1256 - Fixed issue to ensure correct catalog name is returned\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/blob/main/CHANGELOG.md\"\u003eorg.mariadb.jdbc:mariadb-java-client's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.5.4\"\u003e3.5.4\u003c/a\u003e (Jun 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.3...3.5.4\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eKey Enhancements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1261 - Added caching option for loadCodecs results to improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eIssues Resolved\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1234 - Fixed incorrect type definitions in DatabaseMetaData.getTypeInfo()\u003c/li\u003e\n\u003cli\u003eCONJ-1247 - Resolved potential race condition that could cause NullPointerException\u003c/li\u003e\n\u003cli\u003eCONJ-1250 - avoids redundant queries for CallableStatement.getParameterMetaData()\u003c/li\u003e\n\u003cli\u003eCONJ-1251 - Fixed SSL configuration issue where zero SSL settings only functioned without explicit SSL configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1252 - Resolved GSSAPI authentication error when server exchanges begin with 0x01 byte\u003c/li\u003e\n\u003cli\u003eCONJ-1254 - Corrected DatabaseMetadata.getTypeInfo() returning incorrect values for AUTO_INCREMENT, FIXED_PREC_SCALE, and CASE_SENSITIVE fields\u003c/li\u003e\n\u003cli\u003eCONJ-1255 - Fixed getString method on BIT(1) fields to properly honor transformedBitIsBoolean configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1259 - Enhanced metadata compatibility with MariaDB version 12.0\u003c/li\u003e\n\u003cli\u003eCONJ-1260 - Improved performance of DatabaseMetaData.getExportedKeys method\u003c/li\u003e\n\u003cli\u003eCONJ-1256 - Fixed issue to ensure correct catalog name is returned\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/3b9bebd737772dcf9a2747004d5aa1b5b896c850\"\u003e\u003ccode\u003e3b9bebd\u003c/code\u003e\u003c/a\u003e [misc] change maven oss to central since oss is now deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/81b0dccacb92fc954d7e9e598f60f326ece51b30\"\u003e\u003ccode\u003e81b0dcc\u003c/code\u003e\u003c/a\u003e [misc] correct test certificate path\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/ce280ce3a979ecc9f8fbaa9f9de8f7af3f00d99d\"\u003e\u003ccode\u003ece280ce\u003c/code\u003e\u003c/a\u003e [misc] ensure test stability with MySQL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/2a916fff3f8613480e91426944994d31d39c6538\"\u003e\u003ccode\u003e2a916ff\u003c/code\u003e\u003c/a\u003e [misc] ensure pkcs testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/db2f3f9989fd4b456d60dffebb39d4a8d20a08bf\"\u003e\u003ccode\u003edb2f3f9\u003c/code\u003e\u003c/a\u003e bump 3.5.4 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/bc3bec4f40e8567363a2dff84add53a9530f24a1\"\u003e\u003ccode\u003ebc3bec4\u003c/code\u003e\u003c/a\u003e Merge branch 'develop'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/69114ab89ba766fd357489157c3c91abf98cd2b5\"\u003e\u003ccode\u003e69114ab\u003c/code\u003e\u003c/a\u003e [CONJ-1260] DatabaseMetaData.getExportedKeys may be slow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/413760da0fcfac850b2f23321c8254318127377d\"\u003e\u003ccode\u003e413760d\u003c/code\u003e\u003c/a\u003e [misc] correct schedule on maintenance version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/b58aa848b30c06c5a2e4f61e36b9390aedb4b756\"\u003e\u003ccode\u003eb58aa84\u003c/code\u003e\u003c/a\u003e [CONJ-1261] Provide an option to cache the results of loadCodecs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/ec452a7bb86d0ab6e942db7257e599b6d8fe01db\"\u003e\u003ccode\u003eec452a7\u003c/code\u003e\u003c/a\u003e [misc] connect to docker if env set\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.3...3.5.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.logging.log4j:log4j-api` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-jakarta-web` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-jakarta-web` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.25.0\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.archive` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.ssh.apache` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.junit` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.ssh.apache` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.junit` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `software.amazon.awssdk:bom` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3-transfer-manager` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sts` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudfront` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudformation` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:elastictranscoder` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:mediaconvert` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sso` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:ssooidc` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3-transfer-manager` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sts` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudfront` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudformation` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:elastictranscoder` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:mediaconvert` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sso` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:ssooidc` from 2.31.77 to 2.31.78\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/craftercms/craftercms/pull/8258","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/craftercms%2Fcraftercms/issues/8258","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8258/packages"},{"uuid":"2653734566","node_id":"PR_kwDOMQIoAM6eLMam","number":3,"state":"open","title":"Bump the maven group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-09T19:03:04.000Z","updated_at":"2025-07-09T19:03:05.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":2,"packages":[{"name":"org.apache.derby:derby","old_version":"10.8.3.0","new_version":"10.17.1.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 2 updates in the / directory: org.apache.derby:derby and [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy).\n\nUpdates `org.apache.derby:derby` from 10.8.3.0 to 10.17.1.0\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravisinghrajput95%2Feasybuggy-vulnerable-application/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"2653695074","node_id":"PR_kwDOGiLTdM6eLCxi","number":19,"state":"open","title":"Bump the maven group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-09T18:45:51.000Z","updated_at":"2025-07-09T18:45:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":7,"packages":[{"name":"ch.qos.logback:logback-classic","old_version":"1.2.3","new_version":"1.2.13","repository_url":"https://github.com/qos-ch/logback"},{"name":"org.apache.poi:poi-ooxml","old_version":"5.0.0","new_version":"5.4.0"},{"name":"org.jsoup:jsoup","old_version":"1.14.2","new_version":"1.15.3","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.owasp.esapi:esapi","old_version":"2.4.0.0","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.json:json","old_version":"20210307","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"commons-io:commons-io","old_version":"2.7","new_version":"2.14.0"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.3.3","new_version":"1.6.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.2.3` | `1.2.13` |\n| org.apache.poi:poi-ooxml | `5.0.0` | `5.4.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.14.2` | `1.15.3` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.4.0.0` | `2.6.0.0` |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20210307` | `20231013` |\n| commons-io:commons-io | `2.7` | `2.14.0` |\n| commons-fileupload:commons-fileupload | `1.3.3` | `1.6.0` |\n\n\nUpdates `ch.qos.logback:logback-classic` from 1.2.3 to 1.2.13\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/2648b9e7fbb47426c89b9c93b411c07484e8f277\"\u003e\u003ccode\u003e2648b9e\u003c/code\u003e\u003c/a\u003e prepare release 1.2.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/bb095154be011267b64e37a1d401546e7cc2b7c3\"\u003e\u003ccode\u003ebb09515\u003c/code\u003e\u003c/a\u003e fix CVE-2023-6378\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/45732949bfb845df04cbe65292cf48aaa090cb1d\"\u003e\u003ccode\u003e4573294\u003c/code\u003e\u003c/a\u003e start work on 1.2.13-SNAPSHOT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/a388193052c298ca87cc64192319df723288c6ab\"\u003e\u003ccode\u003ea388193\u003c/code\u003e\u003c/a\u003e Merge branch 'branch_1.2.x' of github.com:qos-ch/logback into branch_1.2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/de44dc422bc3da1d7808283851324d960b492d4d\"\u003e\u003ccode\u003ede44dc4\u003c/code\u003e\u003c/a\u003e prepare release 1.2.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/ca0cf172f680308938515b8a5d69348759ee947c\"\u003e\u003ccode\u003eca0cf17\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/532\"\u003e#532\u003c/a\u003e from joakime/fix-jetty-requestlog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e31609b1980b9ba986344aae3cab7275fa2b4935\"\u003e\u003ccode\u003ee31609b\u003c/code\u003e\u003c/a\u003e removed unused files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/21e29efb284766f386781175b2ba18585b690154\"\u003e\u003ccode\u003e21e29ef\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/567\"\u003e#567\u003c/a\u003e from spliffone/LOGBACK-1633\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e869000e1d5901e6aa6f46cc6575ee2137f15b69\"\u003e\u003ccode\u003ee869000\u003c/code\u003e\u003c/a\u003e fix: published POM file contain the wrong scm URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/009ea46cb81a015f2ca312bde6e823581b93b37a\"\u003e\u003ccode\u003e009ea46\u003c/code\u003e\u003c/a\u003e version for next dev cycle\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/qos-ch/logback/compare/v_1.2.3...v_1.2.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.poi:poi-ooxml` from 5.0.0 to 5.4.0\n\nUpdates `org.jsoup:jsoup` from 1.14.2 to 1.15.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup 1.15.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.15.3\u003c/strong\u003e is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.\u003c/p\u003e\n\u003cp\u003eDetails:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003eSecurity advisory\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/news/release-1.15.3\"\u003eRelease notes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/download\"\u003eDownload\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ejsoup 1.15.2 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.2\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ejsoup 1.15.1 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.1\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.14.3\u003c/strong\u003e is out now, adding native \u003cstrong\u003eXPath\u003c/strong\u003e selector support, improved \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e support, and also includes a bunch of bug fixes, improvements, and performance enhancements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.3\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/blob/jsoup-1.15.3/CHANGES\"\u003eorg.jsoup:jsoup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ejsoup changelog\u003c/p\u003e\n\u003cp\u003eRelease 1.15.3 [2022-Aug-24]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if\nSafeList.preserveRelativeLinks is enabled.\n\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003ehttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the\noriginal parse.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the error messages output from Validate are more descriptive. Exceptions are now ValidationExceptions\n(extending IllegalArgumentException). Stack traces do not include the Validate class, to make it simpler to see\nwhere the exception originated. Common validation errors including malformed URLs and empty selector results have\nmore explicit error messages.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: the DataUtil would incorrectly read from InputStreams that emitted reads less than the requested size. This\nlead to incorrect results when parsing from chunked server responses, for e.g.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1807\"\u003ejhy/jsoup#1807\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBuild Improvement: added implementation version and related fields to the jar manifest.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1809\"\u003ejhy/jsoup#1809\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e*** Release 1.15.2 [2022-Jul-04]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added the ability to track the position (line, column, index) in the original input source from where\na given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange().\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1790\"\u003ejhy/jsoup#1790\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(),\nas convenient accessors to those child nodes and elements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning\na null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort\nprocessing if an expected match is not found.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1664\"\u003ejhy/jsoup#1664\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible,\nso that they are indented correctly.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1798\"\u003ejhy/jsoup#1798\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements\nby their simple local name, regardless of whether an xmlns attribute was set.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1801\"\u003ejhy/jsoup#1801\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not\nalready been parsed and must be read fully, and there is any maximum buffer size being applied, only the default\ninternal buffer size is read.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1774\"\u003ejhy/jsoup#1774\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c5964172763e1495786ad584c368ac3346d0ca8c\"\u003e\u003ccode\u003ec596417\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release jsoup-1.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/d2d9ac341dbd48e75c6dd09c571216a81939604f\"\u003e\u003ccode\u003ed2d9ac3\u003c/code\u003e\u003c/a\u003e Changelog for URL cleaner improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/4ea768d96b3d232e63edef9594766d44597b3882\"\u003e\u003ccode\u003e4ea768d\u003c/code\u003e\u003c/a\u003e Strip control characters from URLs when resolving absolute URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/985f1fe13aa0b1d37c6f6f17a948fc240a03dcef\"\u003e\u003ccode\u003e985f1fe\u003c/code\u003e\u003c/a\u003e Include help link for malformed URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/6b67d05d883fdfe0f978d77d219e80324e0a223d\"\u003e\u003ccode\u003e6b67d05\u003c/code\u003e\u003c/a\u003e Improved Validate error messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/653da57a61dc6fcb5a94efb44f514239bdef8613\"\u003e\u003ccode\u003e653da57\u003c/code\u003e\u003c/a\u003e Normalized API doc link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5ed84f631e8889abc9b20ebcc898d053d77bb05d\"\u003e\u003ccode\u003e5ed84f6\u003c/code\u003e\u003c/a\u003e Simplified the Test Server startup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c58112a2eddd630a4f6d76450034c1227ef5f842\"\u003e\u003ccode\u003ec58112a\u003c/code\u003e\u003c/a\u003e Set the read size correctly when capped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/fa13c8066b13f27a92d0057d55bf64e6d66ddff2\"\u003e\u003ccode\u003efa13c80\u003c/code\u003e\u003c/a\u003e Added jar manifest default implementation entries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5b193902029a453b95cfc8850d17e630079cf0a2\"\u003e\u003ccode\u003e5b19390\u003c/code\u003e\u003c/a\u003e Bump maven-resources-plugin from 3.2.0 to 3.3.0 (\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1814\"\u003e#1814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jhy/jsoup/compare/jsoup-1.14.2...jsoup-1.15.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.4.0.0 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.4.0.0...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.json:json` from 20210307 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230227\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/723\"\u003e#723\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eProtect JSONML from stack overflow exceptions caused by recursion\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/720\"\u003e#720\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eLimit the XML nesting depth for CVE-2022-45688\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/711\"\u003e#711\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRevert pull 707 - interviewbit spam\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/704\"\u003e#704\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eMove javadoc comments above the interface definition to make it visible\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/703\"\u003e#703\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate Releases.md for JSONObject(Map): Throws NPE if key is null\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/696\"\u003e#696\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate JSONPointerTest for NonDex compatibility\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/694\"\u003e#694\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePretty print XML\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/692\"\u003e#692\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eExample.md syntax highlight and indentation\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/691\"\u003e#691\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eCreate unit tests for various number formats\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20220924\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/688\"\u003e#688\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate copyright to Public Domain\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/687\"\u003e#687\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix a typo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/685\"\u003e#685\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSONObject map type unit tests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003cp\u003e20230227    Fix for CVE-2022-45688 and recent commits\u003c/p\u003e\n\u003cp\u003e20220924    New License - public domain, and some minor updates\u003c/p\u003e\n\u003cp\u003e20220320    Wrap StackOverflow with JSONException\u003c/p\u003e\n\u003cp\u003e20211205    Recent commits and some bug fixes for similar()\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.7 to 2.14.0\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.3 to 1.6.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/DWSurvey/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/DWSurvey/pull/19","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2FDWSurvey/issues/19","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/19/packages"},{"uuid":"2634359652","node_id":"PR_kwDOMQIoAM6dBSNk","number":2,"state":"closed","title":"Bump org.owasp.esapi:esapi from 2.1.0.1 to 2.6.0.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-09T19:03:09.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-07-02T05:47:06.000Z","updated_at":"2025-07-09T19:03:09.000Z","time_to_close":652563,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.1.0.1 to 2.6.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.1.0.1\u0026new-version=2.6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravisinghrajput95%2Feasybuggy-vulnerable-application/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2630419390","node_id":"PR_kwDOPEkXNM6cyQO-","number":4,"state":"open","title":"Bump org.owasp.esapi:esapi from 2.6.2.0 to 2.7.0.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-30T23:32:19.000Z","updated_at":"2025-06-30T23:32:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.6.2.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.6.2.0 to 2.7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.6.2.0\u0026new-version=2.7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stefan923/code-scanner-benchmark-ci/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stefan923%2Fcode-scanner-benchmark-ci/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}],"issue_packages":[{"old_version":"2.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2026-04-13T19:30:29.000Z","version_change":"2.0.1 → 2.6.0.0","issue":{"uuid":"4257377747","node_id":"PR_kwDOK8Zc3s7SF8VK","number":9,"state":"open","title":"Bump the maven group across 4 directories with 18 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-13T19:30:29.000Z","updated_at":"2026-05-05T02:03:13.541Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":18,"packages":[{"name":"org.apache.activemq:activemq-all","old_version":"5.15.8","new_version":"5.19.2","repository_url":"https://github.com/apache/activemq"},{"name":"org.wso2.carbon.mediation:org.wso2.carbon.localentry","old_version":"4.7.46","new_version":"4.7.259"},{"name":"commons-io:commons-io","old_version":"2.2","new_version":"2.14.0"},{"name":"org.opensaml:opensaml","old_version":"2.2.3","new_version":"2.6.5"},{"name":"org.springframework:spring-context","old_version":"4.1.5.RELEASE","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.apache.tomcat.embed:tomcat-embed-core","old_version":"7.0.85","new_version":"9.0.117"},{"name":"org.json:json","old_version":"20080701","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"io.netty:netty-common","old_version":"4.1.11.Final","new_version":"4.1.118.Final","repository_url":"https://github.com/netty/netty"},{"name":"org.apache.commons:commons-lang3","old_version":"3.1","new_version":"3.18.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.3.2","new_version":"1.6.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.apache.activemq:activemq-all](https://github.com/apache/activemq) | `5.15.8` | `5.19.2` |\n| org.wso2.carbon.mediation:org.wso2.carbon.localentry | `4.7.46` | `4.7.259` |\n| commons-io:commons-io | `2.2` | `2.14.0` |\n| org.opensaml:opensaml | `2.2.3` | `2.6.5` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `4.1.5.RELEASE` | `6.1.20` |\n| org.apache.tomcat.embed:tomcat-embed-core | `7.0.85` | `9.0.117` |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20080701` | `20231013` |\n| [io.netty:netty-common](https://github.com/netty/netty) | `4.1.11.Final` | `4.1.118.Final` |\n| org.apache.commons:commons-lang3 | `3.1` | `3.18.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.0.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.3.2` | `1.6.0` |\n\nBumps the maven group with 1 update in the /integration/automation-extensions directory: org.apache.commons:commons-lang3.\nBumps the maven group with 2 updates in the /p2-profile/analytics-profile directory: org.apache.commons:commons-lang3 and commons-fileupload:commons-fileupload.\nBumps the maven group with 3 updates in the /product-scenarios directory: org.apache.activemq:activemq-client, org.apache.commons:commons-lang3 and org.apache.axis2:axis2.\n\nUpdates `org.apache.activemq:activemq-all` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/b8b6125d64b9902c616a90b12765f1da35225ae4\"\u003e\u003ccode\u003eb8b6125\u003c/code\u003e\u003c/a\u003e Upgrade to log4j 2.25.3 and slf4j 2.0.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/2962323277ab07286c4dd84084d2e26c9c68b081\"\u003e\u003ccode\u003e2962323\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-pool2 from 2.12.1 to 2.13.1 (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1605\"\u003e#1605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/13360632df6e55c422e21c14fcc7cada0b1abf46\"\u003e\u003ccode\u003e1336063\u003c/code\u003e\u003c/a\u003e [AMQ-9815] Add additional attributes to ConnectorView (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1556\"\u003e#1556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/120aa34113b26c1aacac6461b798caa8b6048a08\"\u003e\u003ccode\u003e120aa34\u003c/code\u003e\u003c/a\u003e AMQ-9824 - Cleanup code in KahaDB classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/4f3bafbcb76f86fc89bf3a172044ccea602a27e6\"\u003e\u003ccode\u003e4f3bafb\u003c/code\u003e\u003c/a\u003e AMQ-9823 - properly clear ack set from ackAndPreparedMap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/7b71fc6289e6f26c200988df3cf9c0f5093dadf8\"\u003e\u003ccode\u003e7b71fc6\u003c/code\u003e\u003c/a\u003e AMQ-9819 - Rework Rest test fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/009b4f3cbb1469389497ab6ffe2df68ce897dd2c\"\u003e\u003ccode\u003e009b4f3\u003c/code\u003e\u003c/a\u003e [AMQ-9819]: harden #testConsumeAsyncTimeout() so it does not rely on a specif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c2dced4b307ca74f0784339a106261d0469be2b0\"\u003e\u003ccode\u003ec2dced4\u003c/code\u003e\u003c/a\u003e [AMQ-9820]: closed connections leaking into the pool when reconnectOnExceptio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/733257f23cdfdcc199e71ff3fc4670f2a56876a2\"\u003e\u003ccode\u003e733257f\u003c/code\u003e\u003c/a\u003e AMQ-9813 - Minor updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.activemq:activemq-broker` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/b8b6125d64b9902c616a90b12765f1da35225ae4\"\u003e\u003ccode\u003eb8b6125\u003c/code\u003e\u003c/a\u003e Upgrade to log4j 2.25.3 and slf4j 2.0.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/2962323277ab07286c4dd84084d2e26c9c68b081\"\u003e\u003ccode\u003e2962323\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-pool2 from 2.12.1 to 2.13.1 (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1605\"\u003e#1605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/13360632df6e55c422e21c14fcc7cada0b1abf46\"\u003e\u003ccode\u003e1336063\u003c/code\u003e\u003c/a\u003e [AMQ-9815] Add additional attributes to ConnectorView (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1556\"\u003e#1556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/120aa34113b26c1aacac6461b798caa8b6048a08\"\u003e\u003ccode\u003e120aa34\u003c/code\u003e\u003c/a\u003e AMQ-9824 - Cleanup code in KahaDB classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/4f3bafbcb76f86fc89bf3a172044ccea602a27e6\"\u003e\u003ccode\u003e4f3bafb\u003c/code\u003e\u003c/a\u003e AMQ-9823 - properly clear ack set from ackAndPreparedMap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/7b71fc6289e6f26c200988df3cf9c0f5093dadf8\"\u003e\u003ccode\u003e7b71fc6\u003c/code\u003e\u003c/a\u003e AMQ-9819 - Rework Rest test fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/009b4f3cbb1469389497ab6ffe2df68ce897dd2c\"\u003e\u003ccode\u003e009b4f3\u003c/code\u003e\u003c/a\u003e [AMQ-9819]: harden #testConsumeAsyncTimeout() so it does not rely on a specif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c2dced4b307ca74f0784339a106261d0469be2b0\"\u003e\u003ccode\u003ec2dced4\u003c/code\u003e\u003c/a\u003e [AMQ-9820]: closed connections leaking into the pool when reconnectOnExceptio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/733257f23cdfdcc199e71ff3fc4670f2a56876a2\"\u003e\u003ccode\u003e733257f\u003c/code\u003e\u003c/a\u003e AMQ-9813 - Minor updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.2\n\nUpdates `org.wso2.carbon.mediation:org.wso2.carbon.localentry` from 4.7.46 to 4.7.259\n\nUpdates `commons-io:commons-io` from 2.2 to 2.14.0\n\nUpdates `org.opensaml:opensaml` from 2.2.3 to 2.6.5\n\nUpdates `org.springframework:spring-context` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tomcat.embed:tomcat-embed-core` from 7.0.85 to 9.0.117\n\nUpdates `org.json:json` from 20080701 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230227\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/723\"\u003e#723\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eProtect JSONML from stack overflow exceptions caused by recursion\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/720\"\u003e#720\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eLimit the XML nesting depth for CVE-2022-45688\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/711\"\u003e#711\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRevert pull 707 - interviewbit spam\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/704\"\u003e#704\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eMove javadoc comments above the interface definition to make it visible\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/703\"\u003e#703\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate Releases.md for JSONObject(Map): Throws NPE if key is null\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/696\"\u003e#696\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate JSONPointerTest for NonDex compatibility\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/694\"\u003e#694\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePretty print XML\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/692\"\u003e#692\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eExample.md syntax highlight and indentation\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/691\"\u003e#691\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eCreate unit tests for various number formats\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20220924\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/688\"\u003e#688\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate copyright to Public Domain\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/687\"\u003e#687\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix a typo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/685\"\u003e#685\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSONObject map type unit tests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003cp\u003e20230227    Fix for CVE-2022-45688 and recent commits\u003c/p\u003e\n\u003cp\u003e20220924    New License - public domain, and some minor updates\u003c/p\u003e\n\u003cp\u003e20220320    Wrap StackOverflow with JSONException\u003c/p\u003e\n\u003cp\u003e20211205    Recent commits and some bug fixes for similar()\u003c/p\u003e\n\u003cp\u003e20210307    Recent commits and potentially breaking fix to JSONPointer\u003c/p\u003e\n\u003cp\u003e20201115    Recent commits and first release after project structure change\u003c/p\u003e\n\u003cp\u003e20200518    Recent commits and snapshot before project structure change\u003c/p\u003e\n\u003cp\u003e20190722    Recent commits\u003c/p\u003e\n\u003cp\u003e20180813    POM change to include Automatic-Module-Name (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/431\"\u003e#431\u003c/a\u003e)\nJSONObject(Map) now throws an exception if any of a map keys are null (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/405\"\u003e#405\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e20180130    Recent commits\u003c/p\u003e\n\u003cp\u003e20171018    Checkpoint for recent commits.\u003c/p\u003e\n\u003cp\u003e20170516    Roll up recent commits.\u003c/p\u003e\n\u003cp\u003e20160810    Revert code that was breaking opt*() methods.\u003c/p\u003e\n\u003cp\u003e20160807    This release contains a bug in the JSONObject.opt*() and JSONArray.opt*() methods,\nit is not recommended for use.\nJava 1.6 compatability fixed, JSONArray.toList() and JSONObject.toMap(),\nRFC4180 compatibility, JSONPointer, some exception fixes, optional XML type conversion.\nContains the latest code as of 7 Aug 2016\u003c/p\u003e\n\u003cp\u003e20160212    Java 1.6 compatibility, OSGi bundle. Contains the latest code as of 12 Feb 2016.\u003c/p\u003e\n\u003cp\u003e20151123    JSONObject and JSONArray initialization with generics. Contains the latest code as of 23 Nov 2015.\u003c/p\u003e\n\u003cp\u003e20150729    Checkpoint for Maven central repository release. Contains the latest code\nas of 29 July 2015.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits/20231013\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-common` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-handler` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec-http` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.owasp.esapi:esapi` from 2.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.3.2 to 3.18.0\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.4\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.axis2:axis2` from 1.6.2 to 1.8.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jadenblack/product-ei/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/jadenblack/product-ei/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jadenblack%2Fproduct-ei/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"2.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2026-04-08T15:16:11.000Z","version_change":"2.0.1 → 2.6.0.0","issue":{"uuid":"4225596891","node_id":"PR_kwDOK8Zc3s7Q2b8f","number":6,"state":"closed","title":"Bump the maven group across 4 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-10T21:11:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-08T15:16:11.000Z","updated_at":"2026-04-10T21:11:16.000Z","time_to_close":194103,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":17,"packages":[{"name":"org.apache.activemq:activemq-all","old_version":"5.15.8","new_version":"5.19.2","repository_url":"https://github.com/apache/activemq"},{"name":"org.wso2.carbon.mediation:org.wso2.carbon.localentry","old_version":"4.7.46","new_version":"4.7.259"},{"name":"commons-io:commons-io","old_version":"2.2","new_version":"2.14.0"},{"name":"org.opensaml:opensaml","old_version":"2.2.3","new_version":"2.6.5"},{"name":"org.springframework:spring-context","old_version":"4.1.5.RELEASE","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.apache.tomcat.embed:tomcat-embed-core","old_version":"7.0.85","new_version":"9.0.115"},{"name":"org.json:json","old_version":"20080701","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"io.netty:netty-common","old_version":"4.1.11.Final","new_version":"4.1.118.Final","repository_url":"https://github.com/netty/netty"},{"name":"org.apache.commons:commons-lang3","old_version":"3.1","new_version":"3.18.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.3.2","new_version":"1.6.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.apache.activemq:activemq-all](https://github.com/apache/activemq) | `5.15.8` | `5.19.2` |\n| org.wso2.carbon.mediation:org.wso2.carbon.localentry | `4.7.46` | `4.7.259` |\n| commons-io:commons-io | `2.2` | `2.14.0` |\n| org.opensaml:opensaml | `2.2.3` | `2.6.5` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `4.1.5.RELEASE` | `6.1.20` |\n| org.apache.tomcat.embed:tomcat-embed-core | `7.0.85` | `9.0.115` |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20080701` | `20231013` |\n| [io.netty:netty-common](https://github.com/netty/netty) | `4.1.11.Final` | `4.1.118.Final` |\n| org.apache.commons:commons-lang3 | `3.1` | `3.18.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.0.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.3.2` | `1.6.0` |\n\nBumps the maven group with 1 update in the /integration/automation-extensions directory: org.apache.commons:commons-lang3.\nBumps the maven group with 2 updates in the /p2-profile/analytics-profile directory: org.apache.commons:commons-lang3 and commons-fileupload:commons-fileupload.\nBumps the maven group with 3 updates in the /product-scenarios directory: [org.apache.activemq:activemq-client](https://github.com/apache/activemq), org.apache.commons:commons-lang3 and org.apache.axis2:axis2.\n\nUpdates `org.apache.activemq:activemq-all` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/b8b6125d64b9902c616a90b12765f1da35225ae4\"\u003e\u003ccode\u003eb8b6125\u003c/code\u003e\u003c/a\u003e Upgrade to log4j 2.25.3 and slf4j 2.0.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/2962323277ab07286c4dd84084d2e26c9c68b081\"\u003e\u003ccode\u003e2962323\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-pool2 from 2.12.1 to 2.13.1 (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1605\"\u003e#1605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/13360632df6e55c422e21c14fcc7cada0b1abf46\"\u003e\u003ccode\u003e1336063\u003c/code\u003e\u003c/a\u003e [AMQ-9815] Add additional attributes to ConnectorView (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1556\"\u003e#1556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/120aa34113b26c1aacac6461b798caa8b6048a08\"\u003e\u003ccode\u003e120aa34\u003c/code\u003e\u003c/a\u003e AMQ-9824 - Cleanup code in KahaDB classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/4f3bafbcb76f86fc89bf3a172044ccea602a27e6\"\u003e\u003ccode\u003e4f3bafb\u003c/code\u003e\u003c/a\u003e AMQ-9823 - properly clear ack set from ackAndPreparedMap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/7b71fc6289e6f26c200988df3cf9c0f5093dadf8\"\u003e\u003ccode\u003e7b71fc6\u003c/code\u003e\u003c/a\u003e AMQ-9819 - Rework Rest test fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/009b4f3cbb1469389497ab6ffe2df68ce897dd2c\"\u003e\u003ccode\u003e009b4f3\u003c/code\u003e\u003c/a\u003e [AMQ-9819]: harden #testConsumeAsyncTimeout() so it does not rely on a specif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c2dced4b307ca74f0784339a106261d0469be2b0\"\u003e\u003ccode\u003ec2dced4\u003c/code\u003e\u003c/a\u003e [AMQ-9820]: closed connections leaking into the pool when reconnectOnExceptio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/733257f23cdfdcc199e71ff3fc4670f2a56876a2\"\u003e\u003ccode\u003e733257f\u003c/code\u003e\u003c/a\u003e AMQ-9813 - Minor updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/activemq/releases\"\u003eorg.apache.activemq:activemq-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache ActiveMQ 5.19.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[5.19.x] Backport: Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1800\"\u003eapache/activemq#1800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to spring.schemas in preparation for the 5.19.3 release by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1805\"\u003eapache/activemq#1805\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1802\"\u003eapache/activemq#1802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the copyright year in the NOTICE by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1807\"\u003eapache/activemq#1807\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\"\u003ehttps://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/e216f452084ab01641ac5ae8bf7c0d8777c79e9a\"\u003e\u003ccode\u003ee216f45\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0382e8c45ba95d6daa6f4b3885087732d6ac61ca\"\u003e\u003ccode\u003e0382e8c\u003c/code\u003e\u003c/a\u003e Update the copyright year in the NOTICE (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1807\"\u003e#1807\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/256f225b6df7945fffff0134949bea3e26f84744\"\u003e\u003ccode\u003e256f225\u003c/code\u003e\u003c/a\u003e Backport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1802\"\u003e#1802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/d01dd9dc682d083ecbbd1dde7fb2f3772f371097\"\u003e\u003ccode\u003ed01dd9d\u003c/code\u003e\u003c/a\u003e Upgrade to spring.schemas in preparation for the 5.19.3 release (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1805\"\u003e#1805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/171fdfc5148156f3e98fa3ca81e77034cc155279\"\u003e\u003ccode\u003e171fdfc\u003c/code\u003e\u003c/a\u003e Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1800\"\u003e#1800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/589fcfc966b99350f5bdc75dbb34aff3dc7210c9\"\u003e\u003ccode\u003e589fcfc\u003c/code\u003e\u003c/a\u003e AMQ-9843 Handle InstanceNotFoundException during MBean unregistration to avoi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/635448326ffa4386be7baf015a3293eb3850a16c\"\u003e\u003ccode\u003e6354483\u003c/code\u003e\u003c/a\u003e AMQ-9588: Run ActiveMQ with regular user in Docker container, and hook to eas...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0d0e7414f209fe8dbab77cacc0fdf505cef6d3ae\"\u003e\u003ccode\u003e0d0e741\u003c/code\u003e\u003c/a\u003e AMQ-9812: Allow user to set ACTIVEMQ_OPTS and ACTIVEMQ_OPTS_MEMORY env variab...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/027fa1626601aca1bcafb211829760d3930d3716\"\u003e\u003ccode\u003e027fa16\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.wso2.carbon.mediation:org.wso2.carbon.localentry` from 4.7.46 to 4.7.259\n\nUpdates `commons-io:commons-io` from 2.2 to 2.14.0\n\nUpdates `org.opensaml:opensaml` from 2.2.3 to 2.6.5\n\nUpdates `org.springframework:spring-context` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 4.1.5.RELEASE to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v4.1.5.RELEASE...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tomcat.embed:tomcat-embed-core` from 7.0.85 to 9.0.115\n\nUpdates `org.json:json` from 20080701 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230227\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/723\"\u003e#723\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eProtect JSONML from stack overflow exceptions caused by recursion\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/720\"\u003e#720\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eLimit the XML nesting depth for CVE-2022-45688\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/711\"\u003e#711\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRevert pull 707 - interviewbit spam\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/704\"\u003e#704\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eMove javadoc comments above the interface definition to make it visible\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/703\"\u003e#703\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate Releases.md for JSONObject(Map): Throws NPE if key is null\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/696\"\u003e#696\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate JSONPointerTest for NonDex compatibility\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/694\"\u003e#694\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePretty print XML\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/692\"\u003e#692\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eExample.md syntax highlight and indentation\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/691\"\u003e#691\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eCreate unit tests for various number formats\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20220924\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/688\"\u003e#688\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate copyright to Public Domain\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/687\"\u003e#687\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix a typo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/685\"\u003e#685\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSONObject map type unit tests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003cp\u003e20230227    Fix for CVE-2022-45688 and recent commits\u003c/p\u003e\n\u003cp\u003e20220924    New License - public domain, and some minor updates\u003c/p\u003e\n\u003cp\u003e20220320    Wrap StackOverflow with JSONException\u003c/p\u003e\n\u003cp\u003e20211205    Recent commits and some bug fixes for similar()\u003c/p\u003e\n\u003cp\u003e20210307    Recent commits and potentially breaking fix to JSONPointer\u003c/p\u003e\n\u003cp\u003e20201115    Recent commits and first release after project structure change\u003c/p\u003e\n\u003cp\u003e20200518    Recent commits and snapshot before project structure change\u003c/p\u003e\n\u003cp\u003e20190722    Recent commits\u003c/p\u003e\n\u003cp\u003e20180813    POM change to include Automatic-Module-Name (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/431\"\u003e#431\u003c/a\u003e)\nJSONObject(Map) now throws an exception if any of a map keys are null (\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/405\"\u003e#405\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e20180130    Recent commits\u003c/p\u003e\n\u003cp\u003e20171018    Checkpoint for recent commits.\u003c/p\u003e\n\u003cp\u003e20170516    Roll up recent commits.\u003c/p\u003e\n\u003cp\u003e20160810    Revert code that was breaking opt*() methods.\u003c/p\u003e\n\u003cp\u003e20160807    This release contains a bug in the JSONObject.opt*() and JSONArray.opt*() methods,\nit is not recommended for use.\nJava 1.6 compatability fixed, JSONArray.toList() and JSONObject.toMap(),\nRFC4180 compatibility, JSONPointer, some exception fixes, optional XML type conversion.\nContains the latest code as of 7 Aug 2016\u003c/p\u003e\n\u003cp\u003e20160212    Java 1.6 compatibility, OSGi bundle. Contains the latest code as of 12 Feb 2016.\u003c/p\u003e\n\u003cp\u003e20151123    JSONObject and JSONArray initialization with generics. Contains the latest code as of 23 Nov 2015.\u003c/p\u003e\n\u003cp\u003e20150729    Checkpoint for Maven central repository release. Contains the latest code\nas of 29 July 2015.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-common` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-handler` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.netty:netty-codec-http` from 4.1.11.Final to 4.1.118.Final\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/36f95cfaeed0c1313b21f1b5350c19436ae7fb45\"\u003e\u003ccode\u003e36f95cf\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release netty-4.1.118.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4\"\u003e\u003ccode\u003e87f4072\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386\"\u003e\u003ccode\u003ed1fbda6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f844d78e4e23182610a24576d225de933f90f92e\"\u003e\u003ccode\u003ef844d78\u003c/code\u003e\u003c/a\u003e Upgrade netty-tcnative to 2.0.70.Final (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14790\"\u003e#14790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8afb5d916f135edbc3a14f855665f077ddf56ae7\"\u003e\u003ccode\u003e8afb5d9\u003c/code\u003e\u003c/a\u003e Only run 2 jobs with leak detection to minimize build times (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14784\"\u003e#14784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/f2c27dadba055e7f496ee6298262ee06522f5fd9\"\u003e\u003ccode\u003ef2c27da\u003c/code\u003e\u003c/a\u003e AdaptivePoolingAllocator: Round chunk sizes up to MIN_CHUNK_SIZE units and re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8d387ffbecbc95758f90cc97f18096c6ad21b073\"\u003e\u003ccode\u003e8d387ff\u003c/code\u003e\u003c/a\u003e Change the default AdaptiveRecvByteBufAllocator buffer size values' visibilit...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/1cfd3a62ca8633cc6d1729222214c64c5b50fd89\"\u003e\u003ccode\u003e1cfd3a6\u003c/code\u003e\u003c/a\u003e Fix possible buffer leak when stream can't be mapped (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14746\"\u003e#14746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/8f9eadb7b6b4dd74b0689a01c920dac4ead18115\"\u003e\u003ccode\u003e8f9eadb\u003c/code\u003e\u003c/a\u003e Fix AccessControlException in GlobalEventExecutor (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14743\"\u003e#14743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/netty/netty/commit/6fcd3e622b9e4e7b986f9ef52a43b9b69c29c53f\"\u003e\u003ccode\u003e6fcd3e6\u003c/code\u003e\u003c/a\u003e KQueueEventLoop leaks memory on shutdown. (\u003ca href=\"https://redirect.github.com/netty/netty/issues/14745\"\u003e#14745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/netty/netty/compare/netty-4.1.11.Final...netty-4.1.118.Final\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.owasp.esapi:esapi` from 2.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.3.2 to 3.18.0\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.2 to 1.6.0\n\nUpdates `org.apache.activemq:activemq-client` from 5.15.8 to 5.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/activemq/releases\"\u003eorg.apache.activemq:activemq-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache ActiveMQ 5.19.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[5.19.x] Backport: Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1800\"\u003eapache/activemq#1800\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to spring.schemas in preparation for the 5.19.3 release by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1805\"\u003eapache/activemq#1805\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1802\"\u003eapache/activemq#1802\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the copyright year in the NOTICE by \u003ca href=\"https://github.com/jbonofre\"\u003e\u003ccode\u003e@​jbonofre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/activemq/pull/1807\"\u003eapache/activemq#1807\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\"\u003ehttps://github.com/apache/activemq/compare/activemq-5.19.2...activemq-5.19.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/e216f452084ab01641ac5ae8bf7c0d8777c79e9a\"\u003e\u003ccode\u003ee216f45\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0382e8c45ba95d6daa6f4b3885087732d6ac61ca\"\u003e\u003ccode\u003e0382e8c\u003c/code\u003e\u003c/a\u003e Update the copyright year in the NOTICE (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1807\"\u003e#1807\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/256f225b6df7945fffff0134949bea3e26f84744\"\u003e\u003ccode\u003e256f225\u003c/code\u003e\u003c/a\u003e Backport: fix the imports and dependencies (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1802\"\u003e#1802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/d01dd9dc682d083ecbbd1dde7fb2f3772f371097\"\u003e\u003ccode\u003ed01dd9d\u003c/code\u003e\u003c/a\u003e Upgrade to spring.schemas in preparation for the 5.19.3 release (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1805\"\u003e#1805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/171fdfc5148156f3e98fa3ca81e77034cc155279\"\u003e\u003ccode\u003e171fdfc\u003c/code\u003e\u003c/a\u003e Improve FactoryFinder Validation (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1793\"\u003e#1793\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/activemq/issues/1800\"\u003e#1800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/589fcfc966b99350f5bdc75dbb34aff3dc7210c9\"\u003e\u003ccode\u003e589fcfc\u003c/code\u003e\u003c/a\u003e AMQ-9843 Handle InstanceNotFoundException during MBean unregistration to avoi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/635448326ffa4386be7baf015a3293eb3850a16c\"\u003e\u003ccode\u003e6354483\u003c/code\u003e\u003c/a\u003e AMQ-9588: Run ActiveMQ with regular user in Docker container, and hook to eas...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/0d0e7414f209fe8dbab77cacc0fdf505cef6d3ae\"\u003e\u003ccode\u003e0d0e741\u003c/code\u003e\u003c/a\u003e AMQ-9812: Allow user to set ACTIVEMQ_OPTS and ACTIVEMQ_OPTS_MEMORY env variab...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/027fa1626601aca1bcafb211829760d3930d3716\"\u003e\u003ccode\u003e027fa16\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/activemq/commit/c0ba134bd07f5c15f04f9b7cb7a6a1b021ef3882\"\u003e\u003ccode\u003ec0ba134\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release activemq-5.19.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/activemq/compare/activemq-5.15.8...activemq-5.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `org.apache.axis2:axis2` from 1.6.2 to 1.8.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jadenblack/product-ei/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/jadenblack/product-ei/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jadenblack%2Fproduct-ei/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"2.5.3.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-12-01T09:55:36.000Z","version_change":"2.5.3.1 → 2.6.0.0","issue":{"uuid":"3680195563","node_id":"PR_kwDOL3sGR862TcZb","number":1,"state":"open","title":"Bump the maven group across 22 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-01T09:55:36.000Z","updated_at":"2026-02-03T01:12:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":13,"packages":[{"name":"org.apache.solr:solr-core","old_version":"1.4.1","new_version":"9.8.0"},{"name":"org.springframework:spring-core","old_version":"3.1.4.RELEASE","new_version":"3.2.9.RELEASE","repository_url":"https://github.com/SpringSource/spring-framework"},{"name":"org.springframework.security:spring-security-core","old_version":"3.1.7.RELEASE","new_version":"5.7.14","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.owasp.esapi:esapi","old_version":"2.5.3.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.commons:commons-lang3","old_version":"3.12.0","new_version":"3.18.0"},{"name":"com.h2database:h2","old_version":"1.3.176","new_version":"2.2.220","repository_url":"https://github.com/h2database/h2database"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/publication-service-oaipmh-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/publication-service-configurable directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/publication-service-configurable-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 7 updates in the /modules/publication-service-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/presets directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/playlists directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/oaipmh directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/oaipmh-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/oaipmh-persistence directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 7 updates in the /modules/oaipmh-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/notification-workflowoperation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/mpeg7 directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/metrics-exporter directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/metadata directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/metadata-to-acl-workflowoperation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 7 updates in the /modules/metadata-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n\nBumps the maven group with 8 updates in the /modules/message-broker-api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/mattermost-notification-workflowoperation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/lti directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/lti-service-remote directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\nBumps the maven group with 8 updates in the /modules/lti-service-impl directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.solr:solr-core | `1.4.1` | `9.8.0` |\n| [org.springframework:spring-core](https://github.com/SpringSource/spring-framework) | `3.1.4.RELEASE` | `3.2.9.RELEASE` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `3.1.7.RELEASE` | `5.7.14` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.6.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-lang3 | `3.12.0` | `3.18.0` |\n| [com.h2database:h2](https://github.com/h2database/h2database) | `1.3.176` | `2.2.220` |\n| org.opencastproject:opencast-common | `16-SNAPSHOT` | `16.10` |\n\n\nUpdates `org.apache.solr:solr-core` from 1.4.1 to 9.8.0\n\nUpdates `org.springframework:spring-core` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-beans` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-expression` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-core` from 3.1.7.RELEASE to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc\"\u003eorg.springframework.security:spring-security-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e= Release Process\u003c/p\u003e\n\u003cp\u003eThe release process for Spring Security is entirely automated via the \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc%5BSpring\"\u003ehttps://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc[Spring\u003c/a\u003e Security Release Plugin] and \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows%5Breusable\"\u003ehttps://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows[reusable\u003c/a\u003e workflows].\nThe following table outlines the steps that are taken by the automation.\u003c/p\u003e\n\u003cp\u003eWARNING: The \u003ccode\u003e5.8.x\u003c/code\u003e branch does not have all of the improvements from the \u003ccode\u003e6.x.x\u003c/code\u003e branches. See \u0026quot;Status (5.8.x)\u0026quot; for which steps are still manual.\u003c/p\u003e\n\u003cp\u003eIn case of a failure, you can follow the links below to read about each step, which includes instructions for performing the step manually if applicable.\nSee \u0026lt;\u0026lt;frequently-asked-questions,FAQ\u0026gt;\u0026gt; for troubleshooting tips.\u003c/p\u003e\n\u003cp\u003e[cols=\u0026quot;1,1,1\u0026quot;]\n|===\n| Step | Status (5.8.x) | Status (6.0.x+)\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u0026lt;close-create-milestone,Close milestone\u0026gt;\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/3.1.7.RELEASE...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-web` from 3.1.7.RELEASE to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc\"\u003eorg.springframework.security:spring-security-web's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e= Release Process\u003c/p\u003e\n\u003cp\u003eThe release process for Spring Security is entirely automated via the \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc%5BSpring\"\u003ehttps://github.com/spring-io/spring-security-release-tools/blob/main/release-plugin/README.adoc[Spring\u003c/a\u003e Security Release Plugin] and \u003ca href=\"https://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows%5Breusable\"\u003ehttps://github.com/spring-io/spring-security-release-tools/tree/main/.github/workflows[reusable\u003c/a\u003e workflows].\nThe following table outlines the steps that are taken by the automation.\u003c/p\u003e\n\u003cp\u003eWARNING: The \u003ccode\u003e5.8.x\u003c/code\u003e branch does not have all of the improvements from the \u003ccode\u003e6.x.x\u003c/code\u003e branches. See \u0026quot;Status (5.8.x)\u0026quot; for which steps are still manual.\u003c/p\u003e\n\u003cp\u003eIn case of a failure, you can follow the links below to read about each step, which includes instructions for performing the step manually if applicable.\nSee \u0026lt;\u0026lt;frequently-asked-questions,FAQ\u0026gt;\u0026gt; for troubleshooting tips.\u003c/p\u003e\n\u003cp\u003e[cols=\u0026quot;1,1,1\u0026quot;]\n|===\n| Step | Status (5.8.x) | Status (6.0.x+)\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :white_check_mark: automated\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u003c!-- raw HTML omitted --\u003e\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003cp\u003e| \u0026lt;\u0026lt;close-create-milestone,Close milestone\u0026gt;\u0026gt;\n| :x: manual\n| :white_check_mark: automated\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/3.1.7.RELEASE...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.5.3.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.3.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.12.0 to 3.18.0\n\nUpdates `com.h2database:h2` from 1.3.176 to 2.2.220\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/h2database/h2database/releases\"\u003ecom.h2database:h2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.220\u003c/h2\u003e\n\u003cp\u003eChanges since 2.1.214 release:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/h2database/h2database/commits/version-2.2.220\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.solr:solr-core` from 1.4.1 to 9.8.0\n\nUpdates `org.springframework:spring-core` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-beans` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-expression` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 3.1.4.RELEASE to 3.2.9.RELEASE\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/58587159f08a5349801671b486cd781baa63cb9f\"\u003e\u003ccode\u003e5858715\u003c/code\u003e\u003c/a\u003e Release version 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/69b9d0017953a261d9e2ece81499ce87d63465d0\"\u003e\u003ccode\u003e69b9d00\u003c/code\u003e\u003c/a\u003e Add 3.2.9 issues to the changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8aabc43dadf100f5f55f487a886a6dfff9b09815\"\u003e\u003ccode\u003e8aabc43\u003c/code\u003e\u003c/a\u003e Servlet 3 multipart request implements getParameterMap defensively as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4d3aa590282a5ab07b557d67ae7c094335b95d61\"\u003e\u003ccode\u003e4d3aa59\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb\"\u003e\u003ccode\u003ec6503eb\u003c/code\u003e\u003c/a\u003e Disable URL resolution in DTD declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f42f2231a4cc6fbc8281f27925ff83662571969e\"\u003e\u003ccode\u003ef42f223\u003c/code\u003e\u003c/a\u003e Minor UriComponentsBuilder javadoc revision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0313222bc781dd4ef041b8f99886663657f24d4f\"\u003e\u003ccode\u003e0313222\u003c/code\u003e\u003c/a\u003e Consistent use of IllegalStateException instead of InternalError for Unsuppor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f524a5abe404b827a52aaa6a914bd32ba74cb52c\"\u003e\u003ccode\u003ef524a5a\u003c/code\u003e\u003c/a\u003e StringUtils.parseLocaleString parses variant correctly when variant contains ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f053ce52eaad7529e8d6a5a34fa5ce1a7bedcab1\"\u003e\u003ccode\u003ef053ce5\u003c/code\u003e\u003c/a\u003e Consistently log Class.getName() instead of Class.toString(), avoiding double...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5e05a84d81730f94205dced536db7fd9d6db9117\"\u003e\u003ccode\u003e5e05a84\u003c/code\u003e\u003c/a\u003e Refined check for NoClassDefFoundError in getTestExecutionListeners()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/SpringSource/spring-framework/compare/v3.1.4.RELEASE...v3.2.9.RELEASE\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-core` from 3.1.7.RELEASE to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode...\n\n_Description has been truncated_","html_url":"https://github.com/djdiakametavers/opencast/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/djdiakametavers%2Fopencast/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.5.3.1","new_version":"2.7.0.0","update_type":"minor","path":"/backend","pr_created_at":"2025-11-30T06:29:24.000Z","version_change":"2.5.3.1 → 2.7.0.0","issue":{"uuid":"3677438184","node_id":"PR_kwDOQfm7Uc62KO7P","number":8,"state":"open","title":"deps: bump the minor-and-patch group in /backend with 13 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-30T06:29:24.000Z","updated_at":"2025-11-30T06:29:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: bump","group_name":"minor-and-patch","update_count":13,"packages":[{"name":"io.jsonwebtoken:jjwt-api","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-impl","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-jackson","old_version":"0.11.5","new_version":"0.13.0"},{"name":"org.projectlombok:lombok","old_version":"1.18.30","new_version":"1.18.42","repository_url":"https://github.com/projectlombok/lombok"},{"name":"io.opentelemetry.instrumentation:opentelemetry-spring-boot-starter","old_version":"2.0.0-alpha","new_version":"2.22.0","repository_url":"https://github.com/open-telemetry/opentelemetry-java-instrumentation"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.3","new_version":"1.4.0","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.passay:passay","old_version":"1.6.3","new_version":"1.6.6","repository_url":"https://github.com/vt-middleware/passay"},{"name":"org.mapstruct:mapstruct","old_version":"1.5.5.Final","new_version":"1.6.3","repository_url":"https://github.com/mapstruct/mapstruct"},{"name":"org.owasp.esapi:esapi","old_version":"2.5.3.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.jsoup:jsoup","old_version":"1.16.1","new_version":"1.21.2","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.mapstruct:mapstruct-processor","old_version":"1.5.5.Final","new_version":"1.6.3","repository_url":"https://github.com/mapstruct/mapstruct"},{"name":"org.jacoco:jacoco-maven-plugin","old_version":"0.8.11","new_version":"0.8.14","repository_url":"https://github.com/jacoco/jacoco"},{"name":"org.apache.maven.plugins:maven-compiler-plugin","old_version":"3.11.0","new_version":"3.14.1","repository_url":"https://github.com/apache/maven-compiler-plugin"}],"path":"/backend","ecosystem":"maven"},"body":"Bumps the minor-and-patch group in /backend with 13 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| io.jsonwebtoken:jjwt-jackson | `0.11.5` | `0.13.0` |\n| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.30` | `1.18.42` |\n| [io.opentelemetry.instrumentation:opentelemetry-spring-boot-starter](https://github.com/open-telemetry/opentelemetry-java-instrumentation) | `2.0.0-alpha` | `2.22.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.3` | `1.4.0` |\n| [org.passay:passay](https://github.com/vt-middleware/passay) | `1.6.3` | `1.6.6` |\n| [org.mapstruct:mapstruct](https://github.com/mapstruct/mapstruct) | `1.5.5.Final` | `1.6.3` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.5.3.1` | `2.7.0.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.16.1` | `1.21.2` |\n| [org.mapstruct:mapstruct-processor](https://github.com/mapstruct/mapstruct) | `1.5.5.Final` | `1.6.3` |\n| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.11` | `0.8.14` |\n| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.11.0` | `3.14.1` |\n\nUpdates `io.jsonwebtoken:jjwt-api` from 0.11.5 to 0.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/releases\"\u003eio.jsonwebtoken:jjwt-api's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.13.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the last minor JJWT release branch that will support Java 7\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eAny necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including \u003ca href=\"https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8\"\u003eJava 8 compatible changes\u003c/a\u003e, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release contains a single change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims  type converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance. Thank you to \u003ca href=\"https://github.com/kesrishubham2510\"\u003e\u003ccode\u003e@​kesrishubham2510\u003c/code\u003e\u003c/a\u003e for PR \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.7\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM! This is useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigpwned\"\u003e\u003ccode\u003e@​sigpwned\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/968\"\u003ejwtk/jjwt#968\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TheMrMilchmann\"\u003e\u003ccode\u003e@​TheMrMilchmann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/979\"\u003ejwtk/jjwt#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/atanasg\"\u003e\u003ccode\u003e@​atanasg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/974\"\u003ejwtk/jjwt#974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.6\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003ejwtk/jjwt#947\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md\"\u003eio.jsonwebtoken:jjwt-api's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e0.13.0\u003c/h3\u003e\n\u003cp\u003eThis is the last minor JJWT release branch that will support Java 7. Any necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including Java 8 compatible changes, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis \u003ccode\u003e0.13.0\u003c/code\u003e minor release has only one change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims\ntype converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance.  See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.7\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM, useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.6\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See\n\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003eIssue 947\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a \u003ccode\u003ezip\u003c/code\u003e header of \u003ccode\u003eGZIP\u003c/code\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/949\"\u003eIssue 949\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUpgrades BouncyCastle to 1.78 via \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/941\"\u003ePR 941\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsures that a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e list member is no longer considered secret and is not redacted by default. However, each individual JWK element within the \u003ccode\u003ekeys\u003c/code\u003e list may still have \u003ca href=\"https://github.com/jwtk/jjwt?tab=readme-ov-file#jwk-tostring-safety\"\u003eredacted private or secret members\u003c/a\u003e as expected. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.5\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that builders' \u003ccode\u003eNestedCollection\u003c/code\u003e changes are applied to the collection immediately as mutation methods are called, no longer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b\"\u003e\u003ccode\u003ea757add\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 0.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d\"\u003e\u003ccode\u003ee357463\u003c/code\u003e\u003c/a\u003e Preparing for the 0.13.0 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342\"\u003e\u003ccode\u003eb6f8cb8\u003c/code\u003e\u003c/a\u003e Made constructor public to allow users their own objectMapper instance (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14\"\u003e\u003ccode\u003e03f088a\u003c/code\u003e\u003c/a\u003e Bumping development version to 0.13.0-SNAPSHOT (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1014\"\u003e#1014\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca\"\u003e\u003ccode\u003e3f2697f\u003c/code\u003e\u003c/a\u003e Release 0.12.7 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1012\"\u003e#1012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9\"\u003e\u003ccode\u003eefed1cf\u003c/code\u003e\u003c/a\u003e Updated 0.12.7 change list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8\"\u003e\u003ccode\u003eca27b12\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1010\"\u003e#1010\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478\"\u003e\u003ccode\u003e55c7b9a\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/771\"\u003e#771\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e\"\u003e\u003ccode\u003e6e9c6a5\u003c/code\u003e\u003c/a\u003e Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/7ec7dd1a19a38a1829903f88b9512697bfb7be3c\"\u003e\u003ccode\u003e7ec7dd1\u003c/code\u003e\u003c/a\u003e Enable JwtParser empty nested algorithm collections. (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.11.5...0.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.jsonwebtoken:jjwt-impl` from 0.11.5 to 0.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/releases\"\u003eio.jsonwebtoken:jjwt-impl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.13.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the last minor JJWT release branch that will support Java 7\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eAny necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including \u003ca href=\"https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8\"\u003eJava 8 compatible changes\u003c/a\u003e, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release contains a single change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims  type converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance. Thank you to \u003ca href=\"https://github.com/kesrishubham2510\"\u003e\u003ccode\u003e@​kesrishubham2510\u003c/code\u003e\u003c/a\u003e for PR \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.7\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM! This is useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigpwned\"\u003e\u003ccode\u003e@​sigpwned\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/968\"\u003ejwtk/jjwt#968\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TheMrMilchmann\"\u003e\u003ccode\u003e@​TheMrMilchmann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/979\"\u003ejwtk/jjwt#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/atanasg\"\u003e\u003ccode\u003e@​atanasg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/974\"\u003ejwtk/jjwt#974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.6\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003ejwtk/jjwt#947\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md\"\u003eio.jsonwebtoken:jjwt-impl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e0.13.0\u003c/h3\u003e\n\u003cp\u003eThis is the last minor JJWT release branch that will support Java 7. Any necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including Java 8 compatible changes, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis \u003ccode\u003e0.13.0\u003c/code\u003e minor release has only one change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims\ntype converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance.  See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.7\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM, useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.6\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See\n\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003eIssue 947\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a \u003ccode\u003ezip\u003c/code\u003e header of \u003ccode\u003eGZIP\u003c/code\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/949\"\u003eIssue 949\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUpgrades BouncyCastle to 1.78 via \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/941\"\u003ePR 941\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsures that a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e list member is no longer considered secret and is not redacted by default. However, each individual JWK element within the \u003ccode\u003ekeys\u003c/code\u003e list may still have \u003ca href=\"https://github.com/jwtk/jjwt?tab=readme-ov-file#jwk-tostring-safety\"\u003eredacted private or secret members\u003c/a\u003e as expected. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.5\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that builders' \u003ccode\u003eNestedCollection\u003c/code\u003e changes are applied to the collection immediately as mutation methods are called, no longer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b\"\u003e\u003ccode\u003ea757add\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 0.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d\"\u003e\u003ccode\u003ee357463\u003c/code\u003e\u003c/a\u003e Preparing for the 0.13.0 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342\"\u003e\u003ccode\u003eb6f8cb8\u003c/code\u003e\u003c/a\u003e Made constructor public to allow users their own objectMapper instance (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14\"\u003e\u003ccode\u003e03f088a\u003c/code\u003e\u003c/a\u003e Bumping development version to 0.13.0-SNAPSHOT (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1014\"\u003e#1014\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca\"\u003e\u003ccode\u003e3f2697f\u003c/code\u003e\u003c/a\u003e Release 0.12.7 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1012\"\u003e#1012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9\"\u003e\u003ccode\u003eefed1cf\u003c/code\u003e\u003c/a\u003e Updated 0.12.7 change list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8\"\u003e\u003ccode\u003eca27b12\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1010\"\u003e#1010\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478\"\u003e\u003ccode\u003e55c7b9a\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/771\"\u003e#771\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e\"\u003e\u003ccode\u003e6e9c6a5\u003c/code\u003e\u003c/a\u003e Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/7ec7dd1a19a38a1829903f88b9512697bfb7be3c\"\u003e\u003ccode\u003e7ec7dd1\u003c/code\u003e\u003c/a\u003e Enable JwtParser empty nested algorithm collections. (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.11.5...0.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.jsonwebtoken:jjwt-jackson` from 0.11.5 to 0.13.0\n\nUpdates `io.jsonwebtoken:jjwt-impl` from 0.11.5 to 0.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/releases\"\u003eio.jsonwebtoken:jjwt-impl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.13.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the last minor JJWT release branch that will support Java 7\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eAny necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including \u003ca href=\"https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8\"\u003eJava 8 compatible changes\u003c/a\u003e, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release contains a single change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims  type converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance. Thank you to \u003ca href=\"https://github.com/kesrishubham2510\"\u003e\u003ccode\u003e@​kesrishubham2510\u003c/code\u003e\u003c/a\u003e for PR \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.7...0.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.7\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM! This is useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigpwned\"\u003e\u003ccode\u003e@​sigpwned\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/968\"\u003ejwtk/jjwt#968\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TheMrMilchmann\"\u003e\u003ccode\u003e@​TheMrMilchmann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/979\"\u003ejwtk/jjwt#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/atanasg\"\u003e\u003ccode\u003e@​atanasg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/974\"\u003ejwtk/jjwt#974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\"\u003ehttps://github.com/jwtk/jjwt/compare/0.12.6...0.12.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.12.6\u003c/h2\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003ejwtk/jjwt#947\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md\"\u003eio.jsonwebtoken:jjwt-impl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e0.13.0\u003c/h3\u003e\n\u003cp\u003eThis is the last minor JJWT release branch that will support Java 7. Any necessary emergency bug fixes will be fixed in subsequent \u003ccode\u003e0.13.x\u003c/code\u003e patch releases, but all new development, including Java 8 compatible changes, will be in the next minor (\u003ccode\u003e0.14.0\u003c/code\u003e) release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAll future JJWT major and minor versions (  \u003ccode\u003e0.14.0\u003c/code\u003e and later) will require Java 8 or later.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis \u003ccode\u003e0.13.0\u003c/code\u003e minor release has only one change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe previously private \u003ccode\u003eJacksonDeserializer(ObjectMapper objectMapper, Map\u0026lt;String, Class\u0026lt;?\u0026gt;\u0026gt; claimTypeMap)\u003c/code\u003e constructor is now \u003ccode\u003epublic\u003c/code\u003e for those that want register a claims\ntype converter on their own specified \u003ccode\u003eObjectMapper\u003c/code\u003e instance.  See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/914\"\u003eIssue 914\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.7\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdds a new Maven BOM, useful for multi-module projects. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/967\"\u003eIssue 967\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllows the \u003ccode\u003eJwtParserBuilder\u003c/code\u003e to have empty nested algorithm collections, effectively disabling the parser's associated feature:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmptying the \u003ccode\u003ezip()\u003c/code\u003e nested collection disables JWT decompression.\u003c/li\u003e\n\u003cli\u003eEmptying the \u003ccode\u003esig()\u003c/code\u003e nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).\u003c/li\u003e\n\u003cli\u003eEmptying either the \u003ccode\u003eenc()\u003c/code\u003e or \u003ccode\u003ekey()\u003c/code\u003e nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/996\"\u003eIssue 996\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/961\"\u003ebug 961\u003c/a\u003e where \u003ccode\u003eJwtParserBuilder\u003c/code\u003e nested collection builders were not correctly replacing algorithms with the same id.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsures a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e collection is no longer entirely secret/redacted by default.  This was an overzealous default that was unnecessarily restrictive; the \u003ccode\u003ekeys\u003c/code\u003e collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproves performance slightly by ensuring all \u003ccode\u003ejjwt-api\u003c/code\u003e utility methods that create \u003ccode\u003e*Builder\u003c/code\u003e instances (\u003ccode\u003eJwts.builder()\u003c/code\u003e, \u003ccode\u003eJwts.parserBuilder()\u003c/code\u003e, \u003ccode\u003eJwks.builder()\u003c/code\u003e, etc) no longer use reflection.\u003c/p\u003e\n\u003cp\u003eInstead,\u003ccode\u003estatic\u003c/code\u003e factories are created via reflection only once during initial \u003ccode\u003ejjwt-api\u003c/code\u003e classloading, and then \u003ccode\u003e*Builder\u003c/code\u003es are created via standard instantiation using the \u003ccode\u003enew\u003c/code\u003e operator thereafter.  This also benefits certain environments that may not have ideal \u003ccode\u003eClassLoader\u003c/code\u003e implementations (e.g. Tomcat in some cases).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/988\"\u003eIssue 988\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the Gson dependency to \u003ccode\u003e2.11.0\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrades the BouncyCastle dependency to \u003ccode\u003e1.78.1\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.6\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that after successful JWS signature verification, an application-configured Base64Url \u003ccode\u003eDecoder\u003c/code\u003e output is\nused to construct a \u003ccode\u003eJws\u003c/code\u003e instance (instead of JJWT's default decoder). See\n\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/947\"\u003eIssue 947\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a \u003ccode\u003ezip\u003c/code\u003e header of \u003ccode\u003eGZIP\u003c/code\u003e. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/949\"\u003eIssue 949\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUpgrades BouncyCastle to 1.78 via \u003ca href=\"https://redirect.github.com/jwtk/jjwt/pull/941\"\u003ePR 941\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsures that a \u003ccode\u003eJwkSet\u003c/code\u003e's \u003ccode\u003ekeys\u003c/code\u003e list member is no longer considered secret and is not redacted by default. However, each individual JWK element within the \u003ccode\u003ekeys\u003c/code\u003e list may still have \u003ca href=\"https://github.com/jwtk/jjwt?tab=readme-ov-file#jwk-tostring-safety\"\u003eredacted private or secret members\u003c/a\u003e as expected. See \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/976\"\u003eIssue 976\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e0.12.5\u003c/h3\u003e\n\u003cp\u003eThis patch release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsures that builders' \u003ccode\u003eNestedCollection\u003c/code\u003e changes are applied to the collection immediately as mutation methods are called, no longer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b\"\u003e\u003ccode\u003ea757add\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release 0.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d\"\u003e\u003ccode\u003ee357463\u003c/code\u003e\u003c/a\u003e Preparing for the 0.13.0 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342\"\u003e\u003ccode\u003eb6f8cb8\u003c/code\u003e\u003c/a\u003e Made constructor public to allow users their own objectMapper instance (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/972\"\u003e#972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14\"\u003e\u003ccode\u003e03f088a\u003c/code\u003e\u003c/a\u003e Bumping development version to 0.13.0-SNAPSHOT (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1014\"\u003e#1014\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca\"\u003e\u003ccode\u003e3f2697f\u003c/code\u003e\u003c/a\u003e Release 0.12.7 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1012\"\u003e#1012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9\"\u003e\u003ccode\u003eefed1cf\u003c/code\u003e\u003c/a\u003e Updated 0.12.7 change list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8\"\u003e\u003ccode\u003eca27b12\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1010\"\u003e#1010\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478\"\u003e\u003ccode\u003e55c7b9a\u003c/code\u003e\u003c/a\u003e Resolves \u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/771\"\u003e#771\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e\"\u003e\u003ccode\u003e6e9c6a5\u003c/code\u003e\u003c/a\u003e Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jwtk/jjwt/commit/7ec7dd1a19a38a1829903f88b9512697bfb7be3c\"\u003e\u003ccode\u003e7ec7dd1\u003c/code\u003e\u003c/a\u003e Enable JwtParser empty nested algorithm collections. (\u003ca href=\"https://redirect.github.com/jwtk/jjwt/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jwtk/jjwt/compare/0.11.5...0.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.jsonwebtoken:jjwt-jackson` from 0.11.5 to 0.13.0\n\nUpdates `org.projectlombok:lombok` from 1.18.30 to 1.18.42\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown\"\u003eorg.projectlombok:lombok's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003ev1.18.42 (September 18th, 2025)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFEATURE: All the various \u003ccode\u003e@Log\u003c/code\u003e annotations now allow you to change their access level (they still default to \u003ccode\u003eprivate\u003c/code\u003e). \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2280\"\u003e#2280\u003c/a\u003e. Thanks to new contributor Liam Pace!\u003c/li\u003e\n\u003cli\u003eBUGFIX: Javadoc parsing was broken in Netbeans and ErrorProne for JDK25 \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3940\"\u003e#3940\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.40 (September 4th, 2025)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: JDK25 support added \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3859\"\u003e#3859\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eBUGFIX: Recent versions of eclipse (or the eclipse-based java lang server for VSCode) caused \u003ccode\u003ejava.lang.IllegalArgumentException: Document does not match the AST\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3886\"\u003e#3886\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3886\"\u003eprojectlombok/lombok#3886\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePERFORMANCE: \u003ccode\u003e@ExtensionMethod\u003c/code\u003e is now significantly faster [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3866\"\u003e#3866\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3866\"\u003eprojectlombok/lombok#3866\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: the command line \u003ccode\u003econfig\u003c/code\u003e tool would emit incorrect output for nullity annotations. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3931\"\u003e#3931\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3931\"\u003eprojectlombok/lombok#3931\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFEATURE: \u003ccode\u003e@Jacksonized @Accessors(fluent=true)\u003c/code\u003e automatically creates the relevant annotations such that Jackson correctly identifies fluent accessors. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3265\"\u003e#3265\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3265\"\u003eprojectlombok/lombok#3265\u003c/a\u003e), [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3270\"\u003e#3270\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3270\"\u003eprojectlombok/lombok#3270\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: From versions 1.18.16 to 1.18.38, lombok automatically copies certain Jackson annotations (e.g., \u003ccode\u003e@JsonProperty\u003c/code\u003e) from fields to the corresponding accessors (getters/setters). However, it turned out to be harmful in certain situations. Thus, Lombok does not automatically copy those annotations any more. You can restore the old behavior using the \u003ca href=\"https://projectlombok.org/features/configuration\"\u003econfig key\u003c/a\u003e \u003ccode\u003elombok.copyJacksonAnnotationsToAccessors = true\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.38 (March 31st, 2025)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: JDK24 support added.\u003c/li\u003e\n\u003cli\u003eFEATURE: Lombok's nullity annotation now supports \u003ca href=\"https://jspecify.dev\"\u003eJSpecify\u003c/a\u003e out of the box, using \u003ca href=\"https://projectlombok.org/features/configuration\"\u003econfig key\u003c/a\u003e \u003ccode\u003ejspecify\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eBUGFIX: Recent eclipse releases would get you 'negative length' error. The bug had always been in lombok but didn't matter until recent releases. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3823\"\u003e#3823\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3823\"\u003eprojectlombok/lombok#3823\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: The 'extract local variable' refactor script of VSCode wouldn't replace all occurrences if run on a method call to a lombok generated method. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3783\"\u003e#3783\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3783\"\u003eprojectlombok/lombok#3783\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.36 (November 15th, 2024)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: JDK23 support added.\u003c/li\u003e\n\u003cli\u003eBUGFIX: Eclipse projects using the \u003ccode\u003ecom.pro-crafting.tools:jasperreports-maven-plugin\u003c/code\u003e will now compile.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.34 (June 28th, 2024)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: Added support for Eclipse 2024-06; you'd get some \u003ccode\u003eNoSuchMethodError\u003c/code\u003e traces in your logs if using \u003ccode\u003e@Builder\u003c/code\u003e or \u003ccode\u003e@Singular\u003c/code\u003e prior to this fix. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3638\"\u003e#3638\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3638\"\u003eprojectlombok/lombok#3638\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: Lombok now adds \u003ccode\u003e@lombok.Generated\u003c/code\u003e by default to methods and types it generates. This may result in accidentally increasing your test coverage percentage. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3667\"\u003e#3667\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3667\"\u003eprojectlombok/lombok#3667\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: When \u003ccode\u003elombok.config\u003c/code\u003e contains \u003ccode\u003elombok.onX.flagUsage = WARNING\u003c/code\u003e, from now on warnings will actually be generated if onX is used.[Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2848\"\u003e#2848\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2848\"\u003eprojectlombok/lombok#2848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBUGFIX: When \u003ccode\u003e@SuperBuilder\u003c/code\u003e was used on a type with an generic array type, it would error \u003ccode\u003ewrong number of type arguments\u003c/code\u003e.  [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3694\"\u003e#3694\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3694\"\u003eprojectlombok/lombok#3694\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFEATURE: Lombok generates javadoc for you for most of the methods it adds; with this release, javadoc is also added to generated constructors. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/933\"\u003e#933\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/933\"\u003eprojectlombok/lombok#933\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.18.32 (March 20th, 2024)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePLATFORM: Initial JDK22 support added.\u003c/li\u003e\n\u003cli\u003ePLAFTORM  Added support for Eclipse 2024-03. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3620\"\u003e#3620\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3620\"\u003eprojectlombok/lombok#3620\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePLATFORM: Added support for recent versions of eclipse (released Q4 2023 or later or so) which would cause failures in the eclipse logs such as \u003ccode\u003ejava.lang.NoSuchMethodError: 'java.lang.StringBuffer org.eclipse.jdt…\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3564\"\u003e#3564\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3564\"\u003eprojectlombok/lombok#3564\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFEATURE: \u003ccode\u003e@Locked\u003c/code\u003e has been introduced. Like \u003ccode\u003e@Synchronized\u003c/code\u003e but with \u003ccode\u003ejava.util.concurrent.locks\u003c/code\u003e locks instead of the \u003ccode\u003esynchronized\u003c/code\u003e primitive. Thanks, Pim van der Loos for the PR! [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3506\"\u003e#3506\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3506\"\u003eprojectlombok/lombok#3506\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eNECROMANCY: Inlining a generated getter in eclipse would result in eclipse incorrectly replacing calls with \u003ccode\u003e@Getter\u003c/code\u003e instead of the actual field's name. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/562\"\u003e#562\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/562\"\u003eprojectlombok/lombok#562\u003c/a\u003e). This issue is almost old enough to drink. Points for dedication go to Rawi for fixing this one.\u003c/li\u003e\n\u003cli\u003eBUGFIX: When \u003ccode\u003e@SuperBuilder\u003c/code\u003e was used on a type with an annotated generic type, it would error \u003ccode\u003ewrong number of type arguments\u003c/code\u003e.  [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3592\"\u003e#3592\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3592\"\u003eprojectlombok/lombok#3592\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: It was possible to create an infinite build loop using \u003ccode\u003e@ExtensionMethod\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3225\"\u003e#3225\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3225\"\u003eprojectlombok/lombok#3225\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: Using \u003ccode\u003e@Getter(lazy=true)\u003c/code\u003e would fail if the expression contained a variable called \u003ccode\u003evalue\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2917\"\u003e#2917\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2917\"\u003eprojectlombok/lombok#2917\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: Many lombok features wouldn't work properly on records contained within an outer type unless you explicitly marked it \u003ccode\u003estatic\u003c/code\u003e. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3497\"\u003e#3497\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3497\"\u003eprojectlombok/lombok#3497\u003c/a\u003e) [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3559\"\u003e#3559\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3559\"\u003eprojectlombok/lombok#3559\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBUGFIX: Eclipse projects using the \u003ccode\u003ecom.pro-crafting.tools:jasperreports-plugin\u003c/code\u003e will now compile.\u003c/li\u003e\n\u003cli\u003eBUGFIX: \u003ccode\u003e@FieldNameConstants\u003c/code\u003e now works when generated fields are involved. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3529\"\u003e#3529\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3529\"\u003eprojectlombok/lombok#3529\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eIMPROBABLE BREAKING CHANGE: For JSpecify, the package name changed from \u003ccode\u003eorg.jspecify.nullness\u003c/code\u003e to \u003ccode\u003eorg.jspecify.annotations\u003c/code\u003e, which might lead to a different null analysis. [Issue \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/3608\"\u003e#3608\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/projectlombok/lombok/pull/3608\"\u003eprojectlombok/lombok#3608\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/2031eb0880942b5f0b7281580f6e877a3e87279a\"\u003e\u003ccode\u003e2031eb0\u003c/code\u003e\u003c/a\u003e [release] pre-release version bump for v1.18.42\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/c95a6c127e58868a16869254e47bbe2598f8c82f\"\u003e\u003ccode\u003ec95a6c1\u003c/code\u003e\u003c/a\u003e Merge branch 'logger-access'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/71d85caef501ce987f26e498154574489dbe36ee\"\u003e\u003ccode\u003e71d85ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/projectlombok/lombok/issues/2280\"\u003e#2280\u003c/a\u003e Add delivery of this '\u003ccode\u003eaccess\u003c/code\u003e for logging' to the changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/99ba3e31daee7772af4eb712b0a108acdbc86962\"\u003e\u003ccode\u003e99ba3e3\u003c/code\u003e\u003c/a\u003e [trivial] Slightly reworded the javadoc on each \u003ccode\u003e@Log\u003c/code\u003e annotation's `access()...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/e9cf11ef01081ee1e4446666afadf36368939e96\"\u003e\u003ccode\u003ee9cf11e\u003c/code\u003e\u003c/a\u003e [trivial][style]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/a6d556856cec89be2786e5598d904497d13ed5be\"\u003e\u003ccode\u003ea6d5568\u003c/code\u003e\u003c/a\u003e [deprecation] Marked \u003ccode\u003eAccessLevel.MODULE\u003c/code\u003e as deprecated. It was written for a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/492011df4fa72dfa9bb2a5cef38199fb292253be\"\u003e\u003ccode\u003e492011d\u003c/code\u003e\u003c/a\u003e Refactored to use Javac/Eclipse utility function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/c1f7f660c596ed65997974b70b0eecb0675c43f1\"\u003e\u003ccode\u003ec1f7f66\u003c/code\u003e\u003c/a\u003e Update copyright in logger files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/f63f40aa48eee97d9bb99416cfe252a104420e29\"\u003e\u003ccode\u003ef63f40a\u003c/code\u003e\u003c/a\u003e Add myself to AUTHORS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/projectlombok/lombok/commit/9152c3408f7f058e40db570b38fc5ccb46149ae8\"\u003e\u003ccode\u003e9152c34\u003c/code\u003e\u003c/a\u003e Fix failing tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/projectlombok/lombok/compare/v1.18.30...v1.18.42\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.opentelemetry.instrumentation:opentelemetry-spring-boot-starter` from 2.0.0-alpha to 2.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases\"\u003eio.opentelemetry.instrumentation:opentelemetry-spring-boot-starter's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.22.0\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.56.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch3\u003e⚠️ Breaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAWS SDK 2.x attributes updated to align with semantic conventions (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15028\"\u003e#15028\u003c/a\u003e)  - The following attributes have been renamed:  - \u003ccode\u003eaws.bucket.name\u003c/code\u003e (S3) → \u003ccode\u003eaws.s3.bucket\u003c/code\u003e  - \u003ccode\u003eaws.queue.url\u003c/code\u003e (SQS) → \u003ccode\u003eaws.sqs.queue.url\u003c/code\u003e  - \u003ccode\u003eaws.stream.name\u003c/code\u003e (Kinesis) → \u003ccode\u003eaws.kinesis.stream_name\u003c/code\u003e  - \u003ccode\u003eaws.table.name\u003c/code\u003e (DynamoDB) → \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e  - \u003ccode\u003eaws.dynamodb.provisioned_throughput.read_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_read_capacity\u003c/code\u003e (type changed from long to double)  - \u003ccode\u003eaws.dynamodb.provisioned_throughput.write_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_write_capacity\u003c/code\u003e (type changed from long to double)  - \u003ccode\u003eaws.dynamodb.exclusive_start_table_name\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.exclusive_start_table\u003c/code\u003e  - \u003ccode\u003eaws.dynamodb.projection_expression\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.projection\u003c/code\u003e  - \u003ccode\u003eaws.dynamodb.scan_index_forward\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.scan_forward\u003c/code\u003e  - The following attribute types have changed:  - \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.consumed_capacity\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.global_secondary_indexes\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.local_secondary_indexes\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.consistent_read\u003c/code\u003e: string → boolean  - \u003ccode\u003eaws.dynamodb.table_count\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.limit\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.attributes_to_get\u003c/code\u003e: string → string[]  - \u003ccode\u003eaws.dynamodb.segment\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.total_segments\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.count\u003c/code\u003e: string → long  - \u003ccode\u003eaws.dynamodb.scanned_count\u003c/code\u003e: string → long  - The following attributes are no longer emitted by default but can be enabled with \u003ccode\u003eotel.instrumentation.aws-sdk.experimental-span-attributes=true\u003c/code\u003e:  - \u003ccode\u003eaws.queue.name\u003c/code\u003e (SQS)  - \u003ccode\u003eaws.lambda.function.name\u003c/code\u003e (Lambda)  - \u003ccode\u003eaws.lambda.function.arn\u003c/code\u003e (Lambda)\u003c/li\u003e\n\u003cli\u003eJDBC library data source instrumentation now disabled by default (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15074\"\u003e#15074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eJMX state metrics unit changed from empty string to \u003ccode\u003e1\u003c/code\u003e to align with semantic conventions (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15093\"\u003e#15093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAWS SDK 1.x attributes updated to align with semantic conventions (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15094\"\u003e#15094\u003c/a\u003e)  - Only affects users with \u003ccode\u003eotel.instrumentation.aws-sdk.experimental-span-attributes=true\u003c/code\u003e  - The following attributes have been renamed and are now emitted by default (no experimental flag required):  - \u003ccode\u003eaws.bucket.name\u003c/code\u003e (S3) → \u003ccode\u003eaws.s3.bucket\u003c/code\u003e  - \u003ccode\u003eaws.queue.url\u003c/code\u003e (SQS) → \u003ccode\u003eaws.sqs.queue.url\u003c/code\u003e  - \u003ccode\u003eaws.stream.name\u003c/code\u003e (Kinesis) → \u003ccode\u003eaws.kinesis.stream_name\u003c/code\u003e  - \u003ccode\u003eaws.table.name\u003c/code\u003e (DynamoDB) → \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFinatra controller spans now disabled by default to match other controller spans (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15118\"\u003e#15118\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNetty HTTP request wrapper class renamed from HttpRequestAndChannel to NettyRequest (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15247\"\u003e#15247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eJSP compile spans now disabled by default to match other view spans (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15261\"\u003e#15261\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚫 Deprecations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTracingConsumerInterceptor and TracingProducerInterceptor deprecated in favor of new configurable interceptors (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14929\"\u003e#14929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVarious builder methods updated to use UnaryOperator\u003c!-- raw HTML omitted --\u003e instead of Function\u0026lt;X, X\u0026gt; (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15101\"\u003e#15101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDbClientCommonAttributesGetter deprecated in favor of DbClientAttributesGetter (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15139\"\u003e#15139\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🌟 New javaagent instrumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JFinal instrumentation (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15216\"\u003e#15216\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📈 Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid Unsafe usage on Java 23+ (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14855\"\u003e#14855\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15091\"\u003e#15091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Azure SDK instrumentation so \u003ccode\u003eaz.namespace\u003c/code\u003e can be used for sampling (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15068\"\u003e#15068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSpring Boot Starter: Add cache to reduce environment variable lookups (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15132\"\u003e#15132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHTTP instrumentations now emit semantic convention schema URL (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15144\"\u003e#15144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded instrumentation support for AsyncHttpClient version 1.8 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15195\"\u003e#15195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInstrumenter customizer now receives instrumentation type (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15227\"\u003e#15227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Spring Framework 7.0 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15287\"\u003e#15287\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15299\"\u003e#15299\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15301\"\u003e#15301\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15304\"\u003e#15304\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15311\"\u003e#15311\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15362\"\u003e#15362\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15371\"\u003e#15371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded span status customizer to incubating InstrumenterCustomizer API (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15288\"\u003e#15288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded configuration options for sqlcommenter (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15169\"\u003e#15169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGraphQL instrumentation now records data fetcher errors (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15289\"\u003e#15289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd http client url template customizer (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15217\"\u003e#15217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIntroduce idiomatic \u003ccode\u003eJmxTelemetry\u003c/code\u003e API for JMX metrics library (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15220\"\u003e#15220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd instrumentation for OpenTelemetry API incubator's \u003ccode\u003eExtendedOpenTelemetry\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15178\"\u003e#15178\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix missing \u003ccode\u003epeer.service\u003c/code\u003e in Netty HTTP spans (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14963\"\u003e#14963\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Couchbase span kind to be \u003ccode\u003eCLIENT\u003c/code\u003e instead of \u003ccode\u003eINTERNAL\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/14995\"\u003e#14995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLink attributes are now bridged to the Java agent when using OpenTelemetry API (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15143\"\u003e#15143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePotential race condition in JFR runtime metrics initialization fixed (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15231\"\u003e#15231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRegression fixed related to context propagation when using Spring \u003ccode\u003e@EnableAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15249\"\u003e#15249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDeclarative configuration now uses snake_case for distro resource provider attribute name (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15260\"\u003e#15260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLogback appender fixed to capture Logstash \u003ccode\u003eStructuredArguments.entries()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15341\"\u003e#15341\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/CHANGELOG.md\"\u003eio.opentelemetry.instrumentation:opentelemetry-spring-boot-starter's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.22.0 (2025-11-20)\u003c/h2\u003e\n\u003ch3\u003e⚠️ Breaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAWS SDK 2.x attributes updated to align with semantic conventions\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/15028\"\u003e#15028\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe following attributes have been renamed:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaws.bucket.name\u003c/code\u003e (S3) → \u003ccode\u003eaws.s3.bucket\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.queue.url\u003c/code\u003e (SQS) → \u003ccode\u003eaws.sqs.queue.url\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.stream.name\u003c/code\u003e (Kinesis) → \u003ccode\u003eaws.kinesis.stream_name\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.table.name\u003c/code\u003e (DynamoDB) → \u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.provisioned_throughput.read_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_read_capacity\u003c/code\u003e (type changed from long to double)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.provisioned_throughput.write_capacity_units\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.provisioned_write_capacity\u003c/code\u003e (type changed from long to double)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.exclusive_start_table_name\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.exclusive_start_table\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.projection_expression\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.projection\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.scan_index_forward\u003c/code\u003e → \u003ccode\u003eaws.dynamodb.scan_forward\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eThe following attribute types have changed:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.table_names\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.consumed_capacity\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.global_secondary_indexes\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.local_secondary_indexes\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.consistent_read\u003c/code\u003e: string → boolean\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.table_count\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.limit\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.attributes_to_get\u003c/code\u003e: string → string[]\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.segment\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.total_segments\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.count\u003c/code\u003e: string → long\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaws.dynamodb.scanned_count\u003c/code\u003e: string → long\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eThe following attributes are no longer emitted by default but can be enabled with\n\u003ccode\u003eotel.instrumentation.aws-sdk.experimental-span-attributes=true\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaws.queue.name\u003c/code\u003e (SQS)\u003c/l...\n\n_Description has been truncated_","html_url":"https://github.com/Yoriyoi-drop/Domian_name_.nexa/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Yoriyoi-drop%2FDomian_name_.nexa/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"2.1.0.1","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-11-07T21:52:16.000Z","version_change":"2.1.0.1 → 2.7.0.0","issue":{"uuid":"3602141390","node_id":"PR_kwDOQRb2v86yO5aZ","number":1,"state":"open","title":"Bump the all-version group with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-07T21:52:16.000Z","updated_at":"2025-11-08T22:39:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-version","update_count":7,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"2.6.7","new_version":"3.5.7","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"commons-io:commons-io","old_version":"2.6","new_version":"2.21.0","repository_url":"https://github.com/apache/commons-io"},{"name":"org.apache.commons:commons-collections4","old_version":"4.0","new_version":"4.5.0"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.1","new_version":"1.3.1","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.maven.plugins:maven-assembly-plugin","old_version":"3.1.1","new_version":"3.7.1","repository_url":"https://github.com/apache/maven-assembly-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-version group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `2.6.7` | `3.5.7` |\n| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.6` | `2.21.0` |\n| org.apache.commons:commons-collections4 | `4.0` | `4.5.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.1` | `1.3.1` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.7.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.7.1` |\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 2.6.7 to 3.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TWENTY_FIVE to JavaVersion enum \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47609\"\u003e#47609\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSigned jar verification fails when nested in an uber war running on an Oracle JVM \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47771\"\u003e#47771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIn an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47737\"\u003e#47737\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHomebrew formula for the CLI should use libexec \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47722\"\u003e#47722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47717\"\u003e#47717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47678\"\u003e#47678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnBeanCondition no longer correctly finds annotations on scoped target proxy beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47635\"\u003e#47635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavaVersion doesn't work reliably in native-image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47620\"\u003e#47620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47346\"\u003e#47346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLauncher fails to find main method when it is parameterless \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47311\"\u003e#47311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackage private Main class using Java 25 is not found by build plugins \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47309\"\u003e#47309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBitnami legacy images are not automatically detected \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47275\"\u003e#47275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMaven plugin does not provide an easy way to exclude optional dependencies from uber jar \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/25403\"\u003e#25403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSome spring.test.* properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47775\"\u003e#47775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency management for Maven AntRun Plugin is missing changelog link \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47744\"\u003e#47744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeveloping Your First Spring Boot Application has outdated tools \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47700\"\u003e#47700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude deprecated configuration properties in the reference documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47669\"\u003e#47669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAggregated Javadoc should link to the proper version of JakartaEE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47593\"\u003e#47593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate javadoc of TestRestTemplate following change to redirect behavior \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47474\"\u003e#47474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse non-deprecated syntax to configure sourceCompatibility \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47343\"\u003e#47343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix link to Framework's \u003ccode\u003e@Bean\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47330\"\u003e#47330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate managed dependency version override examples in documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47306\"\u003e#47306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ActiveMQ 6.1.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47767\"\u003e#47767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47525\"\u003e#47525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47526\"\u003e#47526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47527\"\u003e#47527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Cassandra Driver 4.19.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47768\"\u003e#47768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47528\"\u003e#47528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47671\"\u003e#47671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Glassfish JAXB 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47529\"\u003e#47529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to GraphQL Java 24.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47755\"\u003e#47755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 4.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47713\"\u003e#47713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.33.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47530\"\u003e#47530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47531\"\u003e#47531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpCore5 5.3.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47532\"\u003e#47532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta Mail 2.1.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47533\"\u003e#47533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta XML Bind 4.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47242\"\u003e#47242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47728\"\u003e#47728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/d3152ea442dcb70976ca7fbe9ad818e67438967f\"\u003e\u003ccode\u003ed3152ea\u003c/code\u003e\u003c/a\u003e Release v3.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/af07358549ca23f95decb5f6d1ccb239d78f7ddc\"\u003e\u003ccode\u003eaf07358\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b0bef35478cfad7efcc3d065cd6b2652703ef1d6\"\u003e\u003ccode\u003eb0bef35\u003c/code\u003e\u003c/a\u003e Document missing spring.test.* properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/6683d0f49665a14821b5f6165a04d68bc29da755\"\u003e\u003ccode\u003e6683d0f\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/5ba3642364fda0988902ac3456ba8c4530ae7ec5\"\u003e\u003ccode\u003e5ba3642\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.12-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/59aba4e54d75bad73b744667dc08cfb19b7febfb\"\u003e\u003ccode\u003e59aba4e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4525a0c3d4221aa26f0b5cedca56d282ae231ad1\"\u003e\u003ccode\u003e4525a0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47284\"\u003e#47284\u003c/a\u003e from DKARAGODIN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/43d91aee384e83b6e4d3a2195141547d8c1f315e\"\u003e\u003ccode\u003e43d91ae\u003c/code\u003e\u003c/a\u003e Write signature files to uber wars for Oracle Java 17 verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/eaad688dd253601e47b96746a4fe3d51dec1194d\"\u003e\u003ccode\u003eeaad688\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Batch 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/edee2de8371dd8d2f25c1fec1121a80849959817\"\u003e\u003ccode\u003eedee2de\u003c/code\u003e\u003c/a\u003e Upgrade to Cassandra Driver 4.19.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v2.6.7...v3.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.6 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt\"\u003ecommons-io:commons-io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eApache Commons IO 2.21.0 Release Notes\u003c/p\u003e\n\u003cp\u003eThe Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.\u003c/p\u003e\n\u003ch2\u003eIntroduction\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons IO library contains utility classes, stream implementations, file filters,\nfile comparators, endian transformation classes, and much more.\u003c/p\u003e\n\u003cp\u003eVersion 2.21.0: Java 8 or later is required.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cp\u003eo          FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_RB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_QB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory.\no          Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz.\no          Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz.\no          Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory.\no          Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory.\no          Add IOIterable.asIterable(). Thanks to Gary Gregory.\no          Add NIO channel support to \u003ccode\u003eAbstractStreamBuilder\u003c/code\u003e. Thanks to Piotr P. Karwasz.\no          Add CloseShieldChannel to close-shielded NIO Channels \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/786\"\u003e#786\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/790\"\u003e#790\u003c/a\u003e. Thanks to Piotr P. Karwasz.\u003c/p\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cp\u003eo          When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.\no          When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory.\no          ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory.\no          BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz.\no          BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz.\no          Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz.\no          Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray() now throws EOFException when not enough data is available \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/796\"\u003e#796\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz.\no          [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/806\"\u003e#806\u003c/a\u003e. Thanks to J Hawkins.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cp\u003eo          Bump org.apache.commons:commons-parent from 85 to 91 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/774\"\u003e#774\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/783\"\u003e#783\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/808\"\u003e#808\u003c/a\u003e. Thanks to Gary Gregory, Dependabot.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/54073d3b5fdd2985b98a48040ede95eb59c7ee53\"\u003e\u003ccode\u003e54073d3\u003c/code\u003e\u003c/a\u003e Prepare for the release candidate 2.21.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/f141f09d91368543e4f0754cbd649c484768c55c\"\u003e\u003ccode\u003ef141f09\u003c/code\u003e\u003c/a\u003e Prepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/adcf1350152faf4dbd8cf53fb2f2649f25dbe227\"\u003e\u003ccode\u003eadcf135\u003c/code\u003e\u003c/a\u003e Add license header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/0f499d060adbd4b36bbd9f47393a7ea6af8149ff\"\u003e\u003ccode\u003e0f499d0\u003c/code\u003e\u003c/a\u003e Use new oak logo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/34a961c3ed58ed96c73836db154ae50f0c45110f\"\u003e\u003ccode\u003e34a961c\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/9e511181a03096b77c3a4b9c6077a4ac0b56b510\"\u003e\u003ccode\u003e9e51118\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/d715865ee705fdb8ed786582bd6bd4ee996b0665\"\u003e\u003ccode\u003ed715865\u003c/code\u003e\u003c/a\u003e Add dependabot email [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/3d6a7e113633e1a33ca254d744c3fcbab61663f3\"\u003e\u003ccode\u003e3d6a7e1\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/ad875d566f273f54094b6b872bf9433be9fd86a7\"\u003e\u003ccode\u003ead875d5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 4.6.2 to 5.0.0 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/810\"\u003e#810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/bc01dee31ec0ff10aa0841ff245b770fa1ecfade\"\u003e\u003ccode\u003ebc01dee\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.30.9 to 4.31.2 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/811\"\u003e#811\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/commons-io/compare/commons-io-2.6...rel/commons-io-2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-collections4` from 4.0 to 4.5.0\n\nUpdates `org.owasp.encoder:encoder` from 1.2.1 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/owasp/owasp-java-encoder/releases\"\u003eorg.owasp.encoder:encoder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: java.lang.NoSuchMethodError when running on Java 8 by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/80\"\u003eOWASP/owasp-java-encoder#80\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add OSGi related entries in the MANIFEST.MF file by \u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd automatic module name by \u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect javadoc for Encode class. by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/52\"\u003eOWASP/owasp-java-encoder#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd badge for javadoc by \u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTiny typo Fix by \u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spring-core from 5.1.3.RELEASE to 5.3.19 in /jsp by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneral Maintenance by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/61\"\u003eOWASP/owasp-java-encoder#61\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Encode.forHtmlAttribute docs by \u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update esapi thunk by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/76\"\u003eOWASP/owasp-java-encoder#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: multi-release jars - add module name by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/77\"\u003eOWASP/owasp-java-encoder#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support jakarta jsp by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/75\"\u003eOWASP/owasp-java-encoder#75\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to  make the manifest OSGi-compliant (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/39\"\u003e#39\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eUpdate to support ESAPI 2.2 and later (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/37\"\u003e#37\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/be0670b6880483412f8da17211a5d084ff43cd24\"\u003e\u003ccode\u003ebe0670b\u003c/code\u003e\u003c/a\u003e docs: update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/7e203bd6d47ca2c3d04a073ff215021702217289\"\u003e\u003ccode\u003e7e203bd\u003c/code\u003e\u003c/a\u003e fix for issues 81 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/72e415a87b3c40eaf8d6c4629a9f49ddb47bf35b\"\u003e\u003ccode\u003e72e415a\u003c/code\u003e\u003c/a\u003e fix: java.lang.NoSuchMethodError when running on Java 8 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/d1a0294a21d60ef4ce26d7746e897e17fc2d276f\"\u003e\u003ccode\u003ed1a0294\u003c/code\u003e\u003c/a\u003e fix: build status badge (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/78\"\u003e#78\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/9942889ccb68ed95a1577cd0f6e3ee09841e78de\"\u003e\u003ccode\u003e9942889\u003c/code\u003e\u003c/a\u003e feat: support jakarta jsp (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/2f151ce3219efdfb7f957b6836c976382f629a26\"\u003e\u003ccode\u003e2f151ce\u003c/code\u003e\u003c/a\u003e feat: multi-release jars - add module name (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/0fc8cdee14d4f798010fe866555b1b6e223bfcc1\"\u003e\u003ccode\u003e0fc8cde\u003c/code\u003e\u003c/a\u003e fix: update esapi (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/76\"\u003e#76\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/58bd93dc7e9511500cebd50b3cbf8523d6720a7d\"\u003e\u003ccode\u003e58bd93d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/72\"\u003e#72\u003c/a\u003e from meeque/issue/71-forHtmlAttribute-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/351e999dcfe4fee38c4aa4bc584d15d3de2ccbb6\"\u003e\u003ccode\u003e351e999\u003c/code\u003e\u003c/a\u003e docs: correct javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/604a78f9b926391bd3768ac4545a7c7396b90cca\"\u003e\u003ccode\u003e604a78f\u003c/code\u003e\u003c/a\u003e Be clearer about quotes in forHtmlAttribute docs.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/owasp/owasp-java-encoder/compare/v1.2.1...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/maven-assembly-plugin/releases\"\u003eorg.apache.maven.plugins:maven-assembly-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12354406\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.1\u003c/a\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/192\"\u003eapache/maven-assembly-plugin#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/191\"\u003eapache/maven-assembly-plugin#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/195\"\u003eapache/maven-assembly-plugin#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1022] Unresolved artifacts should be not processed by \u003ca href=\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/194\"\u003eapache/maven-assembly-plugin#194\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\"\u003ehttps://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.7.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12353243\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.0\u003c/a\u003e\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/0afbb3e1252e0cdfb5e4abe3c4b2a108567059a7\"\u003e\u003ccode\u003e0afbb3e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74e858ad40849cc3f8bef462e310336a8c6a0cd5\"\u003e\u003ccode\u003e74e858a\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1022] Unresolved artifacts should be not processed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/cb5638223ebaf93ff06290a6ebb64c6dac12ebd4\"\u003e\u003ccode\u003ecb56382\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/86bbed043dbe78f6c32e99c1e433e052b2d78f69\"\u003e\u003ccode\u003e86bbed0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/bdcc4d0d093de4484820b2f9c4f84b5d0f7eaaa0\"\u003e\u003ccode\u003ebdcc4d0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74fe92e979db0479ee58db580d0e7295e6113e78\"\u003e\u003ccode\u003e74fe92e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/9be6e8733f187b15c0e6c0fb856765e12fb2c055\"\u003e\u003ccode\u003e9be6e87\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/e8630dc91637860d1ca690b2c64c2c18e240eae7\"\u003e\u003ccode\u003ee8630dc\u003c/code\u003e\u003c/a\u003e Bump apache/maven-gh-actions-shared from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/98f97a5dca6eac582ea5e52d7d62e186d9b8e25f\"\u003e\u003ccode\u003e98f97a5\u003c/code\u003e\u003c/a\u003e Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/c84e11089a785d56441fac2314224c0bf86b200d\"\u003e\u003ccode\u003ec84e110\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot-action-test/demo_repository_self_hosted/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot-action-test%2Fdemo_repository_self_hosted/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.1.0.1","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-11-07T21:45:40.000Z","version_change":"2.1.0.1 → 2.7.0.0","issue":{"uuid":"3602124098","node_id":"PR_kwDOQRbtR86yO2h0","number":1,"state":"open","title":"Bump the all-version group with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-07T21:45:40.000Z","updated_at":"2025-11-17T02:41:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-version","update_count":7,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"2.6.7","new_version":"3.5.7","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"commons-io:commons-io","old_version":"2.6","new_version":"2.21.0","repository_url":"https://github.com/apache/commons-io"},{"name":"org.apache.commons:commons-collections4","old_version":"4.0","new_version":"4.5.0"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.1","new_version":"1.3.1","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.maven.plugins:maven-assembly-plugin","old_version":"3.1.1","new_version":"3.7.1","repository_url":"https://github.com/apache/maven-assembly-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-version group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `2.6.7` | `3.5.7` |\n| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.6` | `2.21.0` |\n| org.apache.commons:commons-collections4 | `4.0` | `4.5.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.1` | `1.3.1` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.7.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.7.1` |\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 2.6.7 to 3.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TWENTY_FIVE to JavaVersion enum \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47609\"\u003e#47609\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSigned jar verification fails when nested in an uber war running on an Oracle JVM \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47771\"\u003e#47771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIn an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47737\"\u003e#47737\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHomebrew formula for the CLI should use libexec \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47722\"\u003e#47722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47717\"\u003e#47717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47678\"\u003e#47678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnBeanCondition no longer correctly finds annotations on scoped target proxy beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47635\"\u003e#47635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavaVersion doesn't work reliably in native-image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47620\"\u003e#47620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47346\"\u003e#47346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLauncher fails to find main method when it is parameterless \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47311\"\u003e#47311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackage private Main class using Java 25 is not found by build plugins \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47309\"\u003e#47309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBitnami legacy images are not automatically detected \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47275\"\u003e#47275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMaven plugin does not provide an easy way to exclude optional dependencies from uber jar \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/25403\"\u003e#25403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSome spring.test.* properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47775\"\u003e#47775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency management for Maven AntRun Plugin is missing changelog link \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47744\"\u003e#47744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeveloping Your First Spring Boot Application has outdated tools \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47700\"\u003e#47700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude deprecated configuration properties in the reference documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47669\"\u003e#47669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAggregated Javadoc should link to the proper version of JakartaEE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47593\"\u003e#47593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate javadoc of TestRestTemplate following change to redirect behavior \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47474\"\u003e#47474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse non-deprecated syntax to configure sourceCompatibility \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47343\"\u003e#47343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix link to Framework's \u003ccode\u003e@Bean\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47330\"\u003e#47330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate managed dependency version override examples in documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47306\"\u003e#47306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ActiveMQ 6.1.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47767\"\u003e#47767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47525\"\u003e#47525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47526\"\u003e#47526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47527\"\u003e#47527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Cassandra Driver 4.19.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47768\"\u003e#47768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47528\"\u003e#47528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47671\"\u003e#47671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Glassfish JAXB 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47529\"\u003e#47529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to GraphQL Java 24.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47755\"\u003e#47755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 4.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47713\"\u003e#47713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.33.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47530\"\u003e#47530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47531\"\u003e#47531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpCore5 5.3.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47532\"\u003e#47532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta Mail 2.1.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47533\"\u003e#47533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta XML Bind 4.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47242\"\u003e#47242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47728\"\u003e#47728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/d3152ea442dcb70976ca7fbe9ad818e67438967f\"\u003e\u003ccode\u003ed3152ea\u003c/code\u003e\u003c/a\u003e Release v3.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/af07358549ca23f95decb5f6d1ccb239d78f7ddc\"\u003e\u003ccode\u003eaf07358\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b0bef35478cfad7efcc3d065cd6b2652703ef1d6\"\u003e\u003ccode\u003eb0bef35\u003c/code\u003e\u003c/a\u003e Document missing spring.test.* properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/6683d0f49665a14821b5f6165a04d68bc29da755\"\u003e\u003ccode\u003e6683d0f\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/5ba3642364fda0988902ac3456ba8c4530ae7ec5\"\u003e\u003ccode\u003e5ba3642\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.12-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/59aba4e54d75bad73b744667dc08cfb19b7febfb\"\u003e\u003ccode\u003e59aba4e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4525a0c3d4221aa26f0b5cedca56d282ae231ad1\"\u003e\u003ccode\u003e4525a0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47284\"\u003e#47284\u003c/a\u003e from DKARAGODIN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/43d91aee384e83b6e4d3a2195141547d8c1f315e\"\u003e\u003ccode\u003e43d91ae\u003c/code\u003e\u003c/a\u003e Write signature files to uber wars for Oracle Java 17 verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/eaad688dd253601e47b96746a4fe3d51dec1194d\"\u003e\u003ccode\u003eeaad688\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Batch 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/edee2de8371dd8d2f25c1fec1121a80849959817\"\u003e\u003ccode\u003eedee2de\u003c/code\u003e\u003c/a\u003e Upgrade to Cassandra Driver 4.19.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v2.6.7...v3.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.6 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt\"\u003ecommons-io:commons-io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eApache Commons IO 2.21.0 Release Notes\u003c/p\u003e\n\u003cp\u003eThe Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.\u003c/p\u003e\n\u003ch2\u003eIntroduction\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons IO library contains utility classes, stream implementations, file filters,\nfile comparators, endian transformation classes, and much more.\u003c/p\u003e\n\u003cp\u003eVersion 2.21.0: Java 8 or later is required.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cp\u003eo          FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_RB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_QB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory.\no          Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz.\no          Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz.\no          Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory.\no          Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory.\no          Add IOIterable.asIterable(). Thanks to Gary Gregory.\no          Add NIO channel support to \u003ccode\u003eAbstractStreamBuilder\u003c/code\u003e. Thanks to Piotr P. Karwasz.\no          Add CloseShieldChannel to close-shielded NIO Channels \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/786\"\u003e#786\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/790\"\u003e#790\u003c/a\u003e. Thanks to Piotr P. Karwasz.\u003c/p\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cp\u003eo          When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.\no          When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory.\no          ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory.\no          BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz.\no          BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz.\no          Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz.\no          Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray() now throws EOFException when not enough data is available \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/796\"\u003e#796\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz.\no          [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/806\"\u003e#806\u003c/a\u003e. Thanks to J Hawkins.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cp\u003eo          Bump org.apache.commons:commons-parent from 85 to 91 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/774\"\u003e#774\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/783\"\u003e#783\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/808\"\u003e#808\u003c/a\u003e. Thanks to Gary Gregory, Dependabot.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/54073d3b5fdd2985b98a48040ede95eb59c7ee53\"\u003e\u003ccode\u003e54073d3\u003c/code\u003e\u003c/a\u003e Prepare for the release candidate 2.21.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/f141f09d91368543e4f0754cbd649c484768c55c\"\u003e\u003ccode\u003ef141f09\u003c/code\u003e\u003c/a\u003e Prepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/adcf1350152faf4dbd8cf53fb2f2649f25dbe227\"\u003e\u003ccode\u003eadcf135\u003c/code\u003e\u003c/a\u003e Add license header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/0f499d060adbd4b36bbd9f47393a7ea6af8149ff\"\u003e\u003ccode\u003e0f499d0\u003c/code\u003e\u003c/a\u003e Use new oak logo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/34a961c3ed58ed96c73836db154ae50f0c45110f\"\u003e\u003ccode\u003e34a961c\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/9e511181a03096b77c3a4b9c6077a4ac0b56b510\"\u003e\u003ccode\u003e9e51118\u003c/code\u003e\u003c/a\u003e Use HTTPS in URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/d715865ee705fdb8ed786582bd6bd4ee996b0665\"\u003e\u003ccode\u003ed715865\u003c/code\u003e\u003c/a\u003e Add dependabot email [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/3d6a7e113633e1a33ca254d744c3fcbab61663f3\"\u003e\u003ccode\u003e3d6a7e1\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/ad875d566f273f54094b6b872bf9433be9fd86a7\"\u003e\u003ccode\u003ead875d5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 4.6.2 to 5.0.0 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/810\"\u003e#810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/bc01dee31ec0ff10aa0841ff245b770fa1ecfade\"\u003e\u003ccode\u003ebc01dee\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.30.9 to 4.31.2 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/811\"\u003e#811\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/commons-io/compare/commons-io-2.6...rel/commons-io-2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-collections4` from 4.0 to 4.5.0\n\nUpdates `org.owasp.encoder:encoder` from 1.2.1 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/owasp/owasp-java-encoder/releases\"\u003eorg.owasp.encoder:encoder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: java.lang.NoSuchMethodError when running on Java 8 by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/80\"\u003eOWASP/owasp-java-encoder#80\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add OSGi related entries in the MANIFEST.MF file by \u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd automatic module name by \u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect javadoc for Encode class. by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/52\"\u003eOWASP/owasp-java-encoder#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd badge for javadoc by \u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTiny typo Fix by \u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spring-core from 5.1.3.RELEASE to 5.3.19 in /jsp by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneral Maintenance by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/61\"\u003eOWASP/owasp-java-encoder#61\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Encode.forHtmlAttribute docs by \u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update esapi thunk by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/76\"\u003eOWASP/owasp-java-encoder#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: multi-release jars - add module name by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/77\"\u003eOWASP/owasp-java-encoder#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support jakarta jsp by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/75\"\u003eOWASP/owasp-java-encoder#75\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to  make the manifest OSGi-compliant (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/39\"\u003e#39\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eUpdate to support ESAPI 2.2 and later (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/37\"\u003e#37\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/be0670b6880483412f8da17211a5d084ff43cd24\"\u003e\u003ccode\u003ebe0670b\u003c/code\u003e\u003c/a\u003e docs: update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/7e203bd6d47ca2c3d04a073ff215021702217289\"\u003e\u003ccode\u003e7e203bd\u003c/code\u003e\u003c/a\u003e fix for issues 81 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/72e415a87b3c40eaf8d6c4629a9f49ddb47bf35b\"\u003e\u003ccode\u003e72e415a\u003c/code\u003e\u003c/a\u003e fix: java.lang.NoSuchMethodError when running on Java 8 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/d1a0294a21d60ef4ce26d7746e897e17fc2d276f\"\u003e\u003ccode\u003ed1a0294\u003c/code\u003e\u003c/a\u003e fix: build status badge (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/78\"\u003e#78\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/9942889ccb68ed95a1577cd0f6e3ee09841e78de\"\u003e\u003ccode\u003e9942889\u003c/code\u003e\u003c/a\u003e feat: support jakarta jsp (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/2f151ce3219efdfb7f957b6836c976382f629a26\"\u003e\u003ccode\u003e2f151ce\u003c/code\u003e\u003c/a\u003e feat: multi-release jars - add module name (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/0fc8cdee14d4f798010fe866555b1b6e223bfcc1\"\u003e\u003ccode\u003e0fc8cde\u003c/code\u003e\u003c/a\u003e fix: update esapi (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/76\"\u003e#76\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/58bd93dc7e9511500cebd50b3cbf8523d6720a7d\"\u003e\u003ccode\u003e58bd93d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/72\"\u003e#72\u003c/a\u003e from meeque/issue/71-forHtmlAttribute-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/351e999dcfe4fee38c4aa4bc584d15d3de2ccbb6\"\u003e\u003ccode\u003e351e999\u003c/code\u003e\u003c/a\u003e docs: correct javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/604a78f9b926391bd3768ac4545a7c7396b90cca\"\u003e\u003ccode\u003e604a78f\u003c/code\u003e\u003c/a\u003e Be clearer about quotes in forHtmlAttribute docs.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/owasp/owasp-java-encoder/compare/v1.2.1...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/maven-assembly-plugin/releases\"\u003eorg.apache.maven.plugins:maven-assembly-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12354406\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.1\u003c/a\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/192\"\u003eapache/maven-assembly-plugin#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/191\"\u003eapache/maven-assembly-plugin#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/195\"\u003eapache/maven-assembly-plugin#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1022] Unresolved artifacts should be not processed by \u003ca href=\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/194\"\u003eapache/maven-assembly-plugin#194\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\"\u003ehttps://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.7.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12353243\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.0\u003c/a\u003e\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/0afbb3e1252e0cdfb5e4abe3c4b2a108567059a7\"\u003e\u003ccode\u003e0afbb3e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74e858ad40849cc3f8bef462e310336a8c6a0cd5\"\u003e\u003ccode\u003e74e858a\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1022] Unresolved artifacts should be not processed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/cb5638223ebaf93ff06290a6ebb64c6dac12ebd4\"\u003e\u003ccode\u003ecb56382\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/86bbed043dbe78f6c32e99c1e433e052b2d78f69\"\u003e\u003ccode\u003e86bbed0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/bdcc4d0d093de4484820b2f9c4f84b5d0f7eaaa0\"\u003e\u003ccode\u003ebdcc4d0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74fe92e979db0479ee58db580d0e7295e6113e78\"\u003e\u003ccode\u003e74fe92e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/9be6e8733f187b15c0e6c0fb856765e12fb2c055\"\u003e\u003ccode\u003e9be6e87\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/e8630dc91637860d1ca690b2c64c2c18e240eae7\"\u003e\u003ccode\u003ee8630dc\u003c/code\u003e\u003c/a\u003e Bump apache/maven-gh-actions-shared from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/98f97a5dca6eac582ea5e52d7d62e186d9b8e25f\"\u003e\u003ccode\u003e98f97a5\u003c/code\u003e\u003c/a\u003e Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/c84e11089a785d56441fac2314224c0bf86b200d\"\u003e\u003ccode\u003ec84e110\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot-actions-legacy/demo_repository_not_self_hosted/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot-actions-legacy%2Fdemo_repository_not_self_hosted/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.1.0.1","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-11-05T17:56:06.000Z","version_change":"2.1.0.1 → 2.7.0.0","issue":{"uuid":"3592200265","node_id":"PR_kwDOQPX6386xtkPe","number":1,"state":"open","title":"Bump the all-version group with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-05T17:56:06.000Z","updated_at":"2026-02-02T23:37:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-version","update_count":7,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"2.6.7","new_version":"3.5.7","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"commons-io:commons-io","old_version":"2.6","new_version":"2.20.0","repository_url":"https://github.com/apache/commons-io"},{"name":"org.apache.commons:commons-collections4","old_version":"4.0","new_version":"4.5.0"},{"name":"org.owasp.encoder:encoder","old_version":"1.2.1","new_version":"1.3.1","repository_url":"https://github.com/owasp/owasp-java-encoder"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.maven.plugins:maven-assembly-plugin","old_version":"3.1.1","new_version":"3.7.1","repository_url":"https://github.com/apache/maven-assembly-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-version group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `2.6.7` | `3.5.7` |\n| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.6` | `2.20.0` |\n| org.apache.commons:commons-collections4 | `4.0` | `4.5.0` |\n| [org.owasp.encoder:encoder](https://github.com/owasp/owasp-java-encoder) | `1.2.1` | `1.3.1` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.7.0.0` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.7.1` |\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 2.6.7 to 3.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TWENTY_FIVE to JavaVersion enum \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47609\"\u003e#47609\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSigned jar verification fails when nested in an uber war running on an Oracle JVM \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47771\"\u003e#47771\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIn an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47737\"\u003e#47737\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHomebrew formula for the CLI should use libexec \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47722\"\u003e#47722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47717\"\u003e#47717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47678\"\u003e#47678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnBeanCondition no longer correctly finds annotations on scoped target proxy beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47635\"\u003e#47635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavaVersion doesn't work reliably in native-image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47620\"\u003e#47620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47346\"\u003e#47346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLauncher fails to find main method when it is parameterless \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47311\"\u003e#47311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackage private Main class using Java 25 is not found by build plugins \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47309\"\u003e#47309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBitnami legacy images are not automatically detected \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47275\"\u003e#47275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMaven plugin does not provide an easy way to exclude optional dependencies from uber jar \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/25403\"\u003e#25403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSome spring.test.* properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47775\"\u003e#47775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency management for Maven AntRun Plugin is missing changelog link \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47744\"\u003e#47744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeveloping Your First Spring Boot Application has outdated tools \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47700\"\u003e#47700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude deprecated configuration properties in the reference documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47669\"\u003e#47669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAggregated Javadoc should link to the proper version of JakartaEE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47593\"\u003e#47593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate javadoc of TestRestTemplate following change to redirect behavior \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47474\"\u003e#47474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse non-deprecated syntax to configure sourceCompatibility \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47343\"\u003e#47343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix link to Framework's \u003ccode\u003e@Bean\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47330\"\u003e#47330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate managed dependency version override examples in documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47306\"\u003e#47306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ActiveMQ 6.1.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47767\"\u003e#47767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47525\"\u003e#47525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47526\"\u003e#47526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47527\"\u003e#47527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Cassandra Driver 4.19.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47768\"\u003e#47768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47528\"\u003e#47528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47671\"\u003e#47671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Glassfish JAXB 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47529\"\u003e#47529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to GraphQL Java 24.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47755\"\u003e#47755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 4.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47713\"\u003e#47713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.33.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47530\"\u003e#47530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47531\"\u003e#47531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpCore5 5.3.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47532\"\u003e#47532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta Mail 2.1.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47533\"\u003e#47533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jakarta XML Bind 4.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47242\"\u003e#47242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47728\"\u003e#47728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/d3152ea442dcb70976ca7fbe9ad818e67438967f\"\u003e\u003ccode\u003ed3152ea\u003c/code\u003e\u003c/a\u003e Release v3.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/af07358549ca23f95decb5f6d1ccb239d78f7ddc\"\u003e\u003ccode\u003eaf07358\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b0bef35478cfad7efcc3d065cd6b2652703ef1d6\"\u003e\u003ccode\u003eb0bef35\u003c/code\u003e\u003c/a\u003e Document missing spring.test.* properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/6683d0f49665a14821b5f6165a04d68bc29da755\"\u003e\u003ccode\u003e6683d0f\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/5ba3642364fda0988902ac3456ba8c4530ae7ec5\"\u003e\u003ccode\u003e5ba3642\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.12-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/59aba4e54d75bad73b744667dc08cfb19b7febfb\"\u003e\u003ccode\u003e59aba4e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4525a0c3d4221aa26f0b5cedca56d282ae231ad1\"\u003e\u003ccode\u003e4525a0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/47284\"\u003e#47284\u003c/a\u003e from DKARAGODIN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/43d91aee384e83b6e4d3a2195141547d8c1f315e\"\u003e\u003ccode\u003e43d91ae\u003c/code\u003e\u003c/a\u003e Write signature files to uber wars for Oracle Java 17 verification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/eaad688dd253601e47b96746a4fe3d51dec1194d\"\u003e\u003ccode\u003eeaad688\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Batch 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/edee2de8371dd8d2f25c1fec1121a80849959817\"\u003e\u003ccode\u003eedee2de\u003c/code\u003e\u003c/a\u003e Upgrade to Cassandra Driver 4.19.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v2.6.7...v3.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.6 to 2.20.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt\"\u003ecommons-io:commons-io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eApache Commons IO 2.21.0 Release Notes\u003c/p\u003e\n\u003cp\u003eThe Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.\u003c/p\u003e\n\u003ch2\u003eIntroduction\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons IO library contains utility classes, stream implementations, file filters,\nfile comparators, endian transformation classes, and much more.\u003c/p\u003e\n\u003cp\u003eVersion 2.21.0: Java 8 or later is required.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cp\u003eo          FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_RB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.FileUtils.ONE_QB \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/763\"\u003e#763\u003c/a\u003e. Thanks to strangelookingnerd, Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory.\no          Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory.\no          Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz.\no          Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz.\no          Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory.\no          Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory.\no          Add IOIterable.asIterable(). Thanks to Gary Gregory.\no          Add NIO channel support to \u003ccode\u003eAbstractStreamBuilder\u003c/code\u003e. Thanks to Piotr P. Karwasz.\no          Add CloseShieldChannel to close-shielded NIO Channels \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/786\"\u003e#786\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/790\"\u003e#790\u003c/a\u003e. Thanks to Piotr P. Karwasz.\u003c/p\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cp\u003eo          When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.\no          When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory.\no          ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory.\no          BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz.\no          BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz.\no          Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz.\no          Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz.\no          IOUtils.toByteArray() now throws EOFException when not enough data is available \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/796\"\u003e#796\u003c/a\u003e. Thanks to Piotr P. Karwasz.\no          Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz.\no          [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/806\"\u003e#806\u003c/a\u003e. Thanks to J Hawkins.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cp\u003eo          Bump org.apache.commons:commons-parent from 85 to 91 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/774\"\u003e#774\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/783\"\u003e#783\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/808\"\u003e#808\u003c/a\u003e. Thanks to Gary Gregory, Dependabot.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/c224bce839494ed651e5eba320b27c73ce8d804e\"\u003e\u003ccode\u003ec224bce\u003c/code\u003e\u003c/a\u003e Prepare for the release candidate 2.20.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/8981a5c9664574003f5d7620cf5133325161e543\"\u003e\u003ccode\u003e8981a5c\u003c/code\u003e\u003c/a\u003e Remove workaround for\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/4ef481f14220c19f6114a3f793df2202bb1336a6\"\u003e\u003ccode\u003e4ef481f\u003c/code\u003e\u003c/a\u003e Prepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/d23228f4a94bd070b0505e5a528da1413915c8a4\"\u003e\u003ccode\u003ed23228f\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/apache/commons-io.git\"\u003ehttps://github.com/apache/commons-io.git\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/5d2737ffe489b91c4af7ccddfeda93d860750729\"\u003e\u003ccode\u003e5d2737f\u003c/code\u003e\u003c/a\u003e Add \u003ca href=\"https://github.com/SuppressWarnings\"\u003e\u003ccode\u003e@​SuppressWarnings\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/e5c80d6eff29b9a3b2b917356345d90237e84e57\"\u003e\u003ccode\u003ee5c80d6\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 \u003ca href=\"https://redirect.github.com/apache/commons-io/issues/761\"\u003e#761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/2017ac063c1cc284dc855265a15a4e2dfdc653e4\"\u003e\u003ccode\u003e2017ac0\u003c/code\u003e\u003c/a\u003e Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (\u003ca href=\"https://redirect.github.com/apache/commons-io/issues/761\"\u003e#761\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/07ce798898b6c6ca639e6ad0e2beecf55cf00d7a\"\u003e\u003ccode\u003e07ce798\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/a828efa09f5b32f80485c2302caf78b8ee3c857c\"\u003e\u003ccode\u003ea828efa\u003c/code\u003e\u003c/a\u003e Add ciManagement element to POM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/commons-io/commit/46bd1c2955a29d676bfbc3fea6cce84918ba6ac5\"\u003e\u003ccode\u003e46bd1c2\u003c/code\u003e\u003c/a\u003e Javadoc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/commons-io/compare/commons-io-2.6...rel/commons-io-2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-collections4` from 4.0 to 4.5.0\n\nUpdates `org.owasp.encoder:encoder` from 1.2.1 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/owasp/owasp-java-encoder/releases\"\u003eorg.owasp.encoder:encoder's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: java.lang.NoSuchMethodError when running on Java 8 by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/80\"\u003eOWASP/owasp-java-encoder#80\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add OSGi related entries in the MANIFEST.MF file by \u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/enapps-enorman\"\u003e\u003ccode\u003e@​enapps-enorman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/82\"\u003eOWASP/owasp-java-encoder#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.3.0...v1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd automatic module name by \u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect javadoc for Encode class. by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/52\"\u003eOWASP/owasp-java-encoder#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd badge for javadoc by \u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTiny typo Fix by \u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spring-core from 5.1.3.RELEASE to 5.3.19 in /jsp by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneral Maintenance by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/61\"\u003eOWASP/owasp-java-encoder#61\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Encode.forHtmlAttribute docs by \u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update esapi thunk by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/76\"\u003eOWASP/owasp-java-encoder#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: multi-release jars - add module name by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/77\"\u003eOWASP/owasp-java-encoder#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support jakarta jsp by \u003ca href=\"https://github.com/jeremylong\"\u003e\u003ccode\u003e@​jeremylong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/75\"\u003eOWASP/owasp-java-encoder#75\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casid\"\u003e\u003ccode\u003e@​casid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/45\"\u003eOWASP/owasp-java-encoder#45\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/seanf\"\u003e\u003ccode\u003e@​seanf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/55\"\u003eOWASP/owasp-java-encoder#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/loris-s-sonarsource\"\u003e\u003ccode\u003e@​loris-s-sonarsource\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/58\"\u003eOWASP/owasp-java-encoder#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/59\"\u003eOWASP/owasp-java-encoder#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/meeque\"\u003e\u003ccode\u003e@​meeque\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/OWASP/owasp-java-encoder/pull/72\"\u003eOWASP/owasp-java-encoder#72\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\"\u003ehttps://github.com/OWASP/owasp-java-encoder/compare/v1.2.3...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to  make the manifest OSGi-compliant (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/39\"\u003e#39\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eUpdate to support ESAPI 2.2 and later (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/37\"\u003e#37\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/be0670b6880483412f8da17211a5d084ff43cd24\"\u003e\u003ccode\u003ebe0670b\u003c/code\u003e\u003c/a\u003e docs: update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/7e203bd6d47ca2c3d04a073ff215021702217289\"\u003e\u003ccode\u003e7e203bd\u003c/code\u003e\u003c/a\u003e fix for issues 81 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/72e415a87b3c40eaf8d6c4629a9f49ddb47bf35b\"\u003e\u003ccode\u003e72e415a\u003c/code\u003e\u003c/a\u003e fix: java.lang.NoSuchMethodError when running on Java 8 (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/d1a0294a21d60ef4ce26d7746e897e17fc2d276f\"\u003e\u003ccode\u003ed1a0294\u003c/code\u003e\u003c/a\u003e fix: build status badge (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/78\"\u003e#78\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/9942889ccb68ed95a1577cd0f6e3ee09841e78de\"\u003e\u003ccode\u003e9942889\u003c/code\u003e\u003c/a\u003e feat: support jakarta jsp (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/2f151ce3219efdfb7f957b6836c976382f629a26\"\u003e\u003ccode\u003e2f151ce\u003c/code\u003e\u003c/a\u003e feat: multi-release jars - add module name (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/0fc8cdee14d4f798010fe866555b1b6e223bfcc1\"\u003e\u003ccode\u003e0fc8cde\u003c/code\u003e\u003c/a\u003e fix: update esapi (\u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/76\"\u003e#76\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/58bd93dc7e9511500cebd50b3cbf8523d6720a7d\"\u003e\u003ccode\u003e58bd93d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/owasp/owasp-java-encoder/issues/72\"\u003e#72\u003c/a\u003e from meeque/issue/71-forHtmlAttribute-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/351e999dcfe4fee38c4aa4bc584d15d3de2ccbb6\"\u003e\u003ccode\u003e351e999\u003c/code\u003e\u003c/a\u003e docs: correct javadoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-java-encoder/commit/604a78f9b926391bd3768ac4545a7c7396b90cca\"\u003e\u003ccode\u003e604a78f\u003c/code\u003e\u003c/a\u003e Be clearer about quotes in forHtmlAttribute docs.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/owasp/owasp-java-encoder/compare/v1.2.1...v1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/maven-assembly-plugin/releases\"\u003eorg.apache.maven.plugins:maven-assembly-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12354406\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.1\u003c/a\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/192\"\u003eapache/maven-assembly-plugin#192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/191\"\u003eapache/maven-assembly-plugin#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/195\"\u003eapache/maven-assembly-plugin#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[MASSEMBLY-1022] Unresolved artifacts should be not processed by \u003ca href=\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/maven-assembly-plugin/pull/194\"\u003eapache/maven-assembly-plugin#194\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\"\u003ehttps://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.7.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317220\u0026amp;version=12353243\"\u003eRelease Notes - Maven Assembly Plugin - Version 3.7.0\u003c/a\u003e\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/0afbb3e1252e0cdfb5e4abe3c4b2a108567059a7\"\u003e\u003ccode\u003e0afbb3e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74e858ad40849cc3f8bef462e310336a8c6a0cd5\"\u003e\u003ccode\u003e74e858a\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1022] Unresolved artifacts should be not processed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/cb5638223ebaf93ff06290a6ebb64c6dac12ebd4\"\u003e\u003ccode\u003ecb56382\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/86bbed043dbe78f6c32e99c1e433e052b2d78f69\"\u003e\u003ccode\u003e86bbed0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/bdcc4d0d093de4484820b2f9c4f84b5d0f7eaaa0\"\u003e\u003ccode\u003ebdcc4d0\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/74fe92e979db0479ee58db580d0e7295e6113e78\"\u003e\u003ccode\u003e74fe92e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/9be6e8733f187b15c0e6c0fb856765e12fb2c055\"\u003e\u003ccode\u003e9be6e87\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/e8630dc91637860d1ca690b2c64c2c18e240eae7\"\u003e\u003ccode\u003ee8630dc\u003c/code\u003e\u003c/a\u003e Bump apache/maven-gh-actions-shared from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/98f97a5dca6eac582ea5e52d7d62e186d9b8e25f\"\u003e\u003ccode\u003e98f97a5\u003c/code\u003e\u003c/a\u003e Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/maven-assembly-plugin/commit/c84e11089a785d56441fac2314224c0bf86b200d\"\u003e\u003ccode\u003ec84e110\u003c/code\u003e\u003c/a\u003e [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/dependabot-action-test/demo-java-dependabot/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dependabot-action-test%2Fdemo-java-dependabot/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.5.2.0","new_version":"2.6.0.0","update_type":"minor","path":"/logicaldoc-webapp","pr_created_at":"2025-09-11T14:55:25.000Z","version_change":"2.5.2.0 → 2.6.0.0","issue":{"uuid":"2819544911","node_id":"PR_kwDOBv681M6oDtdP","number":104,"state":"closed","title":"Bump org.owasp.esapi:esapi from 2.5.2.0 to 2.6.0.0 in /logicaldoc-webapp","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-10-01T09:01:40.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-09-11T14:55:25.000Z","updated_at":"2025-10-01T09:01:40.000Z","time_to_close":1706775,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.5.2.0","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":"/logicaldoc-webapp","ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.5.2.0 to 2.6.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.2.0...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.5.2.0\u0026new-version=2.6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/logicaldoc/community/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/logicaldoc/community/pull/104","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/logicaldoc%2Fcommunity/issues/104","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/104/packages"}},{"old_version":"2.2.3.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-08-20T14:34:02.000Z","version_change":"2.2.3.1 → 2.6.0.0","issue":{"uuid":"2760041920","node_id":"PR_kwDOPGBN6M6kguXA","number":8,"state":"open","title":"Bump the maven group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-20T14:34:02.000Z","updated_at":"2025-08-20T14:34:03.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":8,"packages":[{"name":"org.apache.logging.log4j:log4j-core","old_version":"2.14.1","new_version":"2.17.1"},{"name":"org.springframework.ldap:spring-ldap-core","old_version":"2.3.5.RELEASE","new_version":"2.4.4","repository_url":"https://github.com/spring-projects/spring-ldap"},{"name":"org.springframework:spring-web","old_version":"5.3.18","new_version":"6.1.21","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-context","old_version":"5.3.18","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-webmvc","old_version":"5.3.18","new_version":"6.2.10","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.apache.shiro:shiro-core","old_version":"1.8.0","new_version":"1.13.0","repository_url":"https://github.com/apache/shiro"},{"name":"org.owasp.esapi:esapi","old_version":"2.2.3.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"io.pebbletemplates:pebble","old_version":"3.1.5","new_version":"3.2.4","repository_url":"https://github.com/PebbleTemplates/pebble"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 8 updates in the /java/ql/test/utils/flowtestcasegenerator directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.logging.log4j:log4j-core | `2.14.1` | `2.17.1` |\n| [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) | `2.3.5.RELEASE` | `2.4.4` |\n| [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.1.21` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.1.20` |\n| [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.2.10` |\n| [org.apache.shiro:shiro-core](https://github.com/apache/shiro) | `1.8.0` | `1.13.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.2.3.1` | `2.6.0.0` |\n| [io.pebbletemplates:pebble](https://github.com/PebbleTemplates/pebble) | `3.1.5` | `3.2.4` |\n\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.14.1 to 2.17.1\n\nUpdates `org.springframework.ldap:spring-ldap-core` from 2.3.5.RELEASE to 2.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-ldap/releases\"\u003eorg.springframework.ldap:spring-ldap-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.4.4\u003c/h2\u003e\n\u003ch2\u003eNew Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpecify Locale in Case Functions \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/965\"\u003e#965\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Spring Security 5.8.15 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/962\"\u003e#962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to SLF4J 1.7.36 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/961\"\u003e#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Hibernate 5.6.15 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/960\"\u003e#960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Freemarker 2.3.33 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/959\"\u003e#959\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Apache HttpClient 4.5.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/958\"\u003e#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to AspectJ 1.9.22.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/957\"\u003e#957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Jackson 2.13.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/956\"\u003e#956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Spring Data 2021.1.10 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/955\"\u003e#955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Spring Framework 5.3.39 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/954\"\u003e#954\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.2\u003c/h2\u003e\n\u003ch2\u003eNew Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how DnAttriubte name and index are mutually exclusive \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/941\"\u003e#941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove from Jenkins CI \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/918\"\u003e#918\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ejava.lang.reflect.UndeclaredThrowableException with spring-ldap-core 2.3.2.RELEASE and above \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/939\"\u003e#939\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.1\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWrong Project Information in Maven POM (2.4.0) \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/663\"\u003e#663\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Spring Framework 5.3.21 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/673\"\u003e#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Jackson 2.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/672\"\u003e#672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to unboundid-ldapsdk 6.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/671\"\u003e#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to AspectJ 1.9.9.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/670\"\u003e#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to EasyMock 2.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/669\"\u003e#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to FreeMarker 2.3.31 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/668\"\u003e#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Hibernate 5.6.9.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/667\"\u003e#667\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to hsqldb 2.6.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/666\"\u003e#666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to Spring Security 5.6.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/665\"\u003e#665\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe package \u003ccode\u003eorg.springframework.ldap.core\u003c/code\u003e is split \u003ca href=\"https://redirect.github.com/spring-projects/spring-ldap/issues/632\"\u003e#632\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/ec1d0ac90185536002854d37ea2b413bfe47a19b\"\u003e\u003ccode\u003eec1d0ac\u003c/code\u003e\u003c/a\u003e Release 2.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/1bfb466c385ecd4d0a6cd587e5392b3526c7bf0e\"\u003e\u003ccode\u003e1bfb466\u003c/code\u003e\u003c/a\u003e Polish toLower/UpperCase Usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/ec09768097450955953036c583e839cbc9aecef1\"\u003e\u003ccode\u003eec09768\u003c/code\u003e\u003c/a\u003e Update to Spring Security 5.8.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/1838e6e4010e5e883c9a3e99c6f9c228cd9ca9fc\"\u003e\u003ccode\u003e1838e6e\u003c/code\u003e\u003c/a\u003e Update to SLF4J 1.7.36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/08a5f530720f93f9808c026ebb0acd4c368929fa\"\u003e\u003ccode\u003e08a5f53\u003c/code\u003e\u003c/a\u003e Update to Hibernate 5.6.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/db231b33f572d848232807335d489b9028447f9c\"\u003e\u003ccode\u003edb231b3\u003c/code\u003e\u003c/a\u003e Update to Freemarker 2.3.33\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/361681885d93accb97581afed76ae8a1836be8bd\"\u003e\u003ccode\u003e3616818\u003c/code\u003e\u003c/a\u003e Update to Apache HttpClient 4.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/41a9adb62d265dbcfcdaa1b4d7b68f43e85fd1ee\"\u003e\u003ccode\u003e41a9adb\u003c/code\u003e\u003c/a\u003e Update to AspectJ 1.9.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/a2a42ac0609a04c621994e3bb33d42bea9641376\"\u003e\u003ccode\u003ea2a42ac\u003c/code\u003e\u003c/a\u003e Update to Jackson 2.13.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ldap/commit/bd7600320c44eb3552da7d6db9825d837a1d34e1\"\u003e\u003ccode\u003ebd76003\u003c/code\u003e\u003c/a\u003e Update to Spring Data 2021.1.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-ldap/compare/2.3.5.RELEASE...2.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 5.3.18 to 6.1.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.21\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEncode non-printable character in Content-Disposition parameter \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35035\"\u003e#35035\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow update of existing \u003ccode\u003eWebSession\u003c/code\u003e after max sessions limit is reached \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35018\"\u003e#35018\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnhanced configuration class fails to call package-visible superclass constructor on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34951\"\u003e#34951\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.19 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35022\"\u003e#35022\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/fa36b342ebafc488f29f7d30c8e69a3d4b988ae6\"\u003e\u003ccode\u003efa36b34\u003c/code\u003e\u003c/a\u003e Release v6.1.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/498ccda8fc354a905875a79f2d29e25a447b718b\"\u003e\u003ccode\u003e498ccda\u003c/code\u003e\u003c/a\u003e Upgrade to Gradle 8.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/fd68ea6fcbf94fc1d38bfefd3692fe094652ab3d\"\u003e\u003ccode\u003efd68ea6\u003c/code\u003e\u003c/a\u003e Encode non-printable character in Content-Disposition parameter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/28caa39020a9f7d73f0c181ae265093bedbe9139\"\u003e\u003ccode\u003e28caa39\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8ecc553696cec1cc33a7c4c7e5748d0915f3c9b3\"\u003e\u003ccode\u003e8ecc553\u003c/code\u003e\u003c/a\u003e Polish contribution\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cd44efaf687ce9a13e28e5569ee9c4fd4ee134f6\"\u003e\u003ccode\u003ecd44efa\u003c/code\u003e\u003c/a\u003e Allow update of existing WebSession after max sessions limit is reached\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/59d2895c8289642ba233de93f38e7a109fc971c1\"\u003e\u003ccode\u003e59d2895\u003c/code\u003e\u003c/a\u003e Fix InMemoryWebSessionStoreTests.startsSessionImplicitly() test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a876bb41af418c35ff3409146e29c28e4ed1b619\"\u003e\u003ccode\u003ea876bb4\u003c/code\u003e\u003c/a\u003e Polish WebSession support and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/3b6becac014f55e896de7e28344e2863ff90425a\"\u003e\u003ccode\u003e3b6beca\u003c/code\u003e\u003c/a\u003e Check for package-visible constructor in case of ClassLoader mismatch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/59ffbd7a598af7cc7ef3efa81061cb06a06371e5\"\u003e\u003ccode\u003e59ffbd7\u003c/code\u003e\u003c/a\u003e Test conversion support in PropertySourcesPlaceholderConfigurer\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.1.21\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 5.3.18 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-webmvc` from 5.3.18 to 6.2.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-webmvc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.10\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize NIO path resolution in \u003ccode\u003ePathEditor\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35304\"\u003e#35304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etype\u003c/code\u003e in \u003ccode\u003eProblemDetail\u003c/code\u003e nullable \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35294\"\u003e#35294\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefine UriUtils#decode and StringUtils#uriDecode implementation and documentation \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35253\"\u003e#35253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide configurable \u003ccode\u003euseCaches\u003c/code\u003e option for \u003ccode\u003eURLConnection\u003c/code\u003e usage in \u003ccode\u003eUrlResource\u003c/code\u003e (avoiding jar file leak) \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35218\"\u003e#35218\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@Scheduled\u003c/code\u003e tasks running in \u003ccode\u003eSimpleAsyncTaskScheduler\u003c/code\u003e are interrupted immediately on context close \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35254\"\u003e#35254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eScriptUtils.executeSqlScript()\u003c/code\u003e does not support multiple results per statement \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35248\"\u003e#35248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSuccessful Autowiring Dependent on Configuration ordering and Primary Bean flag \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35239\"\u003e#35239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLocale parameter in MessageSource#getMessage methods should be nullable \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35230\"\u003e#35230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow any \u003ccode\u003e@Transactional\u003c/code\u003e propagation for \u003ccode\u003e@TransactionalEventListener\u003c/code\u003e with BEFORE_COMMIT phase \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35150\"\u003e#35150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCatalog name should be handled with the provided case \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35064\"\u003e#35064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccept support for generated keys column name array on HSQLDB and Derby as well \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34790\"\u003e#34790\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle direct CanncelationException on timeout in JdkClientHttpRequest \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34721\"\u003e#34721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd documentation of RequestMapping about SpEL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35232\"\u003e#35232\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument SqlBinaryValue behaviour with PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34786\"\u003e#34786\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.10 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35313\"\u003e#35313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35312\"\u003e#35312\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Allan-QLB\"\u003e\u003ccode\u003e@​Allan-QLB\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carsago\"\u003e\u003ccode\u003e@​carsago\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cw-dimedis\"\u003e\u003ccode\u003e@​cw-dimedis\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/giampa91\"\u003e\u003ccode\u003e@​giampa91\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/8f64480c9f91aa4f8dcf56c53e5e967a1a65d0b8\"\u003e\u003ccode\u003e8f64480\u003c/code\u003e\u003c/a\u003e Release v6.2.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edda4731e133dd785271cccd032fb4bb028d2720\"\u003e\u003ccode\u003eedda473\u003c/code\u003e\u003c/a\u003e Build against Java 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/9fa2d7d190160bc1a4a713c40c0d3a5d229010e5\"\u003e\u003ccode\u003e9fa2d7d\u003c/code\u003e\u003c/a\u003e Upgrade to Jackson 2.18.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/c30427fd4e18088c02c19be66567440a5878a369\"\u003e\u003ccode\u003ec30427f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.124.Final\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1d908f1847a2ee1d3e24ba2a789b881691494eeb\"\u003e\u003ccode\u003e1d908f1\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.9 and Micrometer 1.14.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/37b076be5121edbe0412f6b8ef190d595692b0e0\"\u003e\u003ccode\u003e37b076b\u003c/code\u003e\u003c/a\u003e Support multiple result sets in ScriptUtils.executeSqlScript()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a9453a59594dfb547a3411135dce210f6f9b1588\"\u003e\u003ccode\u003ea9453a5\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/3781ba223ed76823b99e9c699e0957b391e22bf9\"\u003e\u003ccode\u003e3781ba2\u003c/code\u003e\u003c/a\u003e Optimize NIO path resolution in PathEditor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f11a1e6f827ed7c1bfb18b8318c1f60f2634fc83\"\u003e\u003ccode\u003ef11a1e6\u003c/code\u003e\u003c/a\u003e Polish tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/ffc785471bbe579aaef282720baef00a44d46435\"\u003e\u003ccode\u003effc7854\u003c/code\u003e\u003c/a\u003e Fix checkstyle error\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.2.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.shiro:shiro-core` from 1.8.0 to 1.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/shiro/releases\"\u003eorg.apache.shiro:shiro-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Shiro 1.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump spring.version from 5.3.28 to 5.3.29 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1008\"\u003eapache/shiro#1008\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.13 to 2.7.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1017\"\u003eapache/shiro#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.google.guava:guava from 32.1.1-jre to 32.1.2-jre by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1024\"\u003eapache/shiro#1024\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.owasp:dependency-check-maven from 8.3.1 to 8.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1038\"\u003eapache/shiro#1038\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.mockito:mockito-core from 5.4.0 to 5.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1041\"\u003eapache/shiro#1041\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.codehaus.groovy:groovy from 2.5.22 to 2.5.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1040\"\u003eapache/shiro#1040\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.14 to 2.7.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1047\"\u003eapache/shiro#1047\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 3.5.3 to 3.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1045\"\u003eapache/shiro#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump jetty.version from 9.4.51.v20230217 to 9.4.52.v20230823 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1051\"\u003eapache/shiro#1051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.easymock:easymock from 5.1.0 to 5.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1055\"\u003eapache/shiro#1055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.17.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1063\"\u003eapache/shiro#1063\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 3.6.0 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1064\"\u003eapache/shiro#1064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring.version from 5.3.29 to 5.3.30 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1072\"\u003eapache/shiro#1072\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.0 to 2.16.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1075\"\u003eapache/shiro#1075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.15 to 2.7.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1080\"\u003eapache/shiro#1080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.3 to 0.18.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1084\"\u003eapache/shiro#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.0.0 to 4.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1087\"\u003eapache/shiro#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.mycila:license-maven-plugin from 4.2 to 4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1090\"\u003eapache/shiro#1090\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 3.0.0 to 3.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1093\"\u003eapache/shiro#1093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.0 to 0.18.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1094\"\u003eapache/shiro#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump org.mockito:mockito-core from 5.5.0 to 5.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1106\"\u003eapache/shiro#1106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump jetty.version from 9.4.52.v20230823 to 9.4.53.v20231009 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1110\"\u003eapache/shiro#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.google.guava:guava from 32.1.2-jre to 32.1.3-jre by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1112\"\u003eapache/shiro#1112\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1113\"\u003eapache/shiro#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.1.0 to 4.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1116\"\u003eapache/shiro#1116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.1 to 0.18.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1119\"\u003eapache/shiro#1119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDisable dependency convergence report by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/933\"\u003eapache/shiro#933\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump spring-boot.version from 2.7.16 to 2.7.17 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1122\"\u003eapache/shiro#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump jersey.version from 2.40 to 2.41 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1130\"\u003eapache/shiro#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix naming of WebContainer Tests/IT by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1123\"\u003eapache/shiro#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove dashboard-maven-plugin from build by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1124\"\u003eapache/shiro#1124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump org.owasp:dependency-check-maven from 8.4.0 to 8.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1134\"\u003eapache/shiro#1134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/apache/shiro/issues/1138\"\u003e#1138\u003c/a\u003e Upgrade to Common-cli 1.6.0 by \u003ca href=\"https://github.com/fpapon\"\u003e\u003ccode\u003e@​fpapon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1139\"\u003eapache/shiro#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkipping tests while running release by \u003ca href=\"https://github.com/bdemers\"\u003e\u003ccode\u003e@​bdemers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1137\"\u003eapache/shiro#1137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/apache/shiro/issues/1140\"\u003e#1140\u003c/a\u003e Upgrade to Common-codec 1.16.0 by \u003ca href=\"https://github.com/fpapon\"\u003e\u003ccode\u003e@​fpapon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1141\"\u003eapache/shiro#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/apache/shiro/issues/1143\"\u003e#1143\u003c/a\u003e Upgrade to ASF pom parent 30 by \u003ca href=\"https://github.com/fpapon\"\u003e\u003ccode\u003e@​fpapon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1144\"\u003eapache/shiro#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump com.ibm.icu:icu4j from 73.2 to 74.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/1148\"\u003eapache/shiro#1148\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/apache/shiro/compare/shiro-root-1.12.0...shiro-root-1.13.0\"\u003ehttps://github.com/apache/shiro/compare/shiro-root-1.12.0...shiro-root-1.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eshiro-root-1.12.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump mockito-core from 4.9.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/645\"\u003eapache/shiro#645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump dependency-check-maven from 7.4.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/646\"\u003eapache/shiro#646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump htmlunit from 2.66.0 to 2.69.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/636\"\u003eapache/shiro#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3.2.0 to 3.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/631\"\u003eapache/shiro#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump easymock from 5.0.1 to 5.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/apache/shiro/pull/628\"\u003eapache/shiro#628\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/86819589b3fe4442f4ec1b1cf34e6113afbba73b\"\u003e\u003ccode\u003e8681958\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release shiro-root-1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/f4daf3a5095ed6c35e81aaf522d6e788d75d3b52\"\u003e\u003ccode\u003ef4daf3a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/apache/shiro/issues/1148\"\u003e#1148\u003c/a\u003e from apache/dependabot/maven/1.13.x/com.ibm.icu-icu4...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/02e1f669bf7a99a4059615647428977a83669174\"\u003e\u003ccode\u003e02e1f66\u003c/code\u003e\u003c/a\u003e build(deps): bump com.ibm.icu:icu4j from 73.2 to 74.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/d62387dc576a56a694f0353b3245a892f2f28835\"\u003e\u003ccode\u003ed62387d\u003c/code\u003e\u003c/a\u003e Add tests for SavedRequest redirects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/3b80f5c8e5a95ba31e92e4825ecc0ba3148b555a\"\u003e\u003ccode\u003e3b80f5c\u003c/code\u003e\u003c/a\u003e The InvalidRequestFilter is more flexible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/443135bf8b2ee960b25c93c5d9619c4aa8c15830\"\u003e\u003ccode\u003e443135b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[maven-release-plugin] prepare release shiro-root-1.13.0\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/208e0b89288b8714410b28ca3d2aefd1cb748bce\"\u003e\u003ccode\u003e208e0b8\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[maven-release-plugin] prepare for next development iteration\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/e4c217c40fec439217daba4bb6e31811b4af360a\"\u003e\u003ccode\u003ee4c217c\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/fb469762d32cf2fbaaa3f296475e50680c384961\"\u003e\u003ccode\u003efb46976\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release shiro-root-1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/shiro/commit/4e71c79d08eed140791abb8691f3de9c3c5a1acc\"\u003e\u003ccode\u003e4e71c79\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/apache/shiro/issues/1144\"\u003e#1144\u003c/a\u003e from fpapon/SHIRO-1143\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/shiro/compare/shiro-root-1.8.0...shiro-root-1.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.2.3.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.2.3.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.pebbletemplates:pebble` from 3.1.5 to 3.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PebbleTemplates/pebble/releases\"\u003eio.pebbletemplates:pebble's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.2.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/005e1af80b4501c26acde63093e2ebf138b1ae4c\"\u003e\u003ccode\u003e005e1af\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/6cb1a88d556386acb8fd352c3e25599a54594b24\"\u003e\u003ccode\u003e6cb1a88\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release v3.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/a824b047377a44c4d6d0eaee21f1279c352e449f\"\u003e\u003ccode\u003ea824b04\u003c/code\u003e\u003c/a\u003e Slow VM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/9e218a0d4eb7bee4843901e82ca245383831bf93\"\u003e\u003ccode\u003e9e218a0\u003c/code\u003e\u003c/a\u003e Add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/6c76a54cfff2f5e699349e37ce2b722e10563e2f\"\u003e\u003ccode\u003e6c76a54\u003c/code\u003e\u003c/a\u003e Buy me a coffee\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/84abcf052e895c5f1819b71c979264ed06040ee3\"\u003e\u003ccode\u003e84abcf0\u003c/code\u003e\u003c/a\u003e Fix the problem of unit test failure under JDK 21 (\u003ca href=\"https://redirect.github.com/PebbleTemplates/pebble/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/4105d2c3c80fe4c2048dcf4782f992a3fc20026d\"\u003e\u003ccode\u003e4105d2c\u003c/code\u003e\u003c/a\u003e Fix the problem of not resolving reactive values in models (\u003ca href=\"https://redirect.github.com/PebbleTemplates/pebble/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/948362bfce9c6f939b8d4815c583e3bb7fc7a801\"\u003e\u003ccode\u003e948362b\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/a7f89e37bb52749cc3d58c524318833e65b78770\"\u003e\u003ccode\u003ea7f89e3\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release v3.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PebbleTemplates/pebble/commit/d5bcd3528f38b2a6547673a04f517b3f486c3653\"\u003e\u003ccode\u003ed5bcd35\u003c/code\u003e\u003c/a\u003e Update nexus plugin for release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PebbleTemplates/pebble/compare/3.1.5...3.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/PeezoslugOG/codeql/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/PeezoslugOG/codeql/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/PeezoslugOG%2Fcodeql/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"2.1.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-08-13T23:08:27.000Z","version_change":"2.1.0.1 → 2.6.0.0","issue":{"uuid":"2744337968","node_id":"PR_kwDOM6hIp86jk0Yw","number":2,"state":"open","title":"Bump the maven group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-13T23:08:27.000Z","updated_at":"2025-08-13T23:08:28.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":16,"packages":[{"name":"com.google.code.gson:gson","old_version":"1.7.2","new_version":"2.8.9","repository_url":"https://github.com/google/gson"},{"name":"com.google.guava:guava","old_version":"31.1-jre","new_version":"32.0.0-jre","repository_url":"https://github.com/google/guava"},{"name":"com.rabbitmq:amqp-client","old_version":"5.17.0","new_version":"5.18.0","repository_url":"https://github.com/rabbitmq/rabbitmq-java-client"},{"name":"com.thoughtworks.xstream:xstream","old_version":"1.4.20","new_version":"1.4.21","repository_url":"https://github.com/x-stream/xstream"},{"name":"commons-io:commons-io","old_version":"2.8.0","new_version":"2.14.0"},{"name":"commons-net:commons-net","old_version":"3.7.2","new_version":"3.9.0"},{"name":"com.mysql:mysql-connector-j","old_version":"8.0.33","new_version":"8.2.0","repository_url":"https://github.com/mysql/mysql-connector-j"},{"name":"org.apache.commons:commons-lang3","old_version":"3.11","new_version":"3.18.0"},{"name":"org.apache.kafka:kafka-clients","old_version":"2.7.0","new_version":"3.9.1"},{"name":"org.apache.tomcat.embed:tomcat-embed-core","old_version":"10.0.22","new_version":"10.1.42"},{"name":"org.eclipse.jetty:jetty-servlets","old_version":"9.4.51.v20230217","new_version":"9.4.54.v20240208"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.springframework:spring-context","old_version":"5.3.26","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.testng:testng","old_version":"7.1.0","new_version":"7.5.1","repository_url":"https://github.com/cbeust/testng"},{"name":"com.puppycrawl.tools:checkstyle","old_version":"8.18","new_version":"11.0.0","repository_url":"https://github.com/checkstyle/checkstyle"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [com.google.code.gson:gson](https://github.com/google/gson) | `1.7.2` | `2.8.9` |\n| [com.google.guava:guava](https://github.com/google/guava) | `31.1-jre` | `32.0.0-jre` |\n| [com.rabbitmq:amqp-client](https://github.com/rabbitmq/rabbitmq-java-client) | `5.17.0` | `5.18.0` |\n| [com.thoughtworks.xstream:xstream](https://github.com/x-stream/xstream) | `1.4.20` | `1.4.21` |\n| commons-io:commons-io | `2.8.0` | `2.14.0` |\n| commons-net:commons-net | `3.7.2` | `3.9.0` |\n| [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j) | `8.0.33` | `8.2.0` |\n| org.apache.commons:commons-lang3 | `3.11` | `3.18.0` |\n| org.apache.kafka:kafka-clients | `2.7.0` | `3.9.1` |\n| org.apache.tomcat.embed:tomcat-embed-core | `10.0.22` | `10.1.42` |\n| org.eclipse.jetty:jetty-servlets | `9.4.51.v20230217` | `9.4.54.v20240208` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.6.0.0` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.26` | `6.1.20` |\n| [org.testng:testng](https://github.com/cbeust/testng) | `7.1.0` | `7.5.1` |\n| [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) | `8.18` | `11.0.0` |\n\n\nUpdates `com.google.code.gson:gson` from 1.7.2 to 2.8.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/gson/releases\"\u003ecom.google.code.gson:gson's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGson 2.8.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake OSGi bundle's dependency on \u003ccode\u003esun.misc\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/issues/1993\"\u003e#1993\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eGson.excluder()\u003c/code\u003e exposing internal \u003ccode\u003eExcluder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/issues/1986\"\u003e#1986\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePrevent Java deserialization of internal classes (\u003ca href=\"https://redirect.github.com/google/gson/issues/1991\"\u003e#1991\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove number strategy implementation (\u003ca href=\"https://redirect.github.com/google/gson/issues/1987\"\u003e#1987\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix LongSerializationPolicy null handling being inconsistent with Gson (\u003ca href=\"https://redirect.github.com/google/gson/issues/1990\"\u003e#1990\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eSupport arbitrary Number implementation for Object and Number deserialization (\u003ca href=\"https://redirect.github.com/google/gson/issues/1290\"\u003e#1290\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBump proguard-maven-plugin from 2.4.0 to 2.5.1 (\u003ca href=\"https://redirect.github.com/google/gson/issues/1980\"\u003e#1980\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDon't exclude static local classes (\u003ca href=\"https://redirect.github.com/google/gson/issues/1969\"\u003e#1969\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRuntimeTypeAdapterFactory\u003c/code\u003e depending on internal \u003ccode\u003eStreams\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/issues/1959\"\u003e#1959\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove Maven build (\u003ca href=\"https://redirect.github.com/google/gson/issues/1964\"\u003e#1964\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMake dependency on \u003ccode\u003ejava.sql\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/issues/1707\"\u003e#1707\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGson 2.8.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed issue with recursive types (\u003ca href=\"https://redirect.github.com/google/gson/issues/1390\"\u003e#1390\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBetter behaviour with Java 9+ and \u003ccode\u003eUnsafe\u003c/code\u003e if there is a security manager (\u003ca href=\"https://redirect.github.com/google/gson/issues/1712\"\u003e#1712\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnumTypeAdapter\u003c/code\u003e now works better when ProGuard has obfuscated enum fields (\u003ca href=\"https://redirect.github.com/google/gson/issues/1495\"\u003e#1495\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/gson/blob/main/CHANGELOG.md\"\u003ecom.google.code.gson:gson's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.8.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake OSGi bundle's dependency on \u003ccode\u003esun.misc\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/pull/1993\"\u003egoogle/gson#1993\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eGson.excluder()\u003c/code\u003e exposing internal \u003ccode\u003eExcluder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/pull/1986\"\u003egoogle/gson#1986\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003ePrevent Java deserialization of internal classes (\u003ca href=\"https://redirect.github.com/google/gson/pull/1991\"\u003egoogle/gson#1991\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove number strategy implementation (\u003ca href=\"https://redirect.github.com/google/gson/pull/1987\"\u003egoogle/gson#1987\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix LongSerializationPolicy null handling being inconsistent with Gson (\u003ca href=\"https://redirect.github.com/google/gson/pull/1990\"\u003egoogle/gson#1990\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eSupport arbitrary Number implementation for Object and Number deserialization (\u003ca href=\"https://redirect.github.com/google/gson/pull/1290\"\u003egoogle/gson#1290\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBump proguard-maven-plugin from 2.4.0 to 2.5.1 (\u003ca href=\"https://redirect.github.com/google/gson/pull/1980\"\u003egoogle/gson#1980\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDon't exclude static local classes (\u003ca href=\"https://redirect.github.com/google/gson/pull/1969\"\u003egoogle/gson#1969\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRuntimeTypeAdapterFactory\u003c/code\u003e depending on internal \u003ccode\u003eStreams\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/pull/1959\"\u003egoogle/gson#1959\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eImprove Maven build (\u003ca href=\"https://redirect.github.com/google/gson/pull/1964\"\u003egoogle/gson#1964\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMake dependency on \u003ccode\u003ejava.sql\u003c/code\u003e optional (\u003ca href=\"https://redirect.github.com/google/gson/pull/1707\"\u003egoogle/gson#1707\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed issue with recursive types (\u003ca href=\"https://redirect.github.com/google/gson/issues/1390\"\u003egoogle/gson#1390\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBetter behaviour with Java 9+ and \u003ccode\u003eUnsafe\u003c/code\u003e if there is a security manager (\u003ca href=\"https://redirect.github.com/google/gson/pull/1712\"\u003egoogle/gson#1712\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnumTypeAdapter\u003c/code\u003e now works better when ProGuard has obfuscated enum fields (\u003ca href=\"https://redirect.github.com/google/gson/pull/1495\"\u003egoogle/gson#1495\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eISO8601UtilsTest\u003c/code\u003e failing on systems with UTC+X.\u003c/li\u003e\n\u003cli\u003eImproved javadoc for \u003ccode\u003eJsonStreamParser\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated proguard.cfg (\u003ca href=\"https://redirect.github.com/google/gson/pull/1693\"\u003egoogle/gson#1693\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eIllegalStateException\u003c/code\u003e in \u003ccode\u003eJsonTreeWriter\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/google/gson/issues/1592\"\u003egoogle/gson#1592\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eJsonArray.isEmpty()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/google/gson/pull/1640\"\u003egoogle/gson#1640\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded new test cases (\u003ca href=\"https://redirect.github.com/google/gson/pull/1638\"\u003egoogle/gson#1638\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed OSGi metadata generation to work on JavaSE \u0026lt; 9 (\u003ca href=\"https://redirect.github.com/google/gson/pull/1603\"\u003egoogle/gson#1603\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.6\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2019-10-04\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.5...gson-parent-2.8.6\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded static methods \u003ccode\u003eJsonParser.parseString\u003c/code\u003e and \u003ccode\u003eJsonParser.parseReader\u003c/code\u003e and deprecated instance method \u003ccode\u003eJsonParser.parse\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eJava 9 module-info support\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.5\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2018-05-21\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.4...gson-parent-2.8.5\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrint Gson version while throwing AssertionError and IllegalArgumentException\u003c/li\u003e\n\u003cli\u003eMoved \u003ccode\u003eutils.VersionUtils\u003c/code\u003e class to \u003ccode\u003einternal.JavaVersion\u003c/code\u003e. This is a potential backward incompatible change from 2.8.4\u003c/li\u003e\n\u003cli\u003eFixed issue \u003ca href=\"https://redirect.github.com/google/gson/issues/1310\"\u003egoogle/gson#1310\u003c/a\u003e by supporting Debian Java 9\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2018-05-01\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.3...gson-parent-2.8.4\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a new FieldNamingPolicy, \u003ccode\u003eLOWER_CASE_WITH_DOTS\u003c/code\u003e that mapps JSON name \u003ccode\u003esomeFieldName\u003c/code\u003e to \u003ccode\u003esome.field.name\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed issue \u003ca href=\"https://redirect.github.com/google/gson/issues/1305\"\u003egoogle/gson#1305\u003c/a\u003e by removing compile/runtime dependency on \u003ccode\u003esun.misc.Unsafe\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2018-04-27\u003c/em\u003e  \u003ca href=\"https://github.com/google/gson/compare/gson-parent-2.8.2...gson-parent-2.8.3\"\u003eGitHub Diff\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a new API, \u003ccode\u003eGsonBuilder.newBuilder()\u003c/code\u003e that clones the current builder\u003c/li\u003e\n\u003cli\u003ePreserving DateFormatter behavior on JDK 9\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/6a368d89da37917be7714c3072b8378f4120110a\"\u003e\u003ccode\u003e6a368d8\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release gson-parent-2.8.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/ba96d53bad35f7466073f14cb3d89d09383e1a2d\"\u003e\u003ccode\u003eba96d53\u003c/code\u003e\u003c/a\u003e Fix missing bounds checks for JsonTreeReader.getPath() (\u003ca href=\"https://redirect.github.com/google/gson/issues/2001\"\u003e#2001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/ca1df7f7e09f6b1a763882029dd7057f475b31de\"\u003e\u003ccode\u003eca1df7f\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/gson/issues/1981\"\u003e#1981\u003c/a\u003e: Optional OSGi bundle's dependency on sun.misc package (\u003ca href=\"https://redirect.github.com/google/gson/issues/1993\"\u003e#1993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/c54caf308c3f7d4a6088cf3085c2caa9617e0458\"\u003e\u003ccode\u003ec54caf3\u003c/code\u003e\u003c/a\u003e Deprecate \u003ccode\u003eGson.excluder()\u003c/code\u003e exposing internal \u003ccode\u003eExcluder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/google/gson/issues/1986\"\u003e#1986\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/e6fae590cf2a758c47cd5a17f9bf3780ce62c986\"\u003e\u003ccode\u003ee6fae59\u003c/code\u003e\u003c/a\u003e Prevent Java deserialization of internal classes (\u003ca href=\"https://redirect.github.com/google/gson/issues/1991\"\u003e#1991\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/bda2e3d16af776e0f607d56bbab6eac22f8f2d58\"\u003e\u003ccode\u003ebda2e3d\u003c/code\u003e\u003c/a\u003e Improve number strategy implementation (\u003ca href=\"https://redirect.github.com/google/gson/issues/1987\"\u003e#1987\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/cd748df7122ea4260d35dfe90cfab0c079a1504d\"\u003e\u003ccode\u003ecd748df\u003c/code\u003e\u003c/a\u003e Fix LongSerializationPolicy null handling being inconsistent with Gson (\u003ca href=\"https://redirect.github.com/google/gson/issues/1990\"\u003e#1990\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/fe30b85224316cabf19f5dd3223843437c297802\"\u003e\u003ccode\u003efe30b85\u003c/code\u003e\u003c/a\u003e Support arbitrary Number implementation for Object and Number deserialization...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/1cc16274235f89650349884dd04760bf15a95d96\"\u003e\u003ccode\u003e1cc1627\u003c/code\u003e\u003c/a\u003e Fix incorrect feature request template label (\u003ca href=\"https://redirect.github.com/google/gson/issues/1982\"\u003e#1982\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/gson/commit/7b9a283a7a5d66878c9be01227b15e631afe2a5a\"\u003e\u003ccode\u003e7b9a283\u003c/code\u003e\u003c/a\u003e Bump bnd-maven-plugin from 5.3.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/google/gson/issues/1985\"\u003e#1985\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/gson/compare/gson-1.7.2...gson-parent-2.8.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e32.0.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n  \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\n  \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\n  \u0026lt;version\u0026gt;32.0.0-jre\u0026lt;/version\u0026gt;\n  \u0026lt;!-- or, for Android: --\u0026gt;\n  \u0026lt;version\u0026gt;32.0.0-android\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-jre/guava-32.0.0-jre.jar\"\u003e32.0.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/guava/32.0.0-android/guava-32.0.0-android.jar\"\u003e32.0.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca href=\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone runtime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar\"\u003efailureaccess-1.0.1.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/docs/\"\u003e32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/docs/\"\u003e32.0.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-jre/api/diffs/\"\u003e32.0.0-jre vs. 31.1-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/diffs/\"\u003e32.0.0-android vs. 31.1-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://guava.dev/releases/32.0.0-android/api/androiddiffs/\"\u003e32.0.0-android vs. 32.0.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003ch4\u003eSecurity fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReimplemented \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e to further address CVE-2020-8908 (\u003ca href=\"https://redirect.github.com/google/guava/issues/4011\"\u003e#4011\u003c/a\u003e) and CVE-2023-2976 (\u003ca href=\"https://redirect.github.com/google/guava/issues/2575\"\u003e#2575\u003c/a\u003e). (feb83a1c8f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eWhile CVE-2020-8908 was officially closed when we deprecated \u003ccode\u003eFiles.createTempDir\u003c/code\u003e in \u003ca href=\"https://github.com/google/guava/releases/tag/v30.0\"\u003eGuava 30.0\u003c/a\u003e, we've heard from users that even recent versions of Guava have been listed as vulnerable in \u003cem\u003eother\u003c/em\u003e databases of security vulnerabilities. In response, we've reimplemented the method (and the very rarely used \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e class, which had a similar issue) to eliminate the insecure behavior entirely. This change could technically affect users in a number of different ways (discussed under \u0026quot;Incompatible changes\u0026quot; below), but in practice, the only problem users are likely to encounter is with Windows. If you are using those APIs under Windows, you should skip 32.0.0 and go straight to \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e which fixes the problem. (Unfortunately, we didn't think of the Windows problem until after the release. And while we \u003ca href=\"https://github.com/google/guava#important-warnings\"\u003ewarn that \u003ccode\u003ecommon.io\u003c/code\u003e in particular may not work under Windows\u003c/a\u003e, we didn't intend to regress support.) Sorry for the trouble.\u003c/p\u003e\n\u003ch4\u003eIncompatible changes\u003c/h4\u003e\n\u003cp\u003eAlthough this release bumps Guava's major version number, it makes \u003cstrong\u003eno binary-incompatible changes to the \u003ccode\u003eguava\u003c/code\u003e artifact\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eOne change could cause issues for Widows users, and a few other changes could cause issues for users in more usual situations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThe new implementations of \u003ccode\u003eFiles.createTempDir\u003c/code\u003e and \u003ccode\u003eFileBackedOutputStream\u003c/code\u003e \u003ca href=\"https://redirect.github.com/google/guava/issues/6535\"\u003ethrow an exception under Windows\u003c/a\u003e.\u003c/strong\u003e This is fixed in \u003ca href=\"https://github.com/google/guava/releases/tag/v32.0.1\"\u003e32.0.1\u003c/a\u003e. Sorry for the trouble.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eguava-gwt\u003c/code\u003e now \u003ca href=\"https://redirect.github.com/google/guava/issues/6627\"\u003erequires\u003c/a\u003e GWT \u003ca href=\"https://github.com/gwtproject/gwt/releases/tag/2.10.0\"\u003e2.10.0\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThis release makes a binary-incompatible change to a \u003ccode\u003e@Beta\u003c/code\u003e API in the \u003cstrong\u003eseparate artifact\u003c/strong\u003e \u003ccode\u003eguava-testlib\u003c/code\u003e. Specifically, we changed the return type of \u003ccode\u003eTestingExecutors.sameThreadScheduledExecutor\u003c/code\u003e to \u003ccode\u003eListeningScheduledExecutorService\u003c/code\u003e. The old return type was a package-private class, which caused the Kotlin compiler to produce warnings. (dafaa3e435)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.rabbitmq:amqp-client` from 5.17.0 to 5.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/releases\"\u003ecom.rabbitmq:amqp-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.18.0\u003c/h2\u003e\n\u003ch1\u003eChanges between 5.17.0 and 5.18.0\u003c/h1\u003e\n\u003cp\u003eThis is a minor release with usability improvements and dependency upgrades. It is compatible with 5.17.x. All users of the 5.x.x series are encouraged to upgrade.\u003c/p\u003e\n\u003cp\u003eInbound message size is now enforced, with default limit being 64 MiB.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JHahnHRO\"\u003e\u003ccode\u003e@​JHahnHRO\u003c/code\u003e\u003c/a\u003e and Sérgio Faria (\u003ca href=\"https://github.com/sergio91pt\"\u003e\u003ccode\u003e@​sergio91pt\u003c/code\u003e\u003c/a\u003e) for their contribution.\u003c/p\u003e\n\u003ch2\u003eAdd ability to specify maximum message size\u003c/h2\u003e\n\u003cp\u003eGitHub issue: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1062\"\u003e#1062\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDo not confirmSelect more than once per channel\u003c/h2\u003e\n\u003cp\u003eGitHub PR: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1057\"\u003e#1057\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eMake RpcClient (Auto)Closeable\u003c/h2\u003e\n\u003cp\u003eGitHub issue: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1032\"\u003e#1032\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBump dependencies\u003c/h2\u003e\n\u003cp\u003eGitHub issue: \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/999\"\u003e#999\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eDependency\u003c/h1\u003e\n\u003ch2\u003eMaven\u003c/h2\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n  \u0026lt;groupId\u0026gt;com.rabbitmq\u0026lt;/groupId\u0026gt;\n  \u0026lt;artifactId\u0026gt;amqp-client\u0026lt;/artifactId\u0026gt;\n  \u0026lt;version\u0026gt;5.18.0\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eGradle\u003c/h2\u003e\n\u003cpre lang=\"groovy\"\u003e\u003ccode\u003ecompile 'com.rabbitmq:amqp-client:5.18.0'\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev5.17.1\u003c/h2\u003e\n\u003ch1\u003eChanges between 5.17.0 and 5.17.1\u003c/h1\u003e\n\u003cp\u003eThis is a minor release with a usability improvement. It is compatible with 5.17.0.\u003c/p\u003e\n\u003cp\u003eInbound message size is now enforced, with the default limit being 64 MiB.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/dcc284ee1b199057a1094055b7eac597539c9942\"\u003e\u003ccode\u003edcc284e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release v5.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/75d1d1eb2d365f5a8f0fbc1ff5408f3dd706f4ec\"\u003e\u003ccode\u003e75d1d1e\u003c/code\u003e\u003c/a\u003e Set release version to 5.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/dc7952eaa41feba4c616ffbeb47d99974d16f2dc\"\u003e\u003ccode\u003edc7952e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1064\"\u003e#1064\u003c/a\u003e from rabbitmq/dependabot/maven/5.x.x-stable/org.mock...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/e2fa38f0d8c985a539bdee3a3d40d401a7141a55\"\u003e\u003ccode\u003ee2fa38f\u003c/code\u003e\u003c/a\u003e Bump mockito-core from 5.3.1 to 5.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/04f1801ae6eaac10af7bf802c8fb7065284624e6\"\u003e\u003ccode\u003e04f1801\u003c/code\u003e\u003c/a\u003e Tweak error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8\"\u003e\u003ccode\u003e714aae6\u003c/code\u003e\u003c/a\u003e Add max inbound message size to ConnectionFactory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/83cf551fb0142f7a5d042bd54e0cf3c1e47ed419\"\u003e\u003ccode\u003e83cf551\u003c/code\u003e\u003c/a\u003e Fix flaky test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/0dc9ea2e464158685cd206e35cb52105c156a64c\"\u003e\u003ccode\u003e0dc9ea2\u003c/code\u003e\u003c/a\u003e Do not confirmSelect more than once per channel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/129dc6abb0cbc36b36cdb6f3d5915f470203277f\"\u003e\u003ccode\u003e129dc6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rabbitmq/rabbitmq-java-client/issues/1060\"\u003e#1060\u003c/a\u003e from rabbitmq/dependabot/maven/5.x.x-stable/io.micro...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/commit/671efdcb1adbed4242ce0c954874eeef0d3de0ad\"\u003e\u003ccode\u003e671efdc\u003c/code\u003e\u003c/a\u003e Bump micrometer-core from 1.11.0 to 1.11.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rabbitmq/rabbitmq-java-client/compare/v5.17.0...v5.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.thoughtworks.xstream:xstream` from 1.4.20 to 1.4.21\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/x-stream/xstream/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.8.0 to 2.14.0\n\nUpdates `commons-net:commons-net` from 3.7.2 to 3.9.0\n\nUpdates `com.mysql:mysql-connector-j` from 8.0.33 to 8.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGES\"\u003ecom.mysql:mysql-connector-j's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://dev.mysql.com/doc/relnotes/connector-j/en/\"\u003ehttps://dev.mysql.com/doc/relnotes/connector-j/en/\u003c/a\u003e\u003c/h1\u003e\n\u003cp\u003eVersion 9.4.0\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#116120 (Bug#37079448), Inappropriate charset selected for connection when jdk.charsets not included.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#98620 (Bug#31503893), Using DatabaseMetaData.getColumns() gives collation mix error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118389 (Bug#38044940), OCI ephemeral keys not working after change in OCI CLI.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#22473405, GETOBJECT(STRING , CLASS\u003c!-- raw HTML omitted --\u003e) METHOD RETURNS ERROR FOR POOLED CONNECTION.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWL#17009, Upgrade 3rd party libraries and tools.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118201 (Bug#37971552), A potential bug in Mysql Connector/J.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#44791 (Bug#11753361), Setting/getting holdability on connection does not work properly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#21294134, DBMD.GETPROCEDURECOLUMNS() IS UNABLE TO DEAL WITH PROCEDURE COLUMNS WITH SPACES.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#77658 (Bug#21946136), Incorrect java.sql.Statement.cancel() behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118100 (Bug#37900711), \u003ccode\u003eYou have an error in your SQL syntax\u003c/code\u003e exception thrown after \u003ccode\u003emysql-connector-j\u003c/code\u003e \u003ccode\u003e9.2.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.3.0\u003c/code\u003e upgrade.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#118079 (Bug#37888527), An output message error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#117579 (Bug#37639722), Contribution: Return UUID from ResultSet#getObject().\nThanks to Iwao Abe for his contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#20279578, REGISTEROUTPARAMETER() FAILS WHEN PROCEDURE NAME CONTAINS SOME SPECIAL CHARACTER.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#109339 (Bug#34898663), Failed to insert bignums due to overflow.\nThanks to Yohei Ueki for his contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#77766 (Bug#21503942), CallableStatement.getObject have inconsistent behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWL#16917, Remove IterateBlock class.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#117873 (Bug#37785888), Time instances created from negative milliseconds are encoded without fractional seconds.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#115845 (Bug#36954268), Contribution: Set correct OTel Span name for transaction commits.\nThanks to Willem Fibbe for his contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#75615 (Bug#21181249), Incorrect implementation of Connection.setNetworkTimeout().\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#75441 (Bug#20344798), com.mysql.jdbc.CallableStatement.extractProcedureName fragile.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix for Bug#19948601, UNEXPECTED BEHAVIOUR NOTICED WITH FEW OF THE MYSQL C/JAVA CONNECTION PARAMETERS.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/06a1f724497fd81c6a659131fda822c9e5085b6c\"\u003e\u003ccode\u003e06a1f72\u003c/code\u003e\u003c/a\u003e Fix for Bug#35811592, Missing implementation for Connection.releaseSavepoint().\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/9df3820b2b63d727bf5157e2732f58e7ce9a28fc\"\u003e\u003ccode\u003e9df3820\u003c/code\u003e\u003c/a\u003e Update for GPL license book.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/ff822cfe1bb6a57526f1d76db61a983ba8ecaa43\"\u003e\u003ccode\u003eff822cf\u003c/code\u003e\u003c/a\u003e Fix for tests failing due to expecting unsupported TLS versions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/429db0004e750a9e2f9f0134342b091d473051d7\"\u003e\u003ccode\u003e429db00\u003c/code\u003e\u003c/a\u003e Fix for test SecureSessionTest.testXdevapiTlsVersionsAndCiphersuites() failur...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/d52033a67f0cda0baafbf32555d063c57813d1eb\"\u003e\u003ccode\u003ed52033a\u003c/code\u003e\u003c/a\u003e Fix for tests failing due to using unsupported cipher suites in MySQL 5.7.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/e18e626c53dc5b2afaab9aabd0af199d000a469e\"\u003e\u003ccode\u003ee18e626\u003c/code\u003e\u003c/a\u003e Fix for tests failing due to using deprecated cipher suites.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/4f70ec3e4e115166ad5e1058cf1802995c722dcb\"\u003e\u003ccode\u003e4f70ec3\u003c/code\u003e\u003c/a\u003e Fix for Bug#91351 (Bug#28225464), MysqlConnectionPoolDataSource - autocommit ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/71e4c6b08ccec2911cfbdd114cd1178df7d398f0\"\u003e\u003ccode\u003e71e4c6b\u003c/code\u003e\u003c/a\u003e Fix for property description 'ConnectionProperties.treatMysqlDatetimeAsTimest...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/bae6356c0f924cddeb4cc40e0b1b7438d37e900c\"\u003e\u003ccode\u003ebae6356\u003c/code\u003e\u003c/a\u003e Fix for property description 'ConnectionProperties.authenticationPlugins'.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mysql/mysql-connector-j/commit/5701086339834c86fd92ab60d29d31a8bbe356f3\"\u003e\u003ccode\u003e5701086\u003c/code\u003e\u003c/a\u003e GPL license book update.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mysql/mysql-connector-j/compare/8.0.33...8.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.commons:commons-lang3` from 3.11 to 3.18.0\n\nUpdates `org.apache.kafka:kafka-clients` from 2.7.0 to 3.9.1\n\nUpdates `org.apache.tomcat.embed:tomcat-embed-core` from 10.0.22 to 10.1.42\n\nUpdates `org.eclipse.jetty:jetty-servlets` from 9.4.51.v20230217 to 9.4.54.v20240208\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 5.3.26 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.26...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 5.3.26 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.26...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.testng:testng` from 7.1.0 to 7.5.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cbeust/testng/releases\"\u003eorg.testng:testng's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTestNG v7.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCherrypick Zip Slip Vulnerability to 7.5 release by \u003ca href=\"https://github.com/prashil-g\"\u003e\u003ccode\u003e@​prashil-g\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cbeust/testng/pull/2899\"\u003ecbeust/testng#2899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prashil-g\"\u003e\u003ccode\u003e@​prashil-g\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cbeust/testng/pull/2899\"\u003ecbeust/testng#2899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cbeust/testng/compare/7.5...7.5.1\"\u003ehttps://github.com/cbeust/testng/compare/7.5...7.5.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/testng-team/testng/blob/master/CHANGES.txt\"\u003eorg.testng:testng's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eCurrent (7.12.0)\nFixed: GITHUB-3227: assertEqualsNoOrder false positive when collection has same size and actual Collection is subset of expected collection (Krishnan Mahadevan)\nFixed: GITHUB-3177: Method org.testng.xml.XmlSuite#toXml do not save new properties like \u0026quot;share-thread-pool-for-data-providers\u0026quot; (Krishnan Mahadevan)\nFixed: GITHUB-3179: ClassCastException when use shouldUseGlobalThreadPool(true) property (Krishnan Mahadevan)\nFixed: GITHUB-2765: Test timeouts using existing Executor now propagate the stack trace to the ThreadTimeoutException (Charlie Hayes)\u003c/p\u003e\n\u003cp\u003e7.11.0\nFixed: GITHUB-3180: TestNG testng-failed.xml 'invocation-numbers' values are not calculated correctly with retry and dataproviders (Krishnan Mahadevan)\nFixed: GITHUB-3170: Specifying dataProvider and successPercentage causes test to always pass (Krishnan Mahadevan)\nFixed: GITHUB-3028: Execution stalls when using \u0026quot;use-global-thread-pool\u0026quot; (Krishnan Mahadevan)\nFixed: GITHUB-3122: Update JCommander to 1.83 (Antoine Dessaigne)\nFixed: GITHUB-3135: assertEquals on arrays - Failure message is missing information about the array index when an array element is unexpectedly null or non-null (Albert Choi)\nFixed: GITHUB-3140: assertEqualsDeep on Sets - Deep comparison was using the wrong expected value\nFixed: GITHUB-3189: Incorrect number of ignored tests displayed in the XML results\nFixed: GITHUB-3196: support to execlude somes tests in option of command line\u003c/p\u003e\n\u003cp\u003e7.10.2\nFixed: GITHUB-3117: ListenerComparator doesn't work (Krishnan Mahadevan)\u003c/p\u003e\n\u003cp\u003e7.10.1\nFixed: GITHUB-3110: Update from testng 7.9.0 to 7.10.0 break maven build with junit5 (Krishnan Mahadevan)\u003c/p\u003e\n\u003cp\u003e7.10.0\nFixed: GITHUB-3000: Method predecessors lookup and/or method sorting is broken in certain inheritance and naming setups (Krishnan Mahadevan)\nFixed: GITHUB-3095: Super class annotated with ITestNGListenerFactory makes derived test class throw TestNGException on execution (Krishnan Mahadevan)\nFixed: GITHUB-3081: Discrepancy with combination of (Shared Thread pool and Method Interceptor) (Krishnan Mahadevan)\nFixed: GITHUB-2381: Controlling the inclusion of the listener at runtime (Krishnan Mahadevan)\nFixed: GITHUB-3082: IInvokedMethodListener Iinvoked method does not return correct instance during \u003ca href=\"https://github.com/BeforeMethod\"\u003e\u003ccode\u003e@​BeforeMethod\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/AfterMethod\"\u003e\u003ccode\u003e@​AfterMethod\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AfterClass\"\u003e\u003ccode\u003e@​AfterClass\u003c/code\u003e\u003c/a\u003e (Krishnan Mahadevan)\nFixed: GITHUB-3084: Document project's PGP artifact signing keys (Krishnan Mahadevan)\nFixed: GITHUB-3079: Associate a unique id with every test class object instantiated by TestNG (Krishnan Mahadevan)\nFixed: GITHUB-3040: replace the usages of synchronized with ReentrantLock (Krishnan Mahadevan)\nFixed: GITHUB-3041: TestNG 7.x DataProvider works in opposite to TestNG 6.x when retrying tests. (Krishnan Mahadevan)\nFixed: GITHUB-3066: How to dynamically adjust the number of TestNG threads after IExecutorFactory is deprecated? (Krishnan Mahadevan)\nNew:   GITHUB-2874: Allow users to define ordering for TestNG listeners (Krishnan Mahadevan)\nFixed: GITHUB-3033: Moved ant support under own repository \u003ca href=\"https://github.com/testng-team/testng-ant\"\u003ehttps://github.com/testng-team/testng-ant\u003c/a\u003e (Julien Herr)\nFixed: GITHUB-3064: TestResult lost if failure creating RetryAnalyzer (Krishnan Mahadevan)\nFixed: GITHUB-3048: ConcurrentModificationException when injecting values (Krishnan Mahadevan)\nFixed: GITHUB-3050: Race condition when creating Guice Modules (Krishnan Mahadevan)\nFixed: GITHUB-3059: Support the ability to inject custom listener factory (Krishnan Mahadevan)\nFixed: GITHUB-3045: IDataProviderListener - beforeDataProviderExecution and afterDataProviderExecution are called twice in special setup (Krishnan Mahadevan)\nFixed: GITHUB-3038: java.lang.IllegalStateException: Results per method should NOT have been empty (Krishnan Mahadevan)\nFixed: GITHUB-3022: Remove deprecated JUnit related support in TestNG (Krishnan Mahadevan)\u003c/p\u003e\n\u003cp\u003e7.9.0\nFixed: GITHUB-2019: Total thread count in testng parallel tests with dataproviders (Krishnan Mahadevan)\nFixed: GITHUB-3006: ITestResult injected at \u003ca href=\"https://github.com/AfterMethod\"\u003e\u003ccode\u003e@​AfterMethod\u003c/code\u003e\u003c/a\u003e incorrect when a configuration method failed (Krishnan Mahadevan)\nFixed: GITHUB-2980: Data Provider Threads configuration in the suite don't match the documentation (Krishnan Mahadevan)\nFixed: GITHUB-3003: BeforeClass|AfterClass with inheritedGroups triggers cyclic dependencies (Krishnan Mahadevan)\nNew:   Added \u003ca href=\"https://github.com/Inherited\"\u003e\u003ccode\u003e@​Inherited\u003c/code\u003e\u003c/a\u003e to the Listeners annotation, allowing it to be used in forming meta-annotations. (Pavlo Glushchenko)\nFixed: GITHUB-2991: Suite attributes map should be thread safe (Krishnan Mahadevan)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cbeust/testng/commits/7.5.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.puppycrawl.tools:checkstyle` from 8.18 to 11.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/checkstyle/checkstyle/releases\"\u003ecom.puppycrawl.tools:checkstyle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003echeckstyle-11.0.0\u003c/h2\u003e\n\u003cp\u003eCheckstyle 11.0.0 - \u003ca href=\"https://checkstyle.org/releasenotes.html#Release_11.0.0\"\u003ehttps://checkstyle.org/releasenotes.html#Release_11.0.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eBreaking backward compatibility:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/13209\"\u003e#13209\u003c/a\u003e - Migrate project to JDK 17\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17321\"\u003e#17321\u003c/a\u003e - Use jdk17 as minimial required\u003c/p\u003e\n\u003cp\u003eNew:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17366\"\u003e#17366\u003c/a\u003e - FinalParameters - missing several tokens to check\u003c/p\u003e\n\u003cp\u003eBug fixes:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17332\"\u003e#17332\u003c/a\u003e - False positive from JavadocType: Unused \u003ccode\u003e@\u003c/code\u003eparam tag\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/8205\"\u003e#8205\u003c/a\u003e - fix all false-negatives about there is no single space between a type annotation and [] or .... for Google Style\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17158\"\u003e#17158\u003c/a\u003e - InvalidJavadocPosition false-positive for record compact constructor with package-private accessibility\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14291\"\u003e#14291\u003c/a\u003e - Escape sequences in TextBlock, IllegalTokenText module should violate them for Google style\n\u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17193\"\u003e#17193\u003c/a\u003e - Google-style: Improper enforcement of horizontal whitespace for double slash \u003ccode\u003e//\u003c/code\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/a0745b152682f8dad7f0bac32d17e4d355ce19ef\"\u003e\u003ccode\u003ea0745b1\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release checkstyle-11.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/7ea982e5f9bbbc5f9cfc742c8ac0aa2abafd0c1d\"\u003e\u003ccode\u003e7ea982e\u003c/code\u003e\u003c/a\u003e doc: release notes for 11.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/bf67bad989f0ea9ee61a0516d9880e9a26b04bae\"\u003e\u003ccode\u003ebf67bad\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/17269\"\u003e#17269\u003c/a\u003e: Changind Docker Script to latest groovy Image\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/1931995f97afe8065abed545f453befdc2c9cef8\"\u003e\u003ccode\u003e1931995\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented modifier package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/cb690d09debd060d4086edb1c99fe932ddc2e6ee\"\u003e\u003ccode\u003ecb690d0\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented metrics package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/4869fe56b5c3edc14f9c5f051b101b7bde5a2b95\"\u003e\u003ccode\u003e4869fe5\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented javadoc package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/77bf83e35f107ac9cbc4ee67ac298b6722d91f43\"\u003e\u003ccode\u003e77bf83e\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented indentation package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/0b012bae87dcf36cd54ce01b78f33d2791e3187f\"\u003e\u003ccode\u003e0b012ba\u003c/code\u003e\u003c/a\u003e Issue \u003ca href=\"https://redirect.github.com/checkstyle/checkstyle/issues/14769\"\u003e#14769\u003c/a\u003e: Implemented imports package structure for IT Regression area\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/6b0f6388f24c1049ba2ef66e7254c5fb052943f5\"\u003e\u003ccode\u003e6b0f638\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;minor: trim whitespaces after regression report comment\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/checkstyle/checkstyle/commit/ed7df15f1212fdb85adbeb93a8c06223dedf8b78\"\u003e\u003ccode\u003eed7df15\u003c/code\u003e\u003c/a\u003e minor: trim whitespaces after regression report comment\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/checkstyle/checkstyle/compare/checkstyle-8.18...checkstyle-11.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/luci-digital/cloudstack/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/luci-digital/cloudstack/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/luci-digital%2Fcloudstack/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"2.5.1.0","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-08-12T09:07:15.000Z","version_change":"2.5.1.0 → 2.7.0.0","issue":{"uuid":"2738313291","node_id":"PR_kwDOE4PiQc6jN1hL","number":268,"state":"open","title":"build(deps): bump org.owasp.esapi:esapi from 2.5.1.0 to 2.7.0.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-12T09:07:15.000Z","updated_at":"2025-08-12T09:07:16.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.5.1.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.5.1.0 to 2.7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.1.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=gradle\u0026previous-version=2.5.1.0\u0026new-version=2.7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/guidewire-oss/uaa/pull/268","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guidewire-oss%2Fuaa/issues/268","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/268/packages"}},{"old_version":"2.6.2.0","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-08-07T05:10:48.000Z","version_change":"2.6.2.0 → 2.7.0.0","issue":{"uuid":"2726454738","node_id":"PR_kwDOBErimM6igmXS","number":8310,"state":"closed","title":"Bump the all-maven-deps group across 3 directories with 62 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-07T15:53:31.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-07T05:10:48.000Z","updated_at":"2025-08-07T15:53:31.000Z","time_to_close":38563,"merged_at":"2025-08-07T15:53:31.000Z","merged_by":"sumerjabri","closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-maven-deps","update_count":62,"packages":[{"name":"org.springframework:spring-core","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-context","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-context-support","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-beans","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-expression","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-web","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-webmvc","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-tx","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-oxm","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-aop","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-jdbc","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-websocket","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-messaging","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-test","old_version":"6.2.8","new_version":"6.2.9","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework.security:spring-security-core","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-config","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-web","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-messaging","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-ldap","old_version":"6.5.1","new_version":"6.5.2","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.ldap:spring-ldap-core","old_version":"3.3.1","new_version":"3.3.2","repository_url":"https://github.com/spring-projects/spring-ldap"},{"name":"org.springframework.data:spring-data-commons","old_version":"3.5.1","new_version":"3.5.2","repository_url":"https://github.com/spring-projects/spring-data-commons"},{"name":"commons-codec:commons-codec","old_version":"1.18.0","new_version":"1.19.0","repository_url":"https://github.com/apache/commons-codec"},{"name":"org.apache.commons:commons-compress","old_version":"1.27.1","new_version":"1.28.0","repository_url":"https://github.com/apache/commons-compress"},{"name":"org.apache.cxf:cxf-rt-frontend-jaxws","old_version":"4.1.2","new_version":"4.1.3"},{"name":"org.apache.cxf:cxf-rt-transports-http","old_version":"4.1.2","new_version":"4.1.3"},{"name":"org.apache.cxf:cxf-rt-ws-policy","old_version":"4.1.2","new_version":"4.1.3"},{"name":"commons-cli:commons-cli","old_version":"1.9.0","new_version":"1.10.0","repository_url":"https://github.com/apache/commons-cli"},{"name":"org.apache.commons:commons-text","old_version":"1.13.1","new_version":"1.14.0","repository_url":"https://github.com/apache/commons-text"},{"name":"org.owasp.esapi:esapi","old_version":"2.6.2.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"com.graphql-java:graphql-java","old_version":"24.1","new_version":"24.2","repository_url":"https://github.com/graphql-java/graphql-java"},{"name":"com.graphql-java:graphql-java-extended-scalars","old_version":"22.0","new_version":"24.0","repository_url":"https://github.com/graphql-java/graphql-java-extended-scalars"},{"name":"io.methvin:directory-watcher","old_version":"0.19.0","new_version":"0.19.1","repository_url":"https://github.com/gmethvin/directory-watcher"},{"name":"org.apache.tomcat:tomcat-jasper-el","old_version":"11.0.8","new_version":"11.0.10"},{"name":"org.apache.tomcat.embed:tomcat-embed-websocket","old_version":"11.0.8","new_version":"11.0.10"},{"name":"org.junit.jupiter:junit-jupiter-engine","old_version":"5.13.1","new_version":"5.13.4","repository_url":"https://github.com/junit-team/junit-framework"},{"name":"org.xmlunit:xmlunit-core","old_version":"2.10.2","new_version":"2.10.3","repository_url":"https://github.com/xmlunit/xmlunit"},{"name":"org.opensearch.client:opensearch-rest-high-level-client","old_version":"2.19.2","new_version":"2.19.3","repository_url":"https://github.com/opensearch-project/OpenSearch"},{"name":"org.opensearch.client:opensearch-java","old_version":"2.25.0","new_version":"2.26.0","repository_url":"https://github.com/opensearch-project/opensearch-java"},{"name":"org.apache.tika:tika-core","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/apache/tika"},{"name":"org.apache.tika:tika-parsers-standard-package","old_version":"3.2.0","new_version":"3.2.1"},{"name":"com.squareup.okhttp3:okhttp","old_version":"4.12.0","new_version":"5.1.0","repository_url":"https://github.com/square/okhttp"},{"name":"org.dom4j:dom4j","old_version":"2.1.4","new_version":"2.2.0","repository_url":"https://github.com/dom4j/dom4j"},{"name":"org.jsoup:jsoup","old_version":"1.20.1","new_version":"1.21.1","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.mariadb.jdbc:mariadb-java-client","old_version":"3.5.3","new_version":"3.5.4","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-j"},{"name":"net.sf.saxon:Saxon-HE","old_version":"12.7","new_version":"12.8"},{"name":"com.github.ben-manes.caffeine:caffeine","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/ben-manes/caffeine"},{"name":"de.flapdoodle.embed:de.flapdoodle.embed.mongo","old_version":"4.20.1","new_version":"4.21.0","repository_url":"https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo"},{"name":"com.icegreen:greenmail","old_version":"2.1.3","new_version":"2.1.4","repository_url":"https://github.com/greenmail-mail-test/greenmail"},{"name":"org.codehaus.gmavenplus:gmavenplus-plugin","old_version":"4.2.0","new_version":"4.2.1","repository_url":"https://github.com/groovy/GMavenPlus"},{"name":"org.apache.maven.plugins:maven-gpg-plugin","old_version":"3.2.7","new_version":"3.2.8","repository_url":"https://github.com/apache/maven-gpg-plugin"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-maven-deps group with 50 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-context-support](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-beans](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-expression](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-tx](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-oxm](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-aop](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-websocket](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-messaging](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework:spring-test](https://github.com/spring-projects/spring-framework) | `6.2.8` | `6.2.9` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-config](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-web](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-messaging](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.security:spring-security-ldap](https://github.com/spring-projects/spring-security) | `6.5.1` | `6.5.2` |\n| [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) | `3.3.1` | `3.3.2` |\n| [org.springframework.data:spring-data-commons](https://github.com/spring-projects/spring-data-commons) | `3.5.1` | `3.5.2` |\n| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.18.0` | `1.19.0` |\n| [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.27.1` | `1.28.0` |\n| org.apache.cxf:cxf-rt-frontend-jaxws | `4.1.2` | `4.1.3` |\n| org.apache.cxf:cxf-rt-transports-http | `4.1.2` | `4.1.3` |\n| org.apache.cxf:cxf-rt-ws-policy | `4.1.2` | `4.1.3` |\n| [commons-cli:commons-cli](https://github.com/apache/commons-cli) | `1.9.0` | `1.10.0` |\n| [org.apache.commons:commons-text](https://github.com/apache/commons-text) | `1.13.1` | `1.14.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.6.2.0` | `2.7.0.0` |\n| [com.graphql-java:graphql-java](https://github.com/graphql-java/graphql-java) | `24.1` | `24.2` |\n| [com.graphql-java:graphql-java-extended-scalars](https://github.com/graphql-java/graphql-java-extended-scalars) | `22.0` | `24.0` |\n| [io.methvin:directory-watcher](https://github.com/gmethvin/directory-watcher) | `0.19.0` | `0.19.1` |\n| org.apache.tomcat:tomcat-jasper-el | `11.0.8` | `11.0.10` |\n| org.apache.tomcat.embed:tomcat-embed-websocket | `11.0.8` | `11.0.10` |\n| [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework) | `5.13.1` | `5.13.4` |\n| [org.xmlunit:xmlunit-core](https://github.com/xmlunit/xmlunit) | `2.10.2` | `2.10.3` |\n| [org.opensearch.client:opensearch-rest-high-level-client](https://github.com/opensearch-project/OpenSearch) | `2.19.2` | `2.19.3` |\n| [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) | `2.25.0` | `2.26.0` |\n| [org.apache.tika:tika-core](https://github.com/apache/tika) | `3.2.0` | `3.2.1` |\n| org.apache.tika:tika-parsers-standard-package | `3.2.0` | `3.2.1` |\n| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `4.12.0` | `5.1.0` |\n| [org.dom4j:dom4j](https://github.com/dom4j/dom4j) | `2.1.4` | `2.2.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.20.1` | `1.21.1` |\n| [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) | `3.5.3` | `3.5.4` |\n| net.sf.saxon:Saxon-HE | `12.7` | `12.8` |\n| [com.github.ben-manes.caffeine:caffeine](https://github.com/ben-manes/caffeine) | `3.2.1` | `3.2.2` |\n| [de.flapdoodle.embed:de.flapdoodle.embed.mongo](https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo) | `4.20.1` | `4.21.0` |\n| [com.icegreen:greenmail](https://github.com/greenmail-mail-test/greenmail) | `2.1.3` | `2.1.4` |\n| [org.codehaus.gmavenplus:gmavenplus-plugin](https://github.com/groovy/GMavenPlus) | `4.2.0` | `4.2.1` |\n| [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) | `3.2.7` | `3.2.8` |\n\nBumps the all-maven-deps group with 10 updates in the /shared-dependencies directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| software.amazon.awssdk:bom | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:s3 | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:s3-transfer-manager | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:sts | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:cloudfront | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:cloudformation | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:elastictranscoder | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:mediaconvert | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:sso | `2.32.14` | `2.32.16` |\n| software.amazon.awssdk:ssooidc | `2.32.14` | `2.32.16` |\n\nBumps the all-maven-deps group with 3 updates in the /spring-boot directory: [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin), [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) and [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot).\n\nUpdates `org.springframework:spring-core` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-context-support` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context-support's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-beans` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-beans's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-expression` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-expression's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-webmvc` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-webmvc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eInaccessibleObjectException\u003c/code\u003e next to \u003ccode\u003eIllegalAccessException\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35190\"\u003e#35190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eDate\u003c/code\u003e-to-\u003ccode\u003eInstant\u003c/code\u003e and \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eDate\u003c/code\u003e converters \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35175\"\u003e#35175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistent nullability and exception declarations in \u003ccode\u003eAbstractMessagingTemplate\u003c/code\u003e hierarchy \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35159\"\u003e#35159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister runtime hints for \u003ccode\u003eInstant\u003c/code\u003e-to-\u003ccode\u003eTimestamp\u003c/code\u003e conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35156\"\u003e#35156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling of \u003ccode\u003eResponseEntity\u0026lt;?\u0026gt;\u003c/code\u003e in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35153\"\u003e#35153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e@CacheConfig(\u0026quot;myCacheName\u0026quot;)\u003c/code\u003e declarations for simplified configuration \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35152\"\u003e#35152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeclare \u003ccode\u003emessageSelector\u003c/code\u003e parameters in \u003ccode\u003eJmsOperations\u003c/code\u003e as \u003ccode\u003e@Nullable\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35151\"\u003e#35151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd getter for \u003ccode\u003eOverflowStrategy\u003c/code\u003e in \u003ccode\u003eConcurrentWebSocketSessionDecorator\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35132\"\u003e#35132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse preset Content-Type for streaming and reactive responses in Spring MVC \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35130\"\u003e#35130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLeniently tolerate null \u003ccode\u003e@Aspect\u003c/code\u003e bean \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35074\"\u003e#35074\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDataAccessResourceFailureException\u003c/code\u003e thrown when transaction times out on PostgreSQL \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35073\"\u003e#35073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMethodInvokingFactoryBean\u003c/code\u003e fails to invoke publicly exported methods overridden by internal classes when using JPMS \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34028\"\u003e#34028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore preference for interface (most abstract) method in \u003ccode\u003egetPubliclyAccessibleMethodIfPossible\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35189\"\u003e#35189\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003etargetBeanName\u003c/code\u003e field in AbstractBeanFactoryBasedTargetSource \u003ccode\u003eprotected\u003c/code\u003e to avoid exceptions in logging and \u003ccode\u003etoString()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35172\"\u003e#35172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in \u003ccode\u003eStaticListableBeanFactory\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35119\"\u003e#35119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport StreamingHttpOutputMessage in RestClient \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35102\"\u003e#35102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen building \u003ccode\u003eDELETE\u003c/code\u003e requests, the request body is not used in \u003ccode\u003eJdkClientHttpRequest.buildRequest\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35068\"\u003e#35068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated bean registration file contains \u0026quot;too many constants\u0026quot; when building with many beans \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35044\"\u003e#35044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent cache pollution by storing only the factories \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/34732\"\u003e#34732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux decodes wildcard content-types as form-data/multipart \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34660\"\u003e#34660\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT-generated CGLib proxies do not contain method overrides \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34642\"\u003e#34642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response for ResourceHttpRequestHandler when requested range is not satisfied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34490\"\u003e#34490\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocument how to register runtime hints for convention-based conversion \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35178\"\u003e#35178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to \u003ccode\u003e@ContextConfiguration\u003c/code\u003e Javadoc from reference manual \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/pull/35088\"\u003e#35088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to JUnit 5.13.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35103\"\u003e#35103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.14.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35202\"\u003e#35202\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor 2024.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35201\"\u003e#35201\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Meijuh\"\u003e\u003ccode\u003e@​Meijuh\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/RazorNd\"\u003e\u003ccode\u003e@​RazorNd\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/chenggwang\"\u003e\u003ccode\u003e@​chenggwang\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mjd507\"\u003e\u003ccode\u003e@​mjd507\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/philwebb\"\u003e\u003ccode\u003e@​philwebb\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/09a5ca3e747af3dacd2bbb42ae4f356db26b57d3\"\u003e\u003ccode\u003e09a5ca3\u003c/code\u003e\u003c/a\u003e Release v6.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a4ec25d9ec0466c0c4e9ca4eb9d1ef9df18820a5\"\u003e\u003ccode\u003ea4ec25d\u003c/code\u003e\u003c/a\u003e Upgrade to MockK 1.13.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/0fc043f762d61f190ccbcc905736f8e73737baf9\"\u003e\u003ccode\u003e0fc043f\u003c/code\u003e\u003c/a\u003e Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/54732605a5c8ec2528854919b2e512332bf88498\"\u003e\u003ccode\u003e5473260\u003c/code\u003e\u003c/a\u003e Backport nullability refinements for Micrometer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/12a6098eae12d4871dd2c0bef2e6cca1ba7545c3\"\u003e\u003ccode\u003e12a6098\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f86034b528abd0400cede89969c3e1f8d7f138e0\"\u003e\u003ccode\u003ef86034b\u003c/code\u003e\u003c/a\u003e Drop final declaration from doFilter entry point (for CGLIB proxying)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/21807832c8e560b3b5d52577b4582a17d06348e4\"\u003e\u003ccode\u003e2180783\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/2434bb15404c3f3d7a9b05c3d10ffb024d4c99b4\"\u003e\u003ccode\u003e2434bb1\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4063cb5b9a5d5497faa85c9838ed4c108691a6ce\"\u003e\u003ccode\u003e4063cb5\u003c/code\u003e\u003c/a\u003e Publish releases using Central Portal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/4277682a5cecd0dddef2a39c05f5ef0d79394d45\"\u003e\u003ccode\u003e4277682\u003c/code\u003e\u003c/a\u003e Catch InaccessibleObjectException next to IllegalAccessException\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-tx` from 6.2.8 to 6.2.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-tx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eOncePerRequestFilter\u003c/code\u003e cannot be CGLib-proxied \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/35198\"\u003e#35198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConsistently catch \u003ccode\u003eIn...\n\n_Description has been truncated_","html_url":"https://github.com/craftercms/craftercms/pull/8310","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/craftercms%2Fcraftercms/issues/8310","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8310/packages"}},{"old_version":"2.1.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-30T16:48:25.000Z","version_change":"2.1.0.1 → 2.6.0.0","issue":{"uuid":"2707816002","node_id":"PR_kwDOPVa3786hZf5C","number":1,"state":"open","title":"Bump the maven group across 1 directory with 21 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-30T16:48:25.000Z","updated_at":"2025-07-30T16:48:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":21,"packages":[{"name":"org.json:json","old_version":"20230227","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.jsoup:jsoup","old_version":"1.14.2","new_version":"1.15.3","repository_url":"https://github.com/jhy/jsoup"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.5","new_version":"1.6.0"},{"name":"org.apache.commons:commons-compress","old_version":"1.19","new_version":"1.26.0"},{"name":"org.apache.commons:commons-lang3","old_version":"3.4","new_version":"3.18.0"},{"name":"commons-io:commons-io","old_version":"2.7","new_version":"2.14.0"},{"name":"org.springframework:spring-context","old_version":"5.3.20","new_version":"6.1.20","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework.security:spring-security-core","old_version":"5.7.5","new_version":"5.7.14","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.apache.poi:poi","old_version":"3.17","new_version":"4.1.1"},{"name":"org.apache.poi:poi-ooxml","old_version":"3.17","new_version":"5.4.0"},{"name":"com.fasterxml.jackson.core:jackson-core","old_version":"2.12.6","new_version":"2.15.0","repository_url":"https://github.com/FasterXML/jackson-core"},{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.12.6.1","new_version":"2.12.7.1","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.thoughtworks.xstream:xstream","old_version":"1.4.9","new_version":"1.4.21","repository_url":"https://github.com/x-stream/xstream"},{"name":"org.apache.camel:camel-core","old_version":"2.22.3","new_version":"4.13.0"},{"name":"org.apache.camel:camel-spring","old_version":"2.22.3","new_version":"4.13.0"},{"name":"org.apache.camel:camel-ftp","old_version":"2.22.3","new_version":"4.13.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20230227` | `20231013` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.1.0.1` | `2.6.0.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.14.2` | `1.15.3` |\n| commons-fileupload:commons-fileupload | `1.5` | `1.6.0` |\n| org.apache.commons:commons-compress | `1.19` | `1.26.0` |\n| org.apache.commons:commons-lang3 | `3.4` | `3.18.0` |\n| commons-io:commons-io | `2.7` | `2.14.0` |\n| [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.20` | `6.1.20` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `5.7.5` | `5.7.14` |\n| org.apache.poi:poi | `3.17` | `4.1.1` |\n| org.apache.poi:poi-ooxml | `3.17` | `5.4.0` |\n| [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.12.6` | `2.15.0` |\n| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.12.6.1` | `2.12.7.1` |\n| [com.thoughtworks.xstream:xstream](https://github.com/x-stream/xstream) | `1.4.9` | `1.4.21` |\n| org.apache.camel:camel-core | `2.22.3` | `4.13.0` |\n| org.apache.camel:camel-spring | `2.22.3` | `4.13.0` |\n| org.apache.camel:camel-ftp | `2.22.3` | `4.13.0` |\n\n\nUpdates `org.json:json` from 20230227 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.jsoup:jsoup` from 1.14.2 to 1.15.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup 1.15.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.15.3\u003c/strong\u003e is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.\u003c/p\u003e\n\u003cp\u003eDetails:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003eSecurity advisory\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/news/release-1.15.3\"\u003eRelease notes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/download\"\u003eDownload\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ejsoup 1.15.2 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.2\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ejsoup 1.15.1 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.1\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.14.3\u003c/strong\u003e is out now, adding native \u003cstrong\u003eXPath\u003c/strong\u003e selector support, improved \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e support, and also includes a bunch of bug fixes, improvements, and performance enhancements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.3\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/blob/jsoup-1.15.3/CHANGES\"\u003eorg.jsoup:jsoup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ejsoup changelog\u003c/p\u003e\n\u003cp\u003eRelease 1.15.3 [2022-Aug-24]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if\nSafeList.preserveRelativeLinks is enabled.\n\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003ehttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the\noriginal parse.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the error messages output from Validate are more descriptive. Exceptions are now ValidationExceptions\n(extending IllegalArgumentException). Stack traces do not include the Validate class, to make it simpler to see\nwhere the exception originated. Common validation errors including malformed URLs and empty selector results have\nmore explicit error messages.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: the DataUtil would incorrectly read from InputStreams that emitted reads less than the requested size. This\nlead to incorrect results when parsing from chunked server responses, for e.g.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1807\"\u003ejhy/jsoup#1807\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBuild Improvement: added implementation version and related fields to the jar manifest.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1809\"\u003ejhy/jsoup#1809\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e*** Release 1.15.2 [2022-Jul-04]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added the ability to track the position (line, column, index) in the original input source from where\na given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange().\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1790\"\u003ejhy/jsoup#1790\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(),\nas convenient accessors to those child nodes and elements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning\na null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort\nprocessing if an expected match is not found.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1664\"\u003ejhy/jsoup#1664\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible,\nso that they are indented correctly.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1798\"\u003ejhy/jsoup#1798\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements\nby their simple local name, regardless of whether an xmlns attribute was set.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1801\"\u003ejhy/jsoup#1801\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not\nalready been parsed and must be read fully, and there is any maximum buffer size being applied, only the default\ninternal buffer size is read.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1774\"\u003ejhy/jsoup#1774\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c5964172763e1495786ad584c368ac3346d0ca8c\"\u003e\u003ccode\u003ec596417\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release jsoup-1.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/d2d9ac341dbd48e75c6dd09c571216a81939604f\"\u003e\u003ccode\u003ed2d9ac3\u003c/code\u003e\u003c/a\u003e Changelog for URL cleaner improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/4ea768d96b3d232e63edef9594766d44597b3882\"\u003e\u003ccode\u003e4ea768d\u003c/code\u003e\u003c/a\u003e Strip control characters from URLs when resolving absolute URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/985f1fe13aa0b1d37c6f6f17a948fc240a03dcef\"\u003e\u003ccode\u003e985f1fe\u003c/code\u003e\u003c/a\u003e Include help link for malformed URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/6b67d05d883fdfe0f978d77d219e80324e0a223d\"\u003e\u003ccode\u003e6b67d05\u003c/code\u003e\u003c/a\u003e Improved Validate error messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/653da57a61dc6fcb5a94efb44f514239bdef8613\"\u003e\u003ccode\u003e653da57\u003c/code\u003e\u003c/a\u003e Normalized API doc link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5ed84f631e8889abc9b20ebcc898d053d77bb05d\"\u003e\u003ccode\u003e5ed84f6\u003c/code\u003e\u003c/a\u003e Simplified the Test Server startup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c58112a2eddd630a4f6d76450034c1227ef5f842\"\u003e\u003ccode\u003ec58112a\u003c/code\u003e\u003c/a\u003e Set the read size correctly when capped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/fa13c8066b13f27a92d0057d55bf64e6d66ddff2\"\u003e\u003ccode\u003efa13c80\u003c/code\u003e\u003c/a\u003e Added jar manifest default implementation entries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5b193902029a453b95cfc8850d17e630079cf0a2\"\u003e\u003ccode\u003e5b19390\u003c/code\u003e\u003c/a\u003e Bump maven-resources-plugin from 3.2.0 to 3.3.0 (\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1814\"\u003e#1814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jhy/jsoup/compare/jsoup-1.14.2...jsoup-1.15.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-fileupload:commons-fileupload` from 1.5 to 1.6.0\n\nUpdates `org.apache.commons:commons-compress` from 1.19 to 1.26.0\n\nUpdates `org.apache.commons:commons-lang3` from 3.4 to 3.18.0\n\nUpdates `commons-io:commons-io` from 2.7 to 2.14.0\n\nUpdates `org.springframework:spring-context` from 5.3.20 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-context's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.20...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-webmvc` from 5.3.20 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-webmvc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.20...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework:spring-web` from 5.3.20 to 6.1.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-framework/releases\"\u003eorg.springframework:spring-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.20\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option for case-insensitive match to PatternMatchUtils \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34802\"\u003e#34802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34854\"\u003e#34854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccidental ClassLoader defineClass enforcement after \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34677\"\u003e#34677\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34839\"\u003e#34839\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify \u003ccode\u003eCompositePropertySource\u003c/code\u003e behavior for \u003ccode\u003eEnumerablePropertySource\u003c/code\u003e contract \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34887\"\u003e#34887\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Reactor 2023.0.18 \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34899\"\u003e#34899\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.19\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSuggest compilation with \u003ccode\u003e-parameters\u003c/code\u003e when \u003ccode\u003eAspectJAdviceParameterNameDiscoverer\u003c/code\u003e fails against ambiguity \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34618\"\u003e#34618\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ePropertyBatchUpdateException\u003c/code\u003e: causes of nested \u003ccode\u003ePropertyAccessException\u003c/code\u003es not shown in output \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34698\"\u003e#34698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34694\"\u003e#34694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStartup performance regression due to CGLIB class load attempts in Spring 6.1.x \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34693\"\u003e#34693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34690\"\u003e#34690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@Configuration\u003c/code\u003e classes can no longer be \u003ccode\u003eabstract\u003c/code\u003e without \u003ccode\u003e@Bean\u003c/code\u003e methods \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34689\"\u003e#34689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGenerated-code for LinkedHashMap is missing static keyword \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34661\"\u003e#34661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAbstractReactiveTransactionManager throws IllegalStateException when rollback fails after commit attempt \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34619\"\u003e#34619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd javadoc notes on potential exception suppression in \u003ccode\u003eListableBeanFactory#getBeansOfType\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34631\"\u003e#34631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove remaining references to Forwarded headers in MvcUriComponentsBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34626\"\u003e#34626\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eMvcUriComponentsBuilder\u003c/code\u003e javadocs inaccurately reflects usage of forwarded headers \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34620\"\u003e#34620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.18\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid unnecessary CGLIB processing on configuration classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34487\"\u003e#34487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInconsistent default class loaders in hint classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34473\"\u003e#34473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34515\"\u003e#34515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEndless loop with DataSourceUtils in spring-jdbc \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34497\"\u003e#34497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMockHttpServletResponse - handle multiple values for Content-Language header \u003ca href=\"https://redirect.github.com/spring-projects/spring-framework/issues/34491\"\u003e#34491\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/1f9c59b17b5a7afc69f28b694de4553d6b65c9d5\"\u003e\u003ccode\u003e1f9c59b\u003c/code\u003e\u003c/a\u003e Release v6.1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/edfcc6ffb188e4614ec9b212e3208b666981851c\"\u003e\u003ccode\u003eedfcc6f\u003c/code\u003e\u003c/a\u003e Make use of PatternMatchUtils ignoreCase option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/f93132b11ef6aa5718d20a05846828659c082fe8\"\u003e\u003ccode\u003ef93132b\u003c/code\u003e\u003c/a\u003e Add missing \u003ca href=\"https://github.com/since\"\u003e\u003ccode\u003e@​since\u003c/code\u003e\u003c/a\u003e tags in PatternMatchUtils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/6ab4c84bd528d9480071d3dec4ff0b4904dbbb2f\"\u003e\u003ccode\u003e6ab4c84\u003c/code\u003e\u003c/a\u003e Upgrade to Reactor 2023.0.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/d5fca0d2c5d96b1a59a5814aa38c5f3b15238301\"\u003e\u003ccode\u003ed5fca0d\u003c/code\u003e\u003c/a\u003e Upgrade to Jetty 12.0.21, Netty 4.1.121, Apache HttpClient 5.4.4, Checkstyle ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/cbb94193fe9f11d1af8b8958292b0edc8451cd4c\"\u003e\u003ccode\u003ecbb9419\u003c/code\u003e\u003c/a\u003e Clarify CompositePropertySource behavior for EnumerablePropertySource contract\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/5b5e2b68767537f204d8392201497805ce6562d7\"\u003e\u003ccode\u003e5b5e2b6\u003c/code\u003e\u003c/a\u003e Fix HttpClient 5.3.x request config compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/a5b0399a1d6f3e89ae3bbfeb0b13142ecaddb4e9\"\u003e\u003ccode\u003ea5b0399\u003c/code\u003e\u003c/a\u003e Polishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/71f27256381d72170f9c6d38eea3032ceb24f030\"\u003e\u003ccode\u003e71f2725\u003c/code\u003e\u003c/a\u003e Try loadClass on LinkageError in case of same ClassLoader as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-framework/commit/daee9f1242264215876e67f6ef43b117195385c6\"\u003e\u003ccode\u003edaee9f1\u003c/code\u003e\u003c/a\u003e Reinstate the @⁠Inject Technology Compatibility Kit (TCK)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-framework/compare/v5.3.20...v6.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-core` from 5.7.5 to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/5.7.5...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-config` from 5.7.5 to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-config's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/5.7.5...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.security:spring-security-web` from 5.7.5 to 5.7.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-security/releases\"\u003eorg.springframework.security:spring-security-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.7.14\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerExchangeRejectedHandler \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15975\"\u003e#15975\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport ServerWebExchangeFirewall \u003ccode\u003e@Bean\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/15974\"\u003e#15974\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e5.7.12\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck for \u003ccode\u003enull\u003c/code\u003e Authentication \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/14715\"\u003e#14715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.11\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomate spring-security.xsd \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13819\"\u003e#13819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.10\u003c/h2\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse default PathPatternParser instance \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13461\"\u003e#13461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate io.projectreactor to 2020.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13509\"\u003e#13509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework to 5.3.29 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13511\"\u003e#13511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate org.springframework.data to 2021.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13512\"\u003e#13512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate reactor-netty to 1.0.34 \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13510\"\u003e#13510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.9\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eConvert to Asciidoctor Tabs \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13404\"\u003e#13404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse Antora name of security \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13328\"\u003e#13328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdditional filters registered when using Custom DSL \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13203\"\u003e#13203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that Kotlin DSL needs an import \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13092\"\u003e#13092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13098\"\u003e#13098\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Antora Warnings \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13291\"\u003e#13291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix constant value in XContentTypeOptionsServerHttpHeadersWriter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13155\"\u003e#13155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Documentation Title \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/issues/13315\"\u003e#13315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix javadoc for migration from WebSecurityConfigurerAdapter \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12996\"\u003e#12996\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in SecurityMockMvcResultMatchers.java \u003ca href=\"https://redirect.github.com/spring-projects/spring-security/pull/12793\"\u003e#12793\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/d0b2b33dce56cb97b5efd3cdfa9b41fbc09c4586\"\u003e\u003ccode\u003ed0b2b33\u003c/code\u003e\u003c/a\u003e Release 5.7.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/0eaffb37e7f10f30fdbba1d3728e66e26837ff89\"\u003e\u003ccode\u003e0eaffb3\u003c/code\u003e\u003c/a\u003e Require Locale argument for toLower/toUpperCase usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e86d88d0cf869fce800974eb22e61a9c3dcf5fa2\"\u003e\u003ccode\u003ee86d88d\u003c/code\u003e\u003c/a\u003e Support ServerExchangeRejectedHandler \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/e48d6b039baf104a6c56f4e62e0c2ff4d35a22bb\"\u003e\u003ccode\u003ee48d6b0\u003c/code\u003e\u003c/a\u003e Support ServerWebExchangeFirewall \u003ca href=\"https://github.com/Bean\"\u003e\u003ccode\u003e@​Bean\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/dd3c6892e946f80cdd6e1a6890282fa2920067f1\"\u003e\u003ccode\u003edd3c689\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c552366a7847f09bdadcdbf50e2beb5d41de36fc\"\u003e\u003ccode\u003ec552366\u003c/code\u003e\u003c/a\u003e Release 5.7.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/7215c72373f9e108549649d2c5d25ca5a6361865\"\u003e\u003ccode\u003e7215c72\u003c/code\u003e\u003c/a\u003e Migrate slack notifications to GChat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/4ce7cde15599c0447163fd46bac616e03318bf5b\"\u003e\u003ccode\u003e4ce7cde\u003c/code\u003e\u003c/a\u003e Add Firewall for WebFlux\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/c8342fcfae9babb2be56f10942801edfbf9df573\"\u003e\u003ccode\u003ec8342fc\u003c/code\u003e\u003c/a\u003e Use antora-extensions 1.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-security/commit/1b0c4d68da564195d81dbe6db7032a3047706947\"\u003e\u003ccode\u003e1b0c4d6\u003c/code\u003e\u003c/a\u003e Next development version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-security/compare/5.7.5...5.7.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.poi:poi` from 3.17 to 4.1.1\n\nUpdates `org.apache.poi:poi-ooxml` from 3.17 to 5.4.0\n\nUpdates `com.fasterxml.jackson.core:jackson-core` from 2.12.6 to 2.15.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/FasterXML/jackson-core/blob/jackson-core-2.15.0/release.properties\"\u003ecom.fasterxml.jackson.core:jackson-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e#release configuration\n#Sun Apr 23 14:19:10 PDT 2023\nscm.commentPrefix=[maven-release-plugin]\nexec.pomFileName=pom.xml\npushChanges=false\nreleaseStrategyId=default\nproject.dev.com.fasterxml.jackson.core:jackson-core=2.15.1-SNAPSHOT\nproject.scm.com.fasterxml.jackson.core:jackson-core.connection=scm:git:\u003ca href=\"mailto:git@github.com\"\u003egit@github.com\u003c/a\u003e:FasterXML/jackson-core.git\nscm.tag=jackson-core-2.15.0\nremoteTagging=true\nproject.scm.com.fasterxml.jackson.core:jackson-core.developerConnection=scm:git:\u003ca href=\"mailto:git@github.com\"\u003egit@github.com\u003c/a\u003e:FasterXML/jackson-core.git\nexec.additionalArguments=-Prelease\nscm.branchCommitComment=@{prefix} prepare branch @{releaseLabel}\nprojectVersionPolicyId=default\nscm.url=scm:git:\u003ca href=\"mailto:git@github.com\"\u003egit@github.com\u003c/a\u003e:FasterXML/jackson-core.git\nscm.tagNameFormat=@{project.artifactId}-@{project.version}\nproject.scm.com.fasterxml.jackson.core:jackson-core.tag=HEAD\npinExternals=false\nproject.rel.com.fasterxml.jackson.core:jackson-core=2.15.0\npreparationGoals=clean verify\nscm.releaseCommitComment=@{prefix} prepare release @{releaseLabel}\nexec.snapshotReleasePluginAllowed=false\nproject.scm.com.fasterxml.jackson.core:jackson-core.url=https://github.com/FasterXML/jackson-core\nscm.developmentCommitComment=@{prefix} prepare for next development iteration\nscm.rollbackCommitComment=@{prefix} rollback the release of @{releaseLabel}\ncompletedPhase=end-release\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/a2c0bdcfb9aae8fca555240e63e57c1d9e6f8079\"\u003e\u003ccode\u003ea2c0bdc\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release jackson-core-2.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/180027aeaf6bf1e1d3a8e215cf69ed8f33373552\"\u003e\u003ccode\u003e180027a\u003c/code\u003e\u003c/a\u003e Prepare for 2.15.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/2b4192590f3cfa67df105b160ce022b559fe3d70\"\u003e\u003ccode\u003e2b41925\u003c/code\u003e\u003c/a\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/85340aa204cd4e5f279ab38f44be4e3273d5fa11\"\u003e\u003ccode\u003e85340aa\u003c/code\u003e\u003c/a\u003e Merge branch '2.14' into 2.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/ed846d9497c187f194b7fa8bfb9ec5ba83bd71fa\"\u003e\u003ccode\u003eed846d9\u003c/code\u003e\u003c/a\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/94ea208ab8199d8fa381c438db3a375506cc3319\"\u003e\u003ccode\u003e94ea208\u003c/code\u003e\u003c/a\u003e Update release notes wrt \u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/990\"\u003e#990\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/a4f208696cb6982dd4ddfa3d25522d1349d6cd56\"\u003e\u003ccode\u003ea4f2086\u003c/code\u003e\u003c/a\u003e [2.14 only] backport removal of BigDecimal to BigInt conversion (\u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/990\"\u003e#990\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/1976c0dc7f13fbc4f22e9529d1221fc39091cafe\"\u003e\u003ccode\u003e1976c0d\u003c/code\u003e\u003c/a\u003e Try to get Release workflow working wrt SLSA provenance (fix \u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/844\"\u003e#844\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/FasterXML/jackson-core/issues/989\"\u003e#989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/0ee3ad8f4622bf39c7176d9f57c25f17e364ca97\"\u003e\u003ccode\u003e0ee3ad8\u003c/code\u003e\u003c/a\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FasterXML/jackson-core/commit/163540e385b01a6d1e6d8d3d28c7ca439e975380\"\u003e\u003ccode\u003e163540e\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/FasterXML/jackson-core/compare/jackson-core-2.12.6...jackson-core-2.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.12.6.1 to 2.12.7.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.thoughtworks.xstream:xstream` from 1.4.9 to 1.4.21\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/x-stream/xstream/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.camel:camel-core` from 2.22.3 to 4.13.0\n\nUpdates `org.apache.camel:camel-spring` from 2.22.3 to 4.13.0\n\nUpdates `org.apache.camel:camel-ftp` from 2.22.3 to 4.13.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yours...\n\n_Description has been truncated_","html_url":"https://github.com/rex21919/EUSURVEY/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rex21919%2FEUSURVEY/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.1.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-22T19:40:47.000Z","version_change":"2.1.0.1 → 2.6.0.0","issue":{"uuid":"2686622871","node_id":"PR_kwDOPRB_kc6gIpyX","number":2,"state":"open","title":"Bump org.owasp.esapi:esapi from 2.1.0.1 to 2.6.0.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-22T19:40:47.000Z","updated_at":"2025-07-22T19:40:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.1.0.1 to 2.6.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.1.0.1\u0026new-version=2.6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/essuarezdeveloper/copilot-case-study-devops-devsecops/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/essuarezdeveloper/copilot-case-study-devops-devsecops/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/essuarezdeveloper%2Fcopilot-case-study-devops-devsecops/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"2.6.0.0","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-10T21:31:52.000Z","version_change":"2.6.0.0 → 2.7.0.0","issue":{"uuid":"2657226423","node_id":"PR_kwDOPKf3EM6eYg63","number":2,"state":"open","title":"Bump org.owasp.esapi:esapi from 2.6.0.0 to 2.7.0.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-10T21:31:52.000Z","updated_at":"2025-07-10T21:31:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.6.0.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.6.0.0 to 2.7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003ch2\u003eesapi-2.6.2.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.2.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.2.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a minor patch release with the intent of updating the Apache Commons BeanUtils dependency from v1.9.4 to v1.11.0 to CVE-2025-48734.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.1.0...esapi-2.6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eOther Notes\u003c/h2\u003e\n\u003cp\u003eYou may see GHAS Dependabot references to \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/security/dependabot/17\u003c/a\u003e for this (and previous releases). For a more thorough discussion of this, please see Discussion \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/877\"\u003e#877\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.2.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.6.1.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.1.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.1.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated AntiSamy from release 1.7.7 to 1.7.8 which addresses the potentially exploitable vulnerability \u003ca href=\"https://github.com/advisories/GHSA-73m2-qfq3-56cx\"\u003ehttps://github.com/advisories/GHSA-73m2-qfq3-56cx\u003c/a\u003e. There is slim possibility that this could affect ESAPI users who have allowed certain CSS mark-up constructs to the AntiSamy policy file that they are using. However the default ESAPI AntiSamy policy file (antisamy-esapi.xml) does not permit CSS mark-up of any sort out unless it has been modified by the ESAPI client.\u003c/li\u003e\n\u003cli\u003eOther minor updates to pom.xml\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.0.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.6.0.0\u0026new-version=2.7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/cx-benjamin-simpson/java-benchie-cx/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cx-benjamin-simpson%2Fjava-benchie-cx/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"2.6.2.0","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-10T05:33:24.000Z","version_change":"2.6.2.0 → 2.7.0.0","issue":{"uuid":"2654704407","node_id":"PR_kwDOBErimM6eO5MX","number":8258,"state":"open","title":"Bump the all-maven-deps group across 2 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-10T05:33:24.000Z","updated_at":"2025-07-10T05:33:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"all-maven-deps","update_count":26,"packages":[{"name":"org.apache.commons:commons-lang3","old_version":"3.17.0","new_version":"3.18.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.6.2.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"com.graphql-java:graphql-java-extended-scalars","old_version":"22.0","new_version":"24.0","repository_url":"https://github.com/graphql-java/graphql-java-extended-scalars"},{"name":"org.opensearch.client:opensearch-java","old_version":"2.25.0","new_version":"2.26.0","repository_url":"https://github.com/opensearch-project/opensearch-java"},{"name":"org.apache.tika:tika-core","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/apache/tika"},{"name":"org.apache.tika:tika-parsers-standard-package","old_version":"3.2.0","new_version":"3.2.1"},{"name":"com.squareup.okhttp3:okhttp","old_version":"4.12.0","new_version":"5.1.0","repository_url":"https://github.com/square/okhttp"},{"name":"org.mariadb.jdbc:mariadb-java-client","old_version":"3.5.3","new_version":"3.5.4","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-j"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-maven-deps group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.commons:commons-lang3 | `3.17.0` | `3.18.0` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.6.2.0` | `2.7.0.0` |\n| [com.graphql-java:graphql-java-extended-scalars](https://github.com/graphql-java/graphql-java-extended-scalars) | `22.0` | `24.0` |\n| [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) | `2.25.0` | `2.26.0` |\n| [org.apache.tika:tika-core](https://github.com/apache/tika) | `3.2.0` | `3.2.1` |\n| org.apache.tika:tika-parsers-standard-package | `3.2.0` | `3.2.1` |\n| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `4.12.0` | `5.1.0` |\n| [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) | `3.5.3` | `3.5.4` |\n\nBumps the all-maven-deps group with 18 updates in the /shared-dependencies directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| org.apache.logging.log4j:log4j-api | `2.24.3` | `2.25.0` |\n| org.apache.logging.log4j:log4j-core | `2.24.3` | `2.25.0` |\n| org.apache.logging.log4j:log4j-jakarta-web | `2.24.3` | `2.25.0` |\n| org.apache.logging.log4j:log4j-slf4j2-impl | `2.24.3` | `2.25.0` |\n| [org.eclipse.jgit:org.eclipse.jgit](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| [org.eclipse.jgit:org.eclipse.jgit.archive](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| [org.eclipse.jgit:org.eclipse.jgit.ssh.apache](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| [org.eclipse.jgit:org.eclipse.jgit.junit](https://github.com/eclipse-jgit/jgit) | `7.0.1.202505221510-r` | `7.3.0.202506031305-r` |\n| software.amazon.awssdk:bom | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:s3 | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:s3-transfer-manager | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:sts | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:cloudfront | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:cloudformation | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:elastictranscoder | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:mediaconvert | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:sso | `2.31.77` | `2.31.78` |\n| software.amazon.awssdk:ssooidc | `2.31.77` | `2.31.78` |\n\n\nUpdates `org.apache.commons:commons-lang3` from 3.17.0 to 3.18.0\n\nUpdates `org.owasp.esapi:esapi` from 2.6.2.0 to 2.7.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.graphql-java:graphql-java-extended-scalars` from 22.0 to 24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/releases\"\u003ecom.graphql-java:graphql-java-extended-scalars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.0\u003c/h2\u003e\n\u003cp\u003eThis new version updates the base dependency to graphql-java 24.0\u003c/p\u003e\n\u003cp\u003eWe have six new Scalars included from members of the community.  Thank you one and all.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eHexColorCode\u003c/li\u003e\n\u003cli\u003eYear\u003c/li\u003e\n\u003cli\u003eYearMonth\u003c/li\u003e\n\u003cli\u003eAccurateDuration\u003c/li\u003e\n\u003cli\u003eNominalDuration\u003c/li\u003e\n\u003cli\u003eSecondsSinceEpoch\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump gradle/wrapper-validation-action from 2 to 3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/137\"\u003egraphql-java/graphql-java-extended-scalars#137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump io.github.gradle-nexus.publish-plugin from 1.3.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/136\"\u003egraphql-java/graphql-java-extended-scalars#136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.20 to 3.0.21 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/130\"\u003egraphql-java/graphql-java-extended-scalars#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump com.graphql-java:graphql-java from 22.0 to 22.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/138\"\u003egraphql-java/graphql-java-extended-scalars#138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix BigDecimal and BigInteger package name in README by \u003ca href=\"https://github.com/Yunus1903\"\u003e\u003ccode\u003e@​Yunus1903\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/139\"\u003egraphql-java/graphql-java-extended-scalars#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.21 to 3.0.22 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/140\"\u003egraphql-java/graphql-java-extended-scalars#140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump com.graphql-java:graphql-java from 22.1 to 22.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/144\"\u003egraphql-java/graphql-java-extended-scalars#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.22 to 3.0.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/148\"\u003egraphql-java/graphql-java-extended-scalars#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing final for ExtendedScalars#UUID field by \u003ca href=\"https://github.com/TrianguloY\"\u003e\u003ccode\u003e@​TrianguloY\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/151\"\u003egraphql-java/graphql-java-extended-scalars#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd more DateTime test cases from specification by \u003ca href=\"https://github.com/dondonz\"\u003e\u003ccode\u003e@​dondonz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/150\"\u003egraphql-java/graphql-java-extended-scalars#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd HexColorCode Scalar by \u003ca href=\"https://github.com/onjik\"\u003e\u003ccode\u003e@​onjik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/122\"\u003egraphql-java/graphql-java-extended-scalars#122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Year and YearMonth Scalars by \u003ca href=\"https://github.com/wakita181009\"\u003e\u003ccode\u003e@​wakita181009\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/143\"\u003egraphql-java/graphql-java-extended-scalars#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.23 to 3.0.24 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/152\"\u003egraphql-java/graphql-java-extended-scalars#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed up failing compilation and tests by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/158\"\u003egraphql-java/graphql-java-extended-scalars#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd AccurateDuration and NominalDuration Scalars by \u003ca href=\"https://github.com/AlexandreCarlton\"\u003e\u003ccode\u003e@​AlexandreCarlton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/132\"\u003egraphql-java/graphql-java-extended-scalars#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix issue 126 - use MILLI_OF_SECOND by \u003ca href=\"https://github.com/sachin-bansal\"\u003e\u003ccode\u003e@​sachin-bansal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/129\"\u003egraphql-java/graphql-java-extended-scalars#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes master by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/161\"\u003egraphql-java/graphql-java-extended-scalars#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated to graphql-java 24.x by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/160\"\u003egraphql-java/graphql-java-extended-scalars#160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding new Sonatype URLs by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/164\"\u003egraphql-java/graphql-java-extended-scalars#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GitHub action to reduce CI flakes by \u003ca href=\"https://github.com/dondonz\"\u003e\u003ccode\u003e@​dondonz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/165\"\u003egraphql-java/graphql-java-extended-scalars#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add SecondsSinceEpochScalar by \u003ca href=\"https://github.com/clutcher\"\u003e\u003ccode\u003e@​clutcher\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/163\"\u003egraphql-java/graphql-java-extended-scalars#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThis removes all the deprecated Coercing methods and replaces them with the desired ones by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/159\"\u003egraphql-java/graphql-java-extended-scalars#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.groovy:groovy from 3.0.24 to 3.0.25 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/162\"\u003egraphql-java/graphql-java-extended-scalars#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed docos for \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/105\"\u003e#105\u003c/a\u003e by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/167\"\u003egraphql-java/graphql-java-extended-scalars#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated doco for upcoming 24.0 by \u003ca href=\"https://github.com/bbakerman\"\u003e\u003ccode\u003e@​bbakerman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/168\"\u003egraphql-java/graphql-java-extended-scalars#168\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Yunus1903\"\u003e\u003ccode\u003e@​Yunus1903\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/139\"\u003egraphql-java/graphql-java-extended-scalars#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TrianguloY\"\u003e\u003ccode\u003e@​TrianguloY\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/151\"\u003egraphql-java/graphql-java-extended-scalars#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/onjik\"\u003e\u003ccode\u003e@​onjik\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/122\"\u003egraphql-java/graphql-java-extended-scalars#122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wakita181009\"\u003e\u003ccode\u003e@​wakita181009\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/143\"\u003egraphql-java/graphql-java-extended-scalars#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/AlexandreCarlton\"\u003e\u003ccode\u003e@​AlexandreCarlton\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/132\"\u003egraphql-java/graphql-java-extended-scalars#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sachin-bansal\"\u003e\u003ccode\u003e@​sachin-bansal\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/129\"\u003egraphql-java/graphql-java-extended-scalars#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clutcher\"\u003e\u003ccode\u003e@​clutcher\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/pull/163\"\u003egraphql-java/graphql-java-extended-scalars#163\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/compare/v22.0...v24.0\"\u003ehttps://github.com/graphql-java/graphql-java-extended-scalars/compare/v22.0...v24.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/2c594c2d3c071eed27e355625a5ed6c880a2534f\"\u003e\u003ccode\u003e2c594c2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/168\"\u003e#168\u003c/a\u003e from graphql-java/fix-doco-for-24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/2c86983566f474a80284ec215832bb0ca91b6cb6\"\u003e\u003ccode\u003e2c86983\u003c/code\u003e\u003c/a\u003e Updated doco for upcoming 24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/d2dd2616e87bac62704e08494d8c0b4eaf3792a8\"\u003e\u003ccode\u003ed2dd261\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/167\"\u003e#167\u003c/a\u003e from graphql-java/fix-doco\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/d8a609c9644af29bb0c6d95ac65fc23338a53e43\"\u003e\u003ccode\u003ed8a609c\u003c/code\u003e\u003c/a\u003e Fixed docos for \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/105\"\u003e#105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/05a3bb9380306324c4e020fccc1867fcc879e8e4\"\u003e\u003ccode\u003e05a3bb9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/162\"\u003e#162\u003c/a\u003e from graphql-java/dependabot/gradle/org.codehaus.groo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/850ae19c42c06e8a756505bec6806f464d90f044\"\u003e\u003ccode\u003e850ae19\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/159\"\u003e#159\u003c/a\u003e from graphql-java/valueToLiteral_support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/df78c808044543acf1b26931368d4bc892c198fe\"\u003e\u003ccode\u003edf78c80\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/163\"\u003e#163\u003c/a\u003e from clutcher/seconds_since_epoch_scalar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/4470f6089e1b697108808aee52914601e7672a75\"\u003e\u003ccode\u003e4470f60\u003c/code\u003e\u003c/a\u003e Update ExtendedScalars.java\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/64a24492692deaab321b2c30cb9f0fca46f17a84\"\u003e\u003ccode\u003e64a2449\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/graphql-java/graphql-java-extended-scalars/issues/165\"\u003e#165\u003c/a\u003e from graphql-java/update-github-actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/commit/29eb91472233eea0b91d44d0cc2123cb269ee3dd\"\u003e\u003ccode\u003e29eb914\u003c/code\u003e\u003c/a\u003e Update GitHub action to reduce CI flakes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/graphql-java/graphql-java-extended-scalars/compare/v22.0...v24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.opensearch.client:opensearch-java` from 2.25.0 to 2.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opensearch-project/opensearch-java/releases\"\u003eorg.opensearch.client:opensearch-java's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.26.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[AUTO] Increment version to 2.26.0. by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1595\"\u003eopensearch-project/opensearch-java#1595\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd missed changelog entry by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1597\"\u003eopensearch-project/opensearch-java#1597\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Fix Java 8 unit tests by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1637\"\u003eopensearch-project/opensearch-java#1637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Update the maven snapshot publish endpoint and credential (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1634\"\u003e#1634\u003c/a\u003e) by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1639\"\u003eopensearch-project/opensearch-java#1639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] jackson \u003ccode\u003eObjectMapper\u003c/code\u003e: auto-detect modules (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1643\"\u003e#1643\u003c/a\u003e) by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1648\"\u003eopensearch-project/opensearch-java#1648\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Specify head ref to checkout in dependabot PR workflow by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1654\"\u003eopensearch-project/opensearch-java#1654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Update maven publishing workflow to accommodate nexus EOL by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1659\"\u003eopensearch-project/opensearch-java#1659\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport fixes to 2.x and prepare v2.26.0 release by \u003ca href=\"https://github.com/Xtansia\"\u003e\u003ccode\u003e@​Xtansia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1670\"\u003eopensearch-project/opensearch-java#1670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Backport 2.x] Updated doc for ConnectionConfigCallback by \u003ca href=\"https://github.com/opensearch-trigger-bot\"\u003e\u003ccode\u003e@​opensearch-trigger-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1675\"\u003eopensearch-project/opensearch-java#1675\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/opensearch-project/opensearch-java/compare/v2.25.0...v2.26.0\"\u003ehttps://github.com/opensearch-project/opensearch-java/compare/v2.25.0...v2.26.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opensearch-project/opensearch-java/blob/main/CHANGELOG.md\"\u003eorg.opensearch.client:opensearch-java's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.26.0] - 07/10/2025\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Jackson \u003ccode\u003eObjectMapper\u003c/code\u003e module auto-detection (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1643\"\u003e#1643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.owasp.dependencycheck\u003c/code\u003e from 12.1.1 to 12.1.3 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1608\"\u003e#1608\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1607\"\u003e#1607\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.junit:junit-bom\u003c/code\u003e from 5.13.0 to 5.13.2 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1606\"\u003e#1606\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1650\"\u003e#1650\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1665\"\u003e#1665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.ajoberstar.grgit:grgit-gradle\u003c/code\u003e from 5.3.0 to 5.3.2 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1621\"\u003e#1621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eio.github.classgraph:classgraph\u003c/code\u003e from 4.8.179 to 4.8.180 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1651\"\u003e#1651\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eApacheHttpClient5Transport\u003c/code\u003e not honoring connect \u0026amp; socket timeouts configured on \u003ccode\u003eConnectionConfig\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1662\"\u003e#1662\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.1.0] - 06/04/2025\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003etemplate\u003c/code\u003e query type (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1586\"\u003e#1586\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Search Shards request \u003ccode\u003eslice\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1586\"\u003e#1586\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003escore-ranker-processor\u003c/code\u003e phase results processor (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1594\"\u003e#1594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.apache.httpcomponents.client5:httpclient5\u003c/code\u003e from 5.4.4 to 5.5 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1578\"\u003e#1578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eorg.junit:junit-bom\u003c/code\u003e from 5.12.2 to 5.13.0 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/pull/1587\"\u003e#1587\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/bb1b2a172fd40054f3e02ffd738fbed13a6a5583\"\u003e\u003ccode\u003ebb1b2a1\u003c/code\u003e\u003c/a\u003e updated doc for ConnectionConfigCallback (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1674\"\u003e#1674\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1675\"\u003e#1675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/e4ae610c199d0fc6369e1dca8e1574573f8b66c3\"\u003e\u003ccode\u003ee4ae610\u003c/code\u003e\u003c/a\u003e Backport fixes to 2.x and prepare v2.26.0 release (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1670\"\u003e#1670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/64429a9bd65576c6e79edab9376e0fbbffdfa6d3\"\u003e\u003ccode\u003e64429a9\u003c/code\u003e\u003c/a\u003e Update maven publishing workflow to accommodate nexus EOL (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1658\"\u003e#1658\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1659\"\u003e#1659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/2cebe7b996a90ec5e47e63dae69750fa8d896cc1\"\u003e\u003ccode\u003e2cebe7b\u003c/code\u003e\u003c/a\u003e Specify head ref to checkout in dependabot PR workflow (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1653\"\u003e#1653\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1654\"\u003e#1654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/ddba1f276f7019fc81b50ac7ddb955f6adcdbe1e\"\u003e\u003ccode\u003eddba1f2\u003c/code\u003e\u003c/a\u003e jackson \u003ccode\u003eObjectMapper\u003c/code\u003e: auto-detect modules (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1643\"\u003e#1643\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1648\"\u003e#1648\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/f78d75dcf5f636a4f41889e2e2ab171162323152\"\u003e\u003ccode\u003ef78d75d\u003c/code\u003e\u003c/a\u003e Update the maven snapshot publish endpoint and credential (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1634\"\u003e#1634\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1639\"\u003e#1639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/3edeb966868a65443fea217b6d719d498c14a902\"\u003e\u003ccode\u003e3edeb96\u003c/code\u003e\u003c/a\u003e Fix Java 8 unit tests (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1631\"\u003e#1631\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/d638a63462e324e2ac930201234eb856e903d547\"\u003e\u003ccode\u003ed638a63\u003c/code\u003e\u003c/a\u003e Add missed changelog entry (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1597\"\u003e#1597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opensearch-project/opensearch-java/commit/86edcc5cbabbb352d904fc1eb878f7231c2bb29d\"\u003e\u003ccode\u003e86edcc5\u003c/code\u003e\u003c/a\u003e Increment version to 2.26.0 (\u003ca href=\"https://redirect.github.com/opensearch-project/opensearch-java/issues/1595\"\u003e#1595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/opensearch-project/opensearch-java/compare/v2.25.0...v2.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tika:tika-core` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/tika/blob/main/CHANGES.txt\"\u003eorg.apache.tika:tika-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eRelease 4.0.0-BETA1 - ???\nBREAKING CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHeaders are no longer injected into the body/content of MSG files (TIKA-4345). Please open\na ticket if you need this behavior across email formats.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe tika-batch module has been removed (TIKA-4333).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOTHER CHANGES\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix concurrency bug in TikaToXMP (TIKA-4393)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.2.1 - ???\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix POIFSContainerDetector regression when wrapping an InputStream in\na TikaInputStream (TIKA-4441).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImportant bug fix for zip-based detection on a non-TikaInputStream (TIKA-4424).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove text extraction from EMF (TIKA-4432).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDependency updates (TIKA-4421).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.2.0 - 05/21/2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDetect inline images in MSG files (TIKA-4391).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove extraction of metadata in MSG files (TIKA-4381).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix concurrency bug in TikaToXMP (TIKA-4393).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix potential GDAL deadlock (TIKA-4385).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove extraction of properties from msg files (TIKA-4381).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eInclude internal attachment path in tika-eval reports (TIKA-4374).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade jsoup to 1.20.1 with workaround for change in self-closing tag behavior (TIKA-4419).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade dependencies (TIKA-4379).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 3.1.0 - 01/28/25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow users to turn off the injection of some headers into the content stream of MSG\nfiles (TIKA-4345).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd a wrapper for Google's magika detector (TIKA-4344).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for MachO via Alexey Pelykh (TIKA-4309).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apache/tika/commits/3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.tika:tika-parsers-standard-package` from 3.2.0 to 3.2.1\n\nUpdates `org.apache.tika:tika-parsers-standard-package` from 3.2.0 to 3.2.1\n\nUpdates `com.squareup.okhttp3:okhttp` from 4.12.0 to 5.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/square/okhttp/blob/master/CHANGELOG.md\"\u003ecom.squareup.okhttp3:okhttp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 5.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-07\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: \u003ccode\u003eResponse.peekTrailers()\u003c/code\u003e. When we changed \u003ccode\u003eResponse.trailers()\u003c/code\u003e to block instead of\nthrowing in 5.0.0, we inadvertently removed the ability for callers to peek the trailers\n(by catching the \u003ccode\u003eIllegalStateException\u003c/code\u003e if they weren't available). This new API restores that\ncapability.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Don't crash on \u003ccode\u003etrailers()\u003c/code\u003e if the response doesn't have a body. We broke [Retrofit] users\nwho read the trailers on the \u003ccode\u003eraw()\u003c/code\u003e OkHttp response, after its body was decoded.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 5.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-02\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eThis is our first stable release of OkHttp since 2023. Here's the highlights if you're upgrading\nfrom OkHttp 4.x:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eOkHttp is now packaged as separate JVM and Android artifacts.\u003c/strong\u003e This allows us to offer\nplatform-specific features and optimizations. If your build system handles [Gradle module metadata],\nthis change should be automatic.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eMockWebServer has a new coordinate and package name.\u003c/strong\u003e We didn’t like that our old artifact\ndepends on JUnit 4 so the new one doesn’t. It also has a better API built on immutable values. (We\nintend to continue publishing the old \u003ccode\u003eokhttp3.mockwebserver\u003c/code\u003e artifact so there’s no urgency to\nmigrate.)\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth align=\"left\"\u003eCoordinate\u003c/th\u003e\n\u003cth align=\"left\"\u003ePackage Name\u003c/th\u003e\n\u003cth align=\"left\"\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver3:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003emockwebserver3\u003c/td\u003e\n\u003ctd align=\"left\"\u003eCore module. No JUnit dependency!\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver3-junit4:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003emockwebserver3.junit4\u003c/td\u003e\n\u003ctd align=\"left\"\u003eOptional JUnit 4 integration.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver3-junit5:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003emockwebserver3.junit5\u003c/td\u003e\n\u003ctd align=\"left\"\u003eOptional JUnit 5 integration.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"left\"\u003ecom.squareup.okhttp3:mockwebserver:5.0.0\u003c/td\u003e\n\u003ctd align=\"left\"\u003eokhttp3.mockwebserver\u003c/td\u003e\n\u003ctd align=\"left\"\u003eObsolete. Depends on JUnit 4.\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003e\u003cstrong\u003eOkHttp now supports Happy Eyeballs ([RFC 8305][rfc_8305]) for IPv4+IPv6 networks.\u003c/strong\u003e It attempts\nboth IPv6 and IPv4 connections concurrently, keeping whichever connects first.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eWe’ve improved our Kotlin APIs.\u003c/strong\u003e You can skip the builder:\u003c/p\u003e\n\u003cpre lang=\"kotlin\"\u003e\u003ccode\u003eval request = Request(\n  url = \u0026quot;https://cash.app/\u0026quot;.toHttpUrl(),\n)\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eOkHttp now supports [GraalVM].\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eHere’s what has changed since 5.0.0-alpha.17:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/d2dd1806973f7355b07a45fb1ef6a1bcfc094fdb\"\u003e\u003ccode\u003ed2dd180\u003c/code\u003e\u003c/a\u003e Prepare for release 5.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/61a87359f64fb9506122322176a0695a6dec672c\"\u003e\u003ccode\u003e61a8735\u003c/code\u003e\u003c/a\u003e New Response.peekTrailers() API (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8921\"\u003e#8921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/66844010f74a20bc076063620a06de478c6fcb26\"\u003e\u003ccode\u003e6684401\u003c/code\u003e\u003c/a\u003e Update dependency gradle to v8.14.3 (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8915\"\u003e#8915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/7adb2b637cd2d214cdad741a3a1ba056db55e049\"\u003e\u003ccode\u003e7adb2b6\u003c/code\u003e\u003c/a\u003e Update junit-framework monorepo (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8914\"\u003e#8914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/e41ff18df84982042e26fae6fa0cc482a55a47b8\"\u003e\u003ccode\u003ee41ff18\u003c/code\u003e\u003c/a\u003e Link to new mockwebserver artifacts (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8911\"\u003e#8911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/0ff87513e2f1c75f32290d0c24d475bc0459bb7f\"\u003e\u003ccode\u003e0ff8751\u003c/code\u003e\u003c/a\u003e Remove Graal init tracing (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8909\"\u003e#8909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/b9a2560e5647ff18c0a0538998c070938fc65380\"\u003e\u003ccode\u003eb9a2560\u003c/code\u003e\u003c/a\u003e Run graal on master (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8907\"\u003e#8907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/8339524463f56a7d68bc43ce7af562702e371f4c\"\u003e\u003ccode\u003e8339524\u003c/code\u003e\u003c/a\u003e Remove ExperimentalOkHttpApi references (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8908\"\u003e#8908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/ce29ef618240b8e4c82b5932e6bc0f7a4730adb9\"\u003e\u003ccode\u003ece29ef6\u003c/code\u003e\u003c/a\u003e Fix graal tests (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8906\"\u003e#8906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okhttp/commit/85796896c3042935a98500e4d41b0f3ca49523e7\"\u003e\u003ccode\u003e8579689\u003c/code\u003e\u003c/a\u003e Don't force a response body read on all trailers (\u003ca href=\"https://redirect.github.com/square/okhttp/issues/8904\"\u003e#8904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/square/okhttp/compare/parent-4.12.0...parent-5.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.mariadb.jdbc:mariadb-java-client` from 3.5.3 to 3.5.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/releases\"\u003eorg.mariadb.jdbc:mariadb-java-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eMariaDB Connector/Java 3.5.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.5.4\"\u003e3.5.4\u003c/a\u003e (Jun 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.3...3.5.4\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eKey Enhancements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1261 - Added caching option for loadCodecs results to improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eIssues Resolved\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1234 - Fixed incorrect type definitions in DatabaseMetaData.getTypeInfo()\u003c/li\u003e\n\u003cli\u003eCONJ-1247 - Resolved potential race condition that could cause NullPointerException\u003c/li\u003e\n\u003cli\u003eCONJ-1250 - avoids redundant queries for CallableStatement.getParameterMetaData()\u003c/li\u003e\n\u003cli\u003eCONJ-1251 - Fixed SSL configuration issue where zero SSL settings only functioned without explicit SSL configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1252 - Resolved GSSAPI authentication error when server exchanges begin with 0x01 byte\u003c/li\u003e\n\u003cli\u003eCONJ-1254 - Corrected DatabaseMetadata.getTypeInfo() returning incorrect values for AUTO_INCREMENT, FIXED_PREC_SCALE, and CASE_SENSITIVE fields\u003c/li\u003e\n\u003cli\u003eCONJ-1255 - Fixed getString method on BIT(1) fields to properly honor transformedBitIsBoolean configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1259 - Enhanced metadata compatibility with MariaDB version 12.0\u003c/li\u003e\n\u003cli\u003eCONJ-1260 - Improved performance of DatabaseMetaData.getExportedKeys method\u003c/li\u003e\n\u003cli\u003eCONJ-1256 - Fixed issue to ensure correct catalog name is returned\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/blob/main/CHANGELOG.md\"\u003eorg.mariadb.jdbc:mariadb-java-client's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.5.4\"\u003e3.5.4\u003c/a\u003e (Jun 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.3...3.5.4\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eKey Enhancements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1261 - Added caching option for loadCodecs results to improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eIssues Resolved\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCONJ-1234 - Fixed incorrect type definitions in DatabaseMetaData.getTypeInfo()\u003c/li\u003e\n\u003cli\u003eCONJ-1247 - Resolved potential race condition that could cause NullPointerException\u003c/li\u003e\n\u003cli\u003eCONJ-1250 - avoids redundant queries for CallableStatement.getParameterMetaData()\u003c/li\u003e\n\u003cli\u003eCONJ-1251 - Fixed SSL configuration issue where zero SSL settings only functioned without explicit SSL configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1252 - Resolved GSSAPI authentication error when server exchanges begin with 0x01 byte\u003c/li\u003e\n\u003cli\u003eCONJ-1254 - Corrected DatabaseMetadata.getTypeInfo() returning incorrect values for AUTO_INCREMENT, FIXED_PREC_SCALE, and CASE_SENSITIVE fields\u003c/li\u003e\n\u003cli\u003eCONJ-1255 - Fixed getString method on BIT(1) fields to properly honor transformedBitIsBoolean configuration\u003c/li\u003e\n\u003cli\u003eCONJ-1259 - Enhanced metadata compatibility with MariaDB version 12.0\u003c/li\u003e\n\u003cli\u003eCONJ-1260 - Improved performance of DatabaseMetaData.getExportedKeys method\u003c/li\u003e\n\u003cli\u003eCONJ-1256 - Fixed issue to ensure correct catalog name is returned\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/3b9bebd737772dcf9a2747004d5aa1b5b896c850\"\u003e\u003ccode\u003e3b9bebd\u003c/code\u003e\u003c/a\u003e [misc] change maven oss to central since oss is now deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/81b0dccacb92fc954d7e9e598f60f326ece51b30\"\u003e\u003ccode\u003e81b0dcc\u003c/code\u003e\u003c/a\u003e [misc] correct test certificate path\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/ce280ce3a979ecc9f8fbaa9f9de8f7af3f00d99d\"\u003e\u003ccode\u003ece280ce\u003c/code\u003e\u003c/a\u003e [misc] ensure test stability with MySQL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/2a916fff3f8613480e91426944994d31d39c6538\"\u003e\u003ccode\u003e2a916ff\u003c/code\u003e\u003c/a\u003e [misc] ensure pkcs testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/db2f3f9989fd4b456d60dffebb39d4a8d20a08bf\"\u003e\u003ccode\u003edb2f3f9\u003c/code\u003e\u003c/a\u003e bump 3.5.4 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/bc3bec4f40e8567363a2dff84add53a9530f24a1\"\u003e\u003ccode\u003ebc3bec4\u003c/code\u003e\u003c/a\u003e Merge branch 'develop'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/69114ab89ba766fd357489157c3c91abf98cd2b5\"\u003e\u003ccode\u003e69114ab\u003c/code\u003e\u003c/a\u003e [CONJ-1260] DatabaseMetaData.getExportedKeys may be slow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/413760da0fcfac850b2f23321c8254318127377d\"\u003e\u003ccode\u003e413760d\u003c/code\u003e\u003c/a\u003e [misc] correct schedule on maintenance version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/b58aa848b30c06c5a2e4f61e36b9390aedb4b756\"\u003e\u003ccode\u003eb58aa84\u003c/code\u003e\u003c/a\u003e [CONJ-1261] Provide an option to cache the results of loadCodecs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/commit/ec452a7bb86d0ab6e942db7257e599b6d8fe01db\"\u003e\u003ccode\u003eec452a7\u003c/code\u003e\u003c/a\u003e [misc] connect to docker if env set\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.3...3.5.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.logging.log4j:log4j-api` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-jakarta-web` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-jakarta-web` from 2.24.3 to 2.25.0\n\nUpdates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.25.0\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.archive` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.ssh.apache` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.junit` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.ssh.apache` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.eclipse.jgit:org.eclipse.jgit.junit` from 7.0.1.202505221510-r to 7.3.0.202506031305-r\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/22e8820c65327800dfc054d2f07940df4e02365c\"\u003e\u003ccode\u003e22e8820\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202506031305-r\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/afc36558e22aba4a750d7e96b5c660ef2fc53f44\"\u003e\u003ccode\u003eafc3655\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable-7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/795f4d97111f725dc29906e73f2ed5073193da09\"\u003e\u003ccode\u003e795f4d9\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.2'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/886849c68380579e5ea361c600a63389992f7b3c\"\u003e\u003ccode\u003e886849c\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.1' into stable-7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/6e0db8377b5fba2988d8ade84011ea07ee06414e\"\u003e\u003ccode\u003e6e0db83\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-7.0' into stable-7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/e90d1fa8911b246df198989765d199fa8565aad0\"\u003e\u003ccode\u003ee90d1fa\u003c/code\u003e\u003c/a\u003e Merge branch 'stable-6.10' into stable-7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/f004052ae675570e02aa1ef33384bc81b3644cf2\"\u003e\u003ccode\u003ef004052\u003c/code\u003e\u003c/a\u003e Update maven plugins\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/1c72895097f290b1fdea87bb4b62fb3517e5f14f\"\u003e\u003ccode\u003e1c72895\u003c/code\u003e\u003c/a\u003e Use the same ordering/locking in delete() as C git\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/5ed259fac4f45c46db36876c441cd4a1b080209a\"\u003e\u003ccode\u003e5ed259f\u003c/code\u003e\u003c/a\u003e Prepare 7.3.0-SNAPSHOT builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eclipse-jgit/jgit/commit/340f99cab223f289b7d3b730f19f5818c7f84a1c\"\u003e\u003ccode\u003e340f99c\u003c/code\u003e\u003c/a\u003e JGit v7.3.0.202505281347-rc1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eclipse-jgit/jgit/compare/v7.0.1.202505221510-r...v7.3.0.202506031305-r\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `software.amazon.awssdk:bom` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3-transfer-manager` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sts` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudfront` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudformation` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:elastictranscoder` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:mediaconvert` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sso` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:ssooidc` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:s3-transfer-manager` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sts` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudfront` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:cloudformation` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:elastictranscoder` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:mediaconvert` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:sso` from 2.31.77 to 2.31.78\n\nUpdates `software.amazon.awssdk:ssooidc` from 2.31.77 to 2.31.78\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/craftercms/craftercms/pull/8258","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/craftercms%2Fcraftercms/issues/8258","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8258/packages"}},{"old_version":"2.1.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-09T19:03:04.000Z","version_change":"2.1.0.1 → 2.6.0.0","issue":{"uuid":"2653734566","node_id":"PR_kwDOMQIoAM6eLMam","number":3,"state":"open","title":"Bump the maven group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-09T19:03:04.000Z","updated_at":"2025-07-09T19:03:05.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":2,"packages":[{"name":"org.apache.derby:derby","old_version":"10.8.3.0","new_version":"10.17.1.0"},{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 2 updates in the / directory: org.apache.derby:derby and [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy).\n\nUpdates `org.apache.derby:derby` from 10.8.3.0 to 10.17.1.0\n\nUpdates `org.owasp.esapi:esapi` from 2.1.0.1 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravisinghrajput95%2Feasybuggy-vulnerable-application/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"2.4.0.0","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-09T18:45:51.000Z","version_change":"2.4.0.0 → 2.6.0.0","issue":{"uuid":"2653695074","node_id":"PR_kwDOGiLTdM6eLCxi","number":19,"state":"open","title":"Bump the maven group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-09T18:45:51.000Z","updated_at":"2025-07-09T18:45:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":7,"packages":[{"name":"ch.qos.logback:logback-classic","old_version":"1.2.3","new_version":"1.2.13","repository_url":"https://github.com/qos-ch/logback"},{"name":"org.apache.poi:poi-ooxml","old_version":"5.0.0","new_version":"5.4.0"},{"name":"org.jsoup:jsoup","old_version":"1.14.2","new_version":"1.15.3","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.owasp.esapi:esapi","old_version":"2.4.0.0","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"},{"name":"org.json:json","old_version":"20210307","new_version":"20231013","repository_url":"https://github.com/douglascrockford/JSON-java"},{"name":"commons-io:commons-io","old_version":"2.7","new_version":"2.14.0"},{"name":"commons-fileupload:commons-fileupload","old_version":"1.3.3","new_version":"1.6.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.2.3` | `1.2.13` |\n| org.apache.poi:poi-ooxml | `5.0.0` | `5.4.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.14.2` | `1.15.3` |\n| [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.4.0.0` | `2.6.0.0` |\n| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20210307` | `20231013` |\n| commons-io:commons-io | `2.7` | `2.14.0` |\n| commons-fileupload:commons-fileupload | `1.3.3` | `1.6.0` |\n\n\nUpdates `ch.qos.logback:logback-classic` from 1.2.3 to 1.2.13\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/2648b9e7fbb47426c89b9c93b411c07484e8f277\"\u003e\u003ccode\u003e2648b9e\u003c/code\u003e\u003c/a\u003e prepare release 1.2.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/bb095154be011267b64e37a1d401546e7cc2b7c3\"\u003e\u003ccode\u003ebb09515\u003c/code\u003e\u003c/a\u003e fix CVE-2023-6378\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/45732949bfb845df04cbe65292cf48aaa090cb1d\"\u003e\u003ccode\u003e4573294\u003c/code\u003e\u003c/a\u003e start work on 1.2.13-SNAPSHOT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/a388193052c298ca87cc64192319df723288c6ab\"\u003e\u003ccode\u003ea388193\u003c/code\u003e\u003c/a\u003e Merge branch 'branch_1.2.x' of github.com:qos-ch/logback into branch_1.2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/de44dc422bc3da1d7808283851324d960b492d4d\"\u003e\u003ccode\u003ede44dc4\u003c/code\u003e\u003c/a\u003e prepare release 1.2.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/ca0cf172f680308938515b8a5d69348759ee947c\"\u003e\u003ccode\u003eca0cf17\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/532\"\u003e#532\u003c/a\u003e from joakime/fix-jetty-requestlog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e31609b1980b9ba986344aae3cab7275fa2b4935\"\u003e\u003ccode\u003ee31609b\u003c/code\u003e\u003c/a\u003e removed unused files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/21e29efb284766f386781175b2ba18585b690154\"\u003e\u003ccode\u003e21e29ef\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/567\"\u003e#567\u003c/a\u003e from spliffone/LOGBACK-1633\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e869000e1d5901e6aa6f46cc6575ee2137f15b69\"\u003e\u003ccode\u003ee869000\u003c/code\u003e\u003c/a\u003e fix: published POM file contain the wrong scm URL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/009ea46cb81a015f2ca312bde6e823581b93b37a\"\u003e\u003ccode\u003e009ea46\u003c/code\u003e\u003c/a\u003e version for next dev cycle\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/qos-ch/logback/compare/v_1.2.3...v_1.2.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.poi:poi-ooxml` from 5.0.0 to 5.4.0\n\nUpdates `org.jsoup:jsoup` from 1.14.2 to 1.15.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup 1.15.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.15.3\u003c/strong\u003e is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.\u003c/p\u003e\n\u003cp\u003eDetails:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003eSecurity advisory\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/news/release-1.15.3\"\u003eRelease notes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/download\"\u003eDownload\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ejsoup 1.15.2 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.2\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ejsoup 1.15.1 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.1\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.14.3\u003c/strong\u003e is out now, adding native \u003cstrong\u003eXPath\u003c/strong\u003e selector support, improved \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e support, and also includes a bunch of bug fixes, improvements, and performance enhancements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.3\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/blob/jsoup-1.15.3/CHANGES\"\u003eorg.jsoup:jsoup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ejsoup changelog\u003c/p\u003e\n\u003cp\u003eRelease 1.15.3 [2022-Aug-24]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if\nSafeList.preserveRelativeLinks is enabled.\n\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003ehttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the\noriginal parse.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the error messages output from Validate are more descriptive. Exceptions are now ValidationExceptions\n(extending IllegalArgumentException). Stack traces do not include the Validate class, to make it simpler to see\nwhere the exception originated. Common validation errors including malformed URLs and empty selector results have\nmore explicit error messages.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: the DataUtil would incorrectly read from InputStreams that emitted reads less than the requested size. This\nlead to incorrect results when parsing from chunked server responses, for e.g.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1807\"\u003ejhy/jsoup#1807\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBuild Improvement: added implementation version and related fields to the jar manifest.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1809\"\u003ejhy/jsoup#1809\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e*** Release 1.15.2 [2022-Jul-04]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added the ability to track the position (line, column, index) in the original input source from where\na given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange().\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1790\"\u003ejhy/jsoup#1790\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(),\nas convenient accessors to those child nodes and elements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning\na null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort\nprocessing if an expected match is not found.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1664\"\u003ejhy/jsoup#1664\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible,\nso that they are indented correctly.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1798\"\u003ejhy/jsoup#1798\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements\nby their simple local name, regardless of whether an xmlns attribute was set.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1801\"\u003ejhy/jsoup#1801\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not\nalready been parsed and must be read fully, and there is any maximum buffer size being applied, only the default\ninternal buffer size is read.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1774\"\u003ejhy/jsoup#1774\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c5964172763e1495786ad584c368ac3346d0ca8c\"\u003e\u003ccode\u003ec596417\u003c/code\u003e\u003c/a\u003e [maven-release-plugin] prepare release jsoup-1.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/d2d9ac341dbd48e75c6dd09c571216a81939604f\"\u003e\u003ccode\u003ed2d9ac3\u003c/code\u003e\u003c/a\u003e Changelog for URL cleaner improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/4ea768d96b3d232e63edef9594766d44597b3882\"\u003e\u003ccode\u003e4ea768d\u003c/code\u003e\u003c/a\u003e Strip control characters from URLs when resolving absolute URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/985f1fe13aa0b1d37c6f6f17a948fc240a03dcef\"\u003e\u003ccode\u003e985f1fe\u003c/code\u003e\u003c/a\u003e Include help link for malformed URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/6b67d05d883fdfe0f978d77d219e80324e0a223d\"\u003e\u003ccode\u003e6b67d05\u003c/code\u003e\u003c/a\u003e Improved Validate error messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/653da57a61dc6fcb5a94efb44f514239bdef8613\"\u003e\u003ccode\u003e653da57\u003c/code\u003e\u003c/a\u003e Normalized API doc link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5ed84f631e8889abc9b20ebcc898d053d77bb05d\"\u003e\u003ccode\u003e5ed84f6\u003c/code\u003e\u003c/a\u003e Simplified the Test Server startup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/c58112a2eddd630a4f6d76450034c1227ef5f842\"\u003e\u003ccode\u003ec58112a\u003c/code\u003e\u003c/a\u003e Set the read size correctly when capped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/fa13c8066b13f27a92d0057d55bf64e6d66ddff2\"\u003e\u003ccode\u003efa13c80\u003c/code\u003e\u003c/a\u003e Added jar manifest default implementation entries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/commit/5b193902029a453b95cfc8850d17e630079cf0a2\"\u003e\u003ccode\u003e5b19390\u003c/code\u003e\u003c/a\u003e Bump maven-resources-plugin from 3.2.0 to 3.3.0 (\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1814\"\u003e#1814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jhy/jsoup/compare/jsoup-1.14.2...jsoup-1.15.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.owasp.esapi:esapi` from 2.4.0.0 to 2.6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.4.0.0...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.json:json` from 20210307 to 20231013\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/douglascrockford/JSON-java/releases\"\u003eorg.json:json's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20231013\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/793\"\u003e#793\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eReverted \u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/792\"\u003e#792\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eupdate the docs for release 20231013\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/783\"\u003e#783\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eoptLong vs getLong inconsistencies\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/782\"\u003e#782\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd validity check for JSONObject constructors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/778\"\u003e#778\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/776\"\u003e#776\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate [JUnit to version 4.13.2\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/774\"\u003e#774\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRemoving unneeded synchronization\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/773\"\u003e#773\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd optJSONArray method to JSONObject with a default value\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/772\"\u003e#772\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eDisallow nested objects and arrays as keys in objects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/779\"\u003e#779\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUnit test cleanup\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/769\"\u003e#769\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAddressed Java 17 compile warnings\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/764\"\u003e#764\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate CodeQL action version\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/761\"\u003e#761\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eAdd module-info\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/759\"\u003e#759\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSON parsing should detect embedded \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/753\"\u003e#753\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdated new object methods\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/752\"\u003e#752\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFixes possible unit test bug when compiling/testing on Windows\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230618\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/749\"\u003e#749\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/749\"\u003ePrep for release 20230618\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/740\"\u003e#740\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/734\"\u003e#734\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/734\"\u003eFixed Flaky Tests Caused by JSON permutations\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/733\"\u003e#733\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/733\"\u003eJSONTokener implemented java.io.Closeable\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/731\"\u003e#731\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/731\"\u003eRemoving commented out code in JSONObject optDouble()\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/729\"\u003e#729\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/stleary/JSON-java/pull/729\"\u003eRefactor ParserConfiguration class hierarchy\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20230227\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/723\"\u003e#723\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eProtect JSONML from stack overflow exceptions caused by recursion\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/720\"\u003e#720\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eLimit the XML nesting depth for CVE-2022-45688\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/711\"\u003e#711\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRevert pull 707 - interviewbit spam\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/704\"\u003e#704\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eMove javadoc comments above the interface definition to make it visible\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/703\"\u003e#703\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate Releases.md for JSONObject(Map): Throws NPE if key is null\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/696\"\u003e#696\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate JSONPointerTest for NonDex compatibility\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/694\"\u003e#694\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePretty print XML\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/692\"\u003e#692\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eExample.md syntax highlight and indentation\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/691\"\u003e#691\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eCreate unit tests for various number formats\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e20220924\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePull Request\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/688\"\u003e#688\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eUpdate copyright to Public Domain\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/687\"\u003e#687\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eFix a typo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://redirect.github.com/douglascrockford/JSON-java/issues/685\"\u003e#685\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eJSONObject map type unit tests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md\"\u003eorg.json:json's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e20231013    First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.\u003c/p\u003e\n\u003cp\u003e20230618    Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.\u003c/p\u003e\n\u003cp\u003e20230227    Fix for CVE-2022-45688 and recent commits\u003c/p\u003e\n\u003cp\u003e20220924    New License - public domain, and some minor updates\u003c/p\u003e\n\u003cp\u003e20220320    Wrap StackOverflow with JSONException\u003c/p\u003e\n\u003cp\u003e20211205    Recent commits and some bug fixes for similar()\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/douglascrockford/JSON-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-io:commons-io` from 2.7 to 2.14.0\n\nUpdates `commons-fileupload:commons-fileupload` from 1.3.3 to 1.6.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/DWSurvey/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/DWSurvey/pull/19","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2FDWSurvey/issues/19","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/19/packages"}},{"old_version":"2.1.0.1","new_version":"2.6.0.0","update_type":"minor","path":null,"pr_created_at":"2025-07-02T05:47:06.000Z","version_change":"2.1.0.1 → 2.6.0.0","issue":{"uuid":"2634359652","node_id":"PR_kwDOMQIoAM6dBSNk","number":2,"state":"closed","title":"Bump org.owasp.esapi:esapi from 2.1.0.1 to 2.6.0.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-09T19:03:09.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-07-02T05:47:06.000Z","updated_at":"2025-07-09T19:03:09.000Z","time_to_close":652563,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.1.0.1","new_version":"2.6.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.1.0.1 to 2.6.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.6.0.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.6.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreparation for ESAPI release 2.6.0.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/860\"\u003eESAPI/esapi-java-legacy#860\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.5.0...esapi-2.6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;\u003cstrong\u003eesapi-2.6.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.5.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.5.5.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.5.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePom updates to address issue \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/847\"\u003e#847\u003c/a\u003e by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/848\"\u003eESAPI/esapi-java-legacy#848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the logging properties to opt-out of the prefix events \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/844\"\u003e#844\u003c/a\u003e by \u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Typos by \u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation by \u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease prep 2.5.5.0 by \u003ca href=\"https://github.com/kwwall\"\u003e\u003ccode\u003e@​kwwall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/856\"\u003eESAPI/esapi-java-legacy#856\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickeyz07\"\u003e\u003ccode\u003e@​mickeyz07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/845\"\u003eESAPI/esapi-java-legacy#845\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DarioViva42\"\u003e\u003ccode\u003e@​DarioViva42\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/852\"\u003eESAPI/esapi-java-legacy#852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DebajitKumarPhukan\"\u003e\u003ccode\u003e@​DebajitKumarPhukan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/pull/853\"\u003eESAPI/esapi-java-legacy#853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.5.4.0...esapi-2.5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;esapi-2.5.5.0-configuration.jar\u0026quot; contains the default ESAPI configuration\nfiles under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file\n\u0026quot;esapi-2.5.5.0-configuration.jar.asc\u0026quot; is a GPG signature of that jar file made by Kevin W. Wall.\u003c/p\u003e\n\u003ch2\u003e2.5.4.0\u003c/h2\u003e\n\u003ch1\u003eFull release notes\u003c/h1\u003e\n\u003cp\u003eFull release notes for ESAPI release 2.5.4.0 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.4.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt contains important details, which you need to read as you \u003cstrong\u003eMUST\u003c/strong\u003e remove (or rename) 'esapi-java-logging.properties' if you are using ESAPI's default logging, which is JUL. Otherwise ESAPI will throw a \u003ccode\u003eConfigurationException\u003c/code\u003e (which may appear as a \u003ccode\u003ejava.lang.ExceptionInInitializerError\u003c/code\u003e or as a \u003ccode\u003ejava.lang.NoClassDefFoundError\u003c/code\u003e, depending on circumstances). Please refer to the \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/wiki/Configuring-the-JavaLogFactory\"\u003e\u0026quot;Configuring the JavaLogFactory\u0026quot; wiki page\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eYOU HAVE BEEN WARNED!!!\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/dcde6c2362654b6f4af2b7daa96ef44c16c5763d\"\u003e\u003ccode\u003edcde6c2\u003c/code\u003e\u003c/a\u003e A few minor documentation fixes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/5a10f77aedd790dd8ae828f090807d1ee32f11f0\"\u003e\u003ccode\u003e5a10f77\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Minor change to release steps document.\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/8b9f8f191125a19f4d258c03ec56b93ef5b54d6e\"\u003e\u003ccode\u003e8b9f8f1\u003c/code\u003e\u003c/a\u003e Minor change to release steps document.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4698c43f469a08d1a2377b164822582aefd701af\"\u003e\u003ccode\u003e4698c43\u003c/code\u003e\u003c/a\u003e Bump release to new official release number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f185e5bd75270ad6f7eb54c22ef8a0fdfa0a83e7\"\u003e\u003ccode\u003ef185e5b\u003c/code\u003e\u003c/a\u003e Preparation for ESAPI release 2.6.0.0 (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/860\"\u003e#860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0b0f86cc220482987d56f0d5fd1cfc13ae7ebceb\"\u003e\u003ccode\u003e0b0f86c\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/4879a085034e6cf4068ef5117d933d80a1fa34b3\"\u003e\u003ccode\u003e4879a08\u003c/code\u003e\u003c/a\u003e Modifying pom.xml for next planned release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/3f2ff053269572dceef78bdefe3b8c3ecfd83076\"\u003e\u003ccode\u003e3f2ff05\u003c/code\u003e\u003c/a\u003e Fix release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/19b739a02962ae0a1e7f3a7ec3411c55e7ebf071\"\u003e\u003ccode\u003e19b739a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/856\"\u003e#856\u003c/a\u003e from kwwall/release-prep-2.5.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a160de070ad02b5308ae27d2f3d638d92fd4c2d3\"\u003e\u003ccode\u003ea160de0\u003c/code\u003e\u003c/a\u003e Update section on commit / PR history.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.1.0.1...esapi-2.6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.1.0.1\u0026new-version=2.6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ravisinghrajput95/easybuggy-vulnerable-application/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravisinghrajput95%2Feasybuggy-vulnerable-application/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"2.6.2.0","new_version":"2.7.0.0","update_type":"minor","path":null,"pr_created_at":"2025-06-30T23:32:19.000Z","version_change":"2.6.2.0 → 2.7.0.0","issue":{"uuid":"2630419390","node_id":"PR_kwDOPEkXNM6cyQO-","number":4,"state":"open","title":"Bump org.owasp.esapi:esapi from 2.6.2.0 to 2.7.0.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-30T23:32:19.000Z","updated_at":"2025-06-30T23:32:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.owasp.esapi:esapi","old_version":"2.6.2.0","new_version":"2.7.0.0","repository_url":"https://github.com/ESAPI/esapi-java-legacy"}],"path":null,"ecosystem":"maven"},"body":"Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.6.2.0 to 2.7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/releases\"\u003eorg.owasp.esapi:esapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eesapi-2.7.0.0\u003c/h2\u003e\n\u003ch2\u003eFull Release Notes\u003c/h2\u003e\n\u003cp\u003eRelease notes for ESAPI release 2.7.00 are located at:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.7.0.0-release-notes.txt\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis is a \u003cstrong\u003e\u003cem\u003emajor\u003c/em\u003e\u003c/strong\u003e patch release with the primary intent of addressing \u003cstrong\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2025-5878\"\u003eCVE-2025-5878\u003c/a\u003e\u003c/strong\u003e, the details of which are spelled out in [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003eMajor Javadoc enhancements, corrections, and clarifications.\u003c/li\u003e\n\u003cli\u003eDeprecated methods, interfaces, and classes.\u003c/li\u003e\n\u003cli\u003eThe reference implementation for the \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface is now disabled by default and must be explicitly enabled if you absolutely much use it. (\u003cstrong\u003eWARNING\u003c/strong\u003e: You shouldn't!) Instructions on how to enable it are provided in Appendix B of  [Security Bulletin \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/13\"\u003e#13\u003c/a\u003e](\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin13.pdf\u003c/a\u003e). You will find the updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file in the configuration jar helpful.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eThis release also updates Apache Commons FileUploads to 1.6.0 to address CVE-2025-48976. That CVE likely does not affect the \u003ccode\u003eHTTP.getFileUloads\u003c/code\u003e interfaces (which is the only methods that use that library), but we have not had time to analyze it fully given the CVE cited against ESAPI.\u003c/li\u003e\n\u003cli\u003eApache Commons BeanUtils was also updated to 1.11.0 to address CVE-2025-48734 which potentially could anyone using ESAPI's AccessController and has placed their access control policy in a place where an attacker may be overwrite it. That is highly unlikely, but better safe than sorry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ehttps://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eConfiguration Jar\u003c/h2\u003e\n\u003cp\u003eNote the associated file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar\u003c/strong\u003e\u0026quot; contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file \u0026quot;\u003cstrong\u003eesapi-2.7.0.0-configuration.jar.asc\u0026quot;\u003c/strong\u003e is a GPG signature of that jar file made by Kevin W. Wall.  If you were using ESAPI's \u003ccode\u003eEncoder.encodeForSQL\u003c/code\u003e interface, you will want to use its updated \u003cstrong\u003eESAPI.properties\u003c/strong\u003e file.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41\"\u003e\u003ccode\u003e0fa4c0f\u003c/code\u003e\u003c/a\u003e Remove '-SNAPSHOT' from release # to prep official release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/f75ac2c2647a81d2cfbdc9c899f8719c240ed512\"\u003e\u003ccode\u003ef75ac2c\u003c/code\u003e\u003c/a\u003e Merging Private Branch contents from Kevin's Repo.   (\u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/e2322914304d9b1c52523ff24be495b7832f6a56\"\u003e\u003ccode\u003ee232291\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ESAPI/esapi-java-legacy/issues/886\"\u003e#886\u003c/a\u003e from kwwall/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/23a2b7666186afdc004a9e01eec5da593e85d172\"\u003e\u003ccode\u003e23a2b76\u003c/code\u003e\u003c/a\u003e Added Javadoc to encodeForSQL method regarding how to enabled it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/01297409b786075686c6738fdf0355edad427a6c\"\u003e\u003ccode\u003e0129740\u003c/code\u003e\u003c/a\u003e Added 2 new field names whose values are the 2 new property names.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/eb425bbb831c68321d169d3ac5f84ddf9dfc189d\"\u003e\u003ccode\u003eeb425bb\u003c/code\u003e\u003c/a\u003e New property file for testing DefaultEncoder.encodeForSQL when it's\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/844eb0c6fd077b6299604838bfc67fd6c658e6eb\"\u003e\u003ccode\u003e844eb0c\u003c/code\u003e\u003c/a\u003e Add missing newline.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/a10e323dcde635f40d15c875253084a7669175e8\"\u003e\u003ccode\u003ea10e323\u003c/code\u003e\u003c/a\u003e hanged the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/06d0ff2e540ef37077822273e1957b50beaa8ff7\"\u003e\u003ccode\u003e06d0ff2\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek property names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/commit/61de71f70081f204b915e95d186c702509cbf857\"\u003e\u003ccode\u003e61de71f\u003c/code\u003e\u003c/a\u003e Changed the tongue-in-cheek propert names to the actual ones we are using.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.6.2.0...esapi-2.7.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.owasp.esapi:esapi\u0026package-manager=maven\u0026previous-version=2.6.2.0\u0026new-version=2.7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stefan923/code-scanner-benchmark-ci/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stefan923%2Fcode-scanner-benchmark-ci/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}}]}