Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.41.0

New checks:

• EffectivelyPrivate: Detect declarations that have public or protected modifiers, but are effectively private

Changes:

• Skip BooleanLiteral findings if the target type is boxed (#5134)

Full changelog: https://github.com/google/error-prone/compare/v2.40.0...v2.41.0

Error Prone 2.40.0

Changes:

• Bug fixes and improvements
• Releases (including snapshots) have migrated from OSSRH to the Central Publisher Portal

Full changelog: https://github.com/google/error-prone/compare/v2.39.0...v2.40.0

Error Prone 2.39.0

Changes:

• Temporarily downgrade to Guava 33.4.0 (#5108)

Checks:

• BooleanLiteral: Prefer true to Boolean.TRUE
• ExpensiveLenientFormatString: Renamed from PreconditionsExpensiveString, detects unnecessary calls to String.format in the arguments of lenient formatting methods.
• UnnecessaryQualifier: Detects @Qualifier or @BindingAnnotation annotations that have no effect, and can be removed

Issues: #4996, #5045

Full changelog: https://github.com/google/error-prone/compare/v2.38.0...v2.39.0

• d6539d6 Release Error Prone 2.41.0
• 6161d4e Skip BooleanLiteral findings if the target type is boxed
• 98d83bf Avoid touching parameters of @Subscribe methods.
• 13d46e7 Refactor to use WellKnownKeep
• ef33eee Fix a println statement left over from https://github.com/google/error-prone/...
• ce784a9 Detect non-private, non-override methods in anonymous classes
• 43759cd Recognise com.google.common.inject.components.OtherRequiredBindings as an i...
• ef5073b UnnecessaryQualifier: don't fire on interfaces, in deference to Dagger.
• 3d7b585 TruthIncompatibleType support for MultisetSubject#hasCount.
• b5c6175 Add a test confirming external #5151.
• Additional commits viewable in compare view

Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.

3.6.1

🚀 New features and improvements

• Improve performance of transitive dependency checks (#904) @​harrisric

🐛 Bug Fixes

• Fix NPE when a classifier part is specified in bannedDependencies (#905) @​harrisric

📝 Documentation updates

• Move contributing information into README (#911) @​slawekjaranowski
• Rewrite CONTRIBUTING.md to use the Github issue tracker instead of JIRA (#898) @​elharo

👻 Maintenance

• Remove unused javax.annotations dependency (#899) @​elharo
• Remove unused methods (#900) @​elharo
• Remove the from parameter names (#901) @​elharo
• Fix a grab bag of typos and minor grammar errors (#897) @​elharo
• remove unneeded contains check as add already does that (#896) @​elharo

📦 Dependency updates

• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#910) @dependabot[bot]

3.6.0

🚀 New features and improvements

• Warning about old enforcer api in rule implementation (#894) @​slawekjaranowski
• Introduce ruleName for rules configuration (#893) @​slawekjaranowski
• Improve performance of BannedPlugins and RequireReleaseDeps (#371) @​harrisric
• Enforce size bounds recursively on directory content (#368) @​zabetak
• Improve the performance of BannedDependencies (#367) @​harrisric
• [MENFORCER-516] - Use rule configuration in POM when executed from CLI (#344) @​bpfoster
• [MENFORCER-508] - Add option to enforce same versions among Maven modules (#328) @​kwin
• [MENFORCER-507] - Add xsltLocation parameter to ExternalRules (#322) @​ppalaga

🐛 Bug Fixes

• RequireSameVersions rule: consider entries in <plugins> when analyzing build- and report-plugins (#892) @​turing85
• [MENFORCER-495] - Remove "JAVA_HOME" from rule violation message (#346) @​elharo

📝 Documentation updates

• Improve example of custom rule (#890) @​slawekjaranowski
• Make documentation explicit about java versions for custom rules (#370) @​harrisric
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#351) @​Bukama

... (truncated)

• 9b9b705 [maven-release-plugin] prepare release enforcer-3.6.1
• 469f45c Move contributing information into README - fix cla link
• fec424a Move contributing information into README
• 3abe11d Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#910)
• d58be76 Improve performance of transitive dependency checks (#904)
• 1f7ac3c null analysis (#907)
• 3bfbff8 Fix some typos
• 8da0311 Remove unused javax.annotations dependency (#899)
• 06bcf29 Remove unused methods (#900)
• b25c800 Fix NPE when a classifier part is specified but an artifact classifier is nul...
• Additional commits viewable in compare view

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v2.46.1

Fixed

• spotless:install-git-pre-push-hook didn't work on windows, now fixed. (#2562)

Maven Plugin v2.46.0

Added

• Allow specifying path to Biome JSON config file directly in biome step. Requires biome 2.x. (#2548)
• spotless:install-git-pre-push-hook goal, which installs a Git pre-push hook to run spotless:check and spotless:apply. (#2553)

Changed

• Bump default gson version to latest 2.11.0 -> 2.13.1. (#2414)
• Bump default jackson version to latest 2.18.1 -> 2.19.2. (#2558)
• Bump default gherkin-utils version to latest 9.0.0 -> 9.2.0. (#2408)
• Bump default cleanthat version to latest 2.22 -> 2.23. (#2556)

Maven Plugin v2.45.0

Added

• Support for idea (#2020, #2535)
• Add support for removing wildcard imports via removeWildcardImports step. (#2517)

Fixed

• SortPom disable expandEmptyElements, to avoid empty body warnings. (#2520)
• Fix biome formatter for new major release 2.x of biome (#2537)
• Make sure npm-based formatters use the correct node_modules directory when running in parallel. (#2542)

Changed

• Bump internal dependencies for npm-based formatters (#2542)

Changed

• scalafmt: enforce version consistency between the version configured in Spotless and the version declared in Scalafmt config file (#2460)

Maven Plugin v2.44.5

Changed

• Bump default eclipse version to latest 4.34 -> 4.35. (#2458)
• Bump default greclipse version to latest 4.32 -> 4.35. (#2458)
• pgp key had expired, this and future releases will be signed by new key (details)

• 0572107 Published maven/2.46.1
• 9e11c9d Published gradle/7.2.1
• 314418c Published lib/3.3.1
• 5e9df11 Windows Compatibility Fix for Git Pre-push Hook (#2562)
• 24ca3bc We should run CI for PRs against release also.
• 222085b Update changelogs.
• 776f7d1 execute pre-push hook
• b8e80bc tests fix
• 1042742 spotlessApply
• 4cf8137 git pre push hook windows fix
• Additional commits viewable in compare view

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.8

🐛 Bug Fixes

• Make empty classifier null (not empty string) (#287) @​cstamas

📝 Documentation updates

• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#129) @​Bukama
• Describe how to prime a specific GPG key (#128) @​kwin

👻 Maintenance

• Enable GitHub issues (#134) @​Bukama
• Prefer Guice constructor injection (#126) @​elharo

📦 Dependency updates

• Update parent POM to 45 (#284) @​cstamas
• Bump bouncycastleVersion from 1.78.1 to 1.80 (#127) @dependabot[bot]
• Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125) @dependabot[bot]
• Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1 (#131) @dependabot[bot]
• Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#124) @dependabot[bot]

• 8a46455 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.8
• 7012821 Fix issueManagement, ciManagement system and url
• a9a8c84 Make empty classifier null (not empty string) (#287)
• a8368b0 Add .mvn
• f0e45e0 Update parent POM to 45 (#284)
• cb1236c Bump bouncycastleVersion from 1.78.1 to 1.80 (#127)
• 5377a10 Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133)
• 8b63932 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125)
• 54ea518 Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1
• a6a412d Remove old JIRA issue link
• Additional commits viewable in compare view

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.41.0

New checks:

• EffectivelyPrivate: Detect declarations that have public or protected modifiers, but are effectively private

Changes:

• Skip BooleanLiteral findings if the target type is boxed (#5134)

Full changelog: https://github.com/google/error-prone/compare/v2.40.0...v2.41.0

Error Prone 2.40.0

Changes:

• Bug fixes and improvements
• Releases (including snapshots) have migrated from OSSRH to the Central Publisher Portal

Full changelog: https://github.com/google/error-prone/compare/v2.39.0...v2.40.0

Error Prone 2.39.0

Changes:

• Temporarily downgrade to Guava 33.4.0 (#5108)

Checks:

• BooleanLiteral: Prefer true to Boolean.TRUE
• ExpensiveLenientFormatString: Renamed from PreconditionsExpensiveString, detects unnecessary calls to String.format in the arguments of lenient formatting methods.
• UnnecessaryQualifier: Detects @Qualifier or @BindingAnnotation annotations that have no effect, and can be removed

Issues: #4996, #5045

Full changelog: https://github.com/google/error-prone/compare/v2.38.0...v2.39.0

• d6539d6 Release Error Prone 2.41.0
• 6161d4e Skip BooleanLiteral findings if the target type is boxed
• 98d83bf Avoid touching parameters of @Subscribe methods.
• 13d46e7 Refactor to use WellKnownKeep
• ef33eee Fix a println statement left over from https://github.com/google/error-prone/...
• ce784a9 Detect non-private, non-override methods in anonymous classes
• 43759cd Recognise com.google.common.inject.components.OtherRequiredBindings as an i...
• ef5073b UnnecessaryQualifier: don't fire on interfaces, in deference to Dagger.
• 3d7b585 TruthIncompatibleType support for MultisetSubject#hasCount.
• b5c6175 Add a test confirming external #5151.
• Additional commits viewable in compare view

Sourced from biz.aQute.bnd:bnd-maven-plugin's releases.

Bnd/Bndtools 7.1.0

See Release Notes.

Bnd/Bndtools 7.0.0

This is the first release on Java 17.

See Release Notes.

Classic Bndtools/bnd 6.4.1 (only runtime bundles, no plugins)

This is not a full release! It is maintained as a line for security and important fixes of the runtime bundles on Java 1.8.

See https://github.com/bndtools/bnd/wiki/Changes-in-6.4.1-classic

• 47e504d Build Release 7.1.0
• c3ff149 build: Build release 7.1.0.RC1
• 2fc3187 Merge pull request #6363 from laeubi/process_with_conditional_package
• cd347e1 Merge pull request #6365 from bndtools/dependabot/github_actions/ruby/setup-r...
• 9aa57ef Bump ruby/setup-ruby from 1.201.0 to 1.202.0
• ec0fea7 Merge pull request #6361 from bndtools/dependabot/github_actions/github/codeq...
• 3962626 Add testcase for conditional packages with bnd-process
• fe9a874 Bump github/codeql-action from 3.27.0 to 3.27.1
• e3c95f8 Merge pull request #6360 from pkriens/issue/6346-gradle-reference-to-project-...
• aac9271 Added a method to get the Macro references from a Processor
• Additional commits viewable in compare view

Sourced from org.moditect:moditect-maven-plugin's releases.

1.3.0.Final

Changelog

🚀 Features

• 4e56341 Use maven-archiver to parse ouputTimestamp
• f9bd055 Reduce code duplication in AddModuleInfoTest

🐛 Fixes

• 634740e Generate multi-release directory JAR entries

🛠 Build

• 5cdd34c Update plugins from parent
• 68618b5 Update changelog configuration
• 0999060 Update release configuration

⚙️ Dependencies

• 2d60d8f Update jcommander to 2.0
• 00abb5b Update build-helper-maven-plugin to 3.6.1
• ab40c70 Update maven-shade-plugin to 3.6.0
• 0fed58f Update maven-plugin-plugin to 3.15.1
• 9e22a5e Update slf4j-api to 2.0.17
• 6c0ded3 Update assertj to 3.27.3
• d21270f Update guava to 33.4.8-jre
• ac7582f Update checker-qual to 3.49.5
• 51e2582 Update javaparser to 3.27.0

---

• 0053e2b Releasing version 1.3.0.Final
• 0de5521 Releasing version 1.3.0
• 8a34717 Use maven-archiver to parse ouputTimestamp
• 8e5fbdb Generate multi-release directory JAR entries
• 2bd52fe Reduce code duplication in AddModuleInfoTest
• 0725a88 Next version 1.3.0-SNAPSHOT
• 1909942 Releasing version 1.2.2.Final

Contributors

We'd like to thank the following people for their contributions:

• Andres Almiray (@​aalmiray)
• Fridrich Štrba (@​fridrich)
• Marcono1234 (@​Marcono1234)

• 0053e2b Releasing version 1.3.0.Final
• 4c86fb8 Merge pull request #264 from aalmiray/main
• 5cdd34c build: Update plugins from parent
• 68618b5 build: Update changelog configuration
• 2d60d8f deps: Update jcommander to 2.0
• 00abb5b deps: Update build-helper-maven-plugin to 3.6.1
• ab40c70 deps: Update maven-shade-plugin to 3.6.0
• 0fed58f deps: Update maven-plugin-plugin to 3.15.1
• 9e22a5e deps: Update slf4j-api to 2.0.17
• 6c0ded3 deps: Update assertj to 3.27.3
• Additional commits viewable in compare view

Sourced from org.junit:junit-bom's releases.

JUnit 5.13.4 = Platform 1.13.4 + Jupiter 5.13.4 + Vintage 5.13.4

See Release Notes.

Full Changelog: https://github.com/junit-team/junit-framework/compare/r5.13.3...r5.13.4

JUnit 5.13.3 = Platform 1.13.3 + Jupiter 5.13.3 + Vintage 5.13.3

See Release Notes.

Full Changelog: https://github.com/junit-team/junit-framework/compare/r5.13.2...r5.13.3

JUnit 5.13.2 = Platform 1.13.2 + Jupiter 5.13.2 + Vintage 5.13.2

See Release Notes.

Full Changelog: https://github.com/junit-team/junit-framework/compare/r5.13.1...r5.13.2

JUnit 5.13.1 = Platform 1.13.1 + Jupiter 5.13.1 + Vintage 5.13.1

See Release Notes.

Full Changelog: https://github.com/junit-team/junit5/compare/r5.13.0...r5.13.1

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336
• @​hanszt made their first contribution in junit-team/junit5#3377
• @​ngocnhan-tran1996 made their first contribution in junit-team/junit5#4545

Full Changelog: https://github.com/junit-team/junit5/compare/r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

• @​hanszt made their first contribution in junit-team/junit5#3377

Full Changelog: https://github.com/junit-team/junit5/compare/r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: https://github.com/junit-team/junit5/compare/r5.13.0-M2...r5.13.0-M3

... (truncated)

• 8a21048 Release 5.13.4
• 9a38789 Finalize 5.13.4 release notes
• 458325c Log only once per implementation type for CloseableResource types
• 976a110 Protect against potential problems when converting file-based selectors
• e94f728 Allow default package for PackageSource
• b60fecf Fail on classpath resource names that are blank after removing leading /
• 6378c88 Remove java.* packages from Import-Package headers in all jars (#4738)
• 1a360f3 Create initial 5.13.4 release notes from template
• 806fc9a Document #4689 in release notes
• 1653839 Document #4686 in release notes
• Additional commits viewable in compare view

Sourced from org.graalvm.buildtools:native-maven-plugin's releases.

0.11.0

What's Changed

• Replace broken quickstart links with the end-to-end walkthroughs by @​sschuberth in graalvm/native-build-tools#704
• Re-enable SBOM integration tests by @​rudsberg in graalvm/native-build-tools#713
• Update regex pattern in SBOM integration test by @​rudsberg in graalvm/native-build-tools#717
• Add proivded dependencies on classpath by @​dnestoro in graalvm/native-build-tools#714
• [GR-60258] Refactor JUnit feature by @​dnestoro in graalvm/native-build-tools#693
• Bump minimal Java version to 17 by @​melix in graalvm/native-build-tools#725
• Add missing JUnit 5.13.0 types to initialize-at-build-time classes by @​marcphilipp in graalvm/native-build-tools#728
• Fixed table appearance by @​Y-Shcheholskyy in graalvm/native-build-tools#730
• Fix typo of MetadataCopyMojo by @​linghengqian in graalvm/native-build-tools#736
• Experimental support for layered images by @​melix in graalvm/native-build-tools#719
• Add test for @​ParameterizedClass by @​marcphilipp in graalvm/native-build-tools#723
• chore: remove unused imports in NativeTestMojo.java by @​dev-jonghoonpark in graalvm/native-build-tools#737
• Add support for running integration tests with Maven by @​dnestoro in graalvm/native-build-tools#740
• Add runtimeArgs support to native-maven-plugin by @​linghengqian in graalvm/native-build-tools#734
• Update the .sdkmanrc of the master branch by @​linghengqian in graalvm/native-build-tools#733
• Avoid Adding Duplicated JUnit Entries on Classpath by @​dnestoro in graalvm/native-build-tools#712
• Prepare repository for release 0.11.0 by @​dnestoro in graalvm/native-build-tools#741

New Contributors

• @​sschuberth made their first contribution in graalvm/native-build-tools#704
• @​marcphilipp made their first contribution in graalvm/native-build-tools#728
• @​dev-jonghoonpark made their first contribution in graalvm/native-build-tools#737

Full Changelog: https://github.com/graalvm/native-build-tools/compare/0.10.6...0.11.0

• 5ac6a5f release 0.11.0
• ecbe232 Adjust changelog sections
• 9c33eae Update various versions used in documentation examples
• 439fa9d Add changelog entries
• 8f2846d Update reachability metadata version
• 4e3a9c8 Avoid Adding Duplicated JUnit Entries on Classpath (#712)
• 424126c Update the .sdkmanrc of the master branch
• fe96912 Add runtimeArgs support to native-maven-plugin
• ad0e84c Add changelog entry for running integration tests with failsafe plugin
• 05d7e00 Add tests for integration test support
• Additional commits viewable in compare view

Sourced from org.codehaus.mojo:exec-maven-plugin's releases.

3.5.1

🐛 Bug Fixes

• Add ClassLoader support for ASM ClassWriter (#472) @​slawekjaranowski

📦 Dependency updates

• Bump org.codehaus.mojo:mojo-parent from 88 to 89 (#475) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 87 to 88 (#474) @dependabot[bot]
• Bump org.apache.commons:commons-exec from 1.4.0 to 1.5.0 (#473) @dependabot[bot]
• Bump commons-io:commons-io from 2.7 to 2.14.0 in /src/test/projects/project6/project5lib (#470) @dependabot[bot]
• Bump commons-io:commons-io from 2.7 to 2.14.0 in /src/test/projects/project1 (#468) @dependabot[bot]
• Bump asm.version from 9.7.1 to 9.8 (#467) @dependabot[bot]
• Bump commons-io:commons-io from 2.7 to 2.14.0 in /src/test/projects/project2 (#465) @dependabot[bot]
• Bump commons-io:commons-io from 2.7 to 2.14.0 in /src/test/projects/project14 (#464) @dependabot[bot]
• Bump commons-io:commons-io from 2.7 to 2.14.0 in /src/test/projects/project3 (#463) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 86 to 87 (#460) @dependabot[bot]

👻 Maintenance

• Fix ITs for Maven 4 rc-3 (#462) @​slawekjaranowski
• Document how to use env vars in commandlineArgs (#459) @​cpfeiffer

• bd1f6f7 [maven-release-plugin] prepare release 3.5.1
• ac27173 Bump org.codehaus.mojo:mojo-parent from 88 to 89
• 1ed0f42 Bump org.codehaus.mojo:mojo-parent from 87 to 88 (#474)
• d221e23 Bump org.apache.commons:commons-exec from 1.4.0 to 1.5.0
• 42bc369 Add ClassLoader support for ASM ClassWriter
• f4e8634 Bump commons-io:commons-io in /src/test/projects/project6/project5lib
• 303978c Bump commons-io:commons-io in /src/test/projects/project1
• fc7ccf0 Bump asm.version from 9.7.1 to 9.8
• f544485 Bump commons-io:commons-io in /src/test/projects/project2
• d0fffa5 Bump commons-io:commons-io in /src/test/projects/project14
• Additional commits viewable in compare view

• See full diff in compare view

• 74211c0 Updating version.json and repo version numbers to: 31.1
• 63fa9ab Merge pull request #21978 from shaod2/31.1-cp
• bec5b5a Add missing copts attribute (#21982)
• 96a9ef6 Fix cmake staleness test
• 3419598 Support allowing late injection of language feature set defaults from Feature...
• 0fe099a python pyi print "import datetime" for Duration/Timestamp field (#21885)
• f156008 Merge pull request #21861 from shaod2/py-cp-31
• a3921fb Add recursion depth limits to pure python
• ac94456 Merge pull request #21744 from protocolbuffers/31.x-202505141617
• f275995 Updating version.json and repo version numbers to: 31.1-dev
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions