Skip to content

build(deps): bump org.json:json from 20211205 to 20260522#384

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/org.json-json-20260522
Open

build(deps): bump org.json:json from 20211205 to 20260522#384
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/org.json-json-20260522

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026

Bumps org.json:json from 20211205 to 20260522.

Release notes

Sourced from org.json:json's releases.

20260522

Pull Request Description
#1054 pre-release-20260522 prep for next release
#1053 update security.md with key data
#1046 Validate XML numeric character references before string construction
#1044 Ignore static fields in JSONObject.fromJson()
#1041 Enhance README with license clarification
#1039 Fix XML forceList parsing issue
#1038 Fix input validation in XMLTokener.unescapeEntity()
#1037 Fix ClassCastException in JSONML.toJSONArray and toJSONObject
#1029 add badge to external hosted javadoc
#1028 Refactoring: Fix sonarqube reliability issues
#1027 Save/restore default locale in test

20251224

Pull Request Description
#1021 Add LTS JDK 25 build to github actions
#1020 Record type support
#1017 Refactoring: Fix some SonarQube issues
#1014 Refactoring: String check logic in CDL
#1013 Refactoring: FIx Sonarqube issues in JSONArray
#1011 Refactoring: Fix SonarQube issues in JSONObject
#1009 Fix strict mode check for period after number
#1008 Fixed JSONArray strict mode check for leading comma
#1006 JSONObject.fromJson() with unit tests
#1005 Refactoring: Fix sonarQube issues in JSONObject
#1004 Refactoring: Fix sonarcube issues in JSONObject
#1001 Refactoring: sonarqube issues in JSONObject
#1000 Refactoring: Fix some sonarcube issues from recent commits
#999 fixed some strict mode issues
#995 Fix regression XML parsing null with keepStrings
#994 Add Jacoco option to build, restore method check in populateMap()
#993 Added JUnit tests for XMLTokenerTest
#992 Added JUnit test cases for HTTPTokener
#991 update CodeQL to v3
#990 Refactoring: fix SonarQube issues in populateMap()
#989 Refactoring: Remove unused code
#988 Refactoring: Remove unused method from jsonobject
#987 Refactor: Check equality with literal on lhs
#983 Allow retaining null-valued bean properties in JSONObjects

20250517

Pull Request Description
#969 refactored large test for strict mode
#968 Update keepStrings behavior to reflect changes in keepBooleanAsString, keepNumberAsString
#966 granular flags to control for keeping boolean or number values as strings

... (truncated)

Changelog

Sourced from org.json:json's changelog.

20260522 Publish key data, recent commits for minor fixes

20251224 Records, fromJson(), and recent commits

20250517 Strict mode hardening and recent commits

20250107 Restore moditect in pom.xml

20241224 Strict mode opt-in feature, and recent commits. This release does not contain module-info.class. It is not recommended if you need this feature.

20240303 Revert optLong/getLong changes, and recent commits.

20240205 Recent commits.

20231013 First release with minimum Java version 1.8. Recent commits, including fixes for CVE-2023-5072.

20230618 Final release with Java 1.6 compatibility. Future releases will require Java 1.8 or greater.

20230227 Fix for CVE-2022-45688 and recent commits

20220924 New License - public domain, and some minor updates

20220320 Wrap StackOverflow with JSONException

Commits
  • 968a592 Merge pull request #1054 from stleary/pre-release-20260522
  • 3665aad pre-release-20260522 doc and build updates for release
  • d749ee1 Merge pull request #1053 from stleary/update-security-md-with-key
  • 6495983 update-security-md-with-key new security.md file, also fixed 1000 level jsona...
  • 896ce0f Merge pull request #1046 from yuki-matsuhashi/master
  • 1877069 Validate XML numeric character references before string construction
  • b959027 Merge pull request #1044 from yuki-matsuhashi/1043-ignore-static
  • 039f331 Add comment for empty test constructor
  • 94e3400 Ignore static fields in JSONObject.fromJson()
  • 6230128 Merge pull request #1041 from stleary/license-clarification
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump org.json:json from 20211205 to 20260522
0bce73e 
Bumps [org.json:json](https://github.com/douglascrockford/JSON-java) from 20211205 to 20260522.
- [Release notes](https://github.com/douglascrockford/JSON-java/releases)
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md)
- [Commits](stleary/JSON-java@2021120...2026052)

---
updated-dependencies:
- dependency-name: org.json:json
  dependency-version: '20260522'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels May 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants