deps: bump the regular group with 9 updates

[dependabot]

Bumps the regular group with 9 updates:

Package	From	To
ch.qos.logback:logback-core	1.5.32	1.5.33
ch.qos.logback:logback-classic	1.5.32	1.5.33
com.networknt:json-schema-validator	1.5.9	3.0.3
org.apache.maven.plugins:maven-dependency-plugin	3.10.0	3.11.0
com.diffplug.spotless:spotless-maven-plugin	3.5.1	3.6.0
org.sonarsource.scanner.maven:sonar-maven-plugin	5.6.0.6792	5.7.0.6970
org.apache.maven.plugins:maven-surefire-plugin	3.5.5	3.5.6
org.apache.maven.plugins:maven-failsafe-plugin	3.5.5	3.5.6
tools.jackson:jackson-bom	3.1.3	3.1.4

Updates ch.qos.logback:logback-core from 1.5.32 to 1.5.33

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.33

2026-05-27 Release of logback version 1.5.33

• PropertiesConfiguratorModelHandler now registers properties file URLs to the ConfigurationWatchList when scan is enabled (via local scan="true" attribute or top-level configuration scan), ensuring changes are detected and reconfiguration occurs. This problem was reported in issues/1034.

• When processing <conversionRule> elements and both class and converterClass attributes are specified, silently use the class attribute without issuing a warning. However, if the attribute values differ, a warning will be issued. This change was requested in issues/1031.

• HardenedModelInputStream will no longer accept to deserialize all classes located under the "java.lang" and "java.util" packages but a limited number of explicitly authorized classes in those packages. This potential deserialization whitelist bypass vulnerability was reported by York Shen and registered as CVE-2026-9828.

• SSL parameters for SSLSocketAppender now enable hostname verification by default. Moreover, the default protocol is now "TLSv1.2". This potential vulnerability was reported by York Shen.

• When printing the status message field, ViewStatusMessagesServletBase now escapes special characters such as "&" as character entities. This potential vulnerability was reported by York Shen.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 124e8b49b55ac34d08743a0646bd463410192647 associated with the tag v_1.5.33. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• 124e8b4 prepare release 1.5.33
• d8fd6f2 escapeTags in message field when printing status messages
• 95edbeb hostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...
• b768a96 remove spurious java.swing.* import
• 12cf2c5 classes in java.lang and java.util are now whitelisted individually
• e9133ed fix typo
• 47089a2 added Filip Egeric icla
• 85735f7 Modified ConversionRuleAction.java: Updated validPreconditions() to
• 614f7a7 the official name for initial instructions file foe coding agents is AGENTS.md
• fe50bb5 fix: do not warn when both converterClass and class attributes are specified ...
• Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.32 to 1.5.33

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.33

2026-05-27 Release of logback version 1.5.33

• PropertiesConfiguratorModelHandler now registers properties file URLs to the ConfigurationWatchList when scan is enabled (via local scan="true" attribute or top-level configuration scan), ensuring changes are detected and reconfiguration occurs. This problem was reported in issues/1034.

• When processing <conversionRule> elements and both class and converterClass attributes are specified, silently use the class attribute without issuing a warning. However, if the attribute values differ, a warning will be issued. This change was requested in issues/1031.

• HardenedModelInputStream will no longer accept to deserialize all classes located under the "java.lang" and "java.util" packages but a limited number of explicitly authorized classes in those packages. This potential deserialization whitelist bypass vulnerability was reported by York Shen and registered as CVE-2026-9828.

• SSL parameters for SSLSocketAppender now enable hostname verification by default. Moreover, the default protocol is now "TLSv1.2". This potential vulnerability was reported by York Shen.

• When printing the status message field, ViewStatusMessagesServletBase now escapes special characters such as "&" as character entities. This potential vulnerability was reported by York Shen.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 124e8b49b55ac34d08743a0646bd463410192647 associated with the tag v_1.5.33. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• 124e8b4 prepare release 1.5.33
• d8fd6f2 escapeTags in message field when printing status messages
• 95edbeb hostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...
• b768a96 remove spurious java.swing.* import
• 12cf2c5 classes in java.lang and java.util are now whitelisted individually
• e9133ed fix typo
• 47089a2 added Filip Egeric icla
• 85735f7 Modified ConversionRuleAction.java: Updated validPreconditions() to
• 614f7a7 the official name for initial instructions file foe coding agents is AGENTS.md
• fe50bb5 fix: do not warn when both converterClass and class attributes are specified ...
• Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.32 to 1.5.33

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.33

2026-05-27 Release of logback version 1.5.33

• PropertiesConfiguratorModelHandler now registers properties file URLs to the ConfigurationWatchList when scan is enabled (via local scan="true" attribute or top-level configuration scan), ensuring changes are detected and reconfiguration occurs. This problem was reported in issues/1034.

• When processing <conversionRule> elements and both class and converterClass attributes are specified, silently use the class attribute without issuing a warning. However, if the attribute values differ, a warning will be issued. This change was requested in issues/1031.

• HardenedModelInputStream will no longer accept to deserialize all classes located under the "java.lang" and "java.util" packages but a limited number of explicitly authorized classes in those packages. This potential deserialization whitelist bypass vulnerability was reported by York Shen and registered as CVE-2026-9828.

• SSL parameters for SSLSocketAppender now enable hostname verification by default. Moreover, the default protocol is now "TLSv1.2". This potential vulnerability was reported by York Shen.

• When printing the status message field, ViewStatusMessagesServletBase now escapes special characters such as "&" as character entities. This potential vulnerability was reported by York Shen.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 124e8b49b55ac34d08743a0646bd463410192647 associated with the tag v_1.5.33. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• 124e8b4 prepare release 1.5.33
• d8fd6f2 escapeTags in message field when printing status messages
• 95edbeb hostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...
• b768a96 remove spurious java.swing.* import
• 12cf2c5 classes in java.lang and java.util are now whitelisted individually
• e9133ed fix typo
• 47089a2 added Filip Egeric icla
• 85735f7 Modified ConversionRuleAction.java: Updated validPreconditions() to
• 614f7a7 the official name for initial instructions file foe coding agents is AGENTS.md
• fe50bb5 fix: do not warn when both converterClass and class attributes are specified ...
• Additional commits viewable in compare view

Updates com.networknt:json-schema-validator from 1.5.9 to 3.0.3

Release notes

Sourced from com.networknt:json-schema-validator's releases.

3.0.3- 2026-05-27

Added

Changed

• fixes #1246 Coercion bug (#1247)
• Cleanup of IOException leftovers after update to jackson3 (#1244) Thanks @​afiluba

3.0.2- 2026-04-14

Added

Changed

• Upgrade Jackson from 3.1.0 to 3.1.1 to fix CWE-770 (#1236) Thanks @​cjun-coveo
• Support handling of non-finite numbers if present (#1241) Thanks @​justin-tay

3.0.1- 2026-03-10

Added

Changed

• Upgrade Jackson from 3.0.3 to 3.1.0 to fix CVE-2026-29062 (#1236) Thanks @​AhsanSheraz
• Fix minimum maximum validators with type array (#1227) Thanks @​justin-tay
• Add method to SpecificationVersion to determine from schema node (#1221) Thanks @​justin-tay
• update contributor list in README.md

3.0.0- 2025-12-13

Added

Changed

• Upgrade to Jackson 3 and JDK 17 (#1219) Thanks @​justin-tay

2.0.1- 2025-12-11

Added

Changed

• Skip processing of properties keyword if not an object (#1217) Thanks @​justin-tay
• Allow for default dialect id not to be specified and throw an exception (#1212) Thanks @​justin-tay
• Fix multipleOf error message for fractional digits greater than 3 (#1210) Thanks @​justin-tay

2.0.0- 2025-10-25

Added

... (truncated)

Changelog

Sourced from com.networknt:json-schema-validator's changelog.

Change Log

All notable changes to this project will be documented in this file.

This format is based on Keep a Changelog.

This project does not adhere to Semantic Versioning and minor version changes can have incompatible API changes. These incompatible API changes will largely affect those who have custom validator or walker implementations. Those who just use the library to validate using the standard JSON Schema Draft specifications may not need changes.

[Unreleased]

Added

Changed

Changed

3.0.3- 2026-05-27

Added

Changed

• fixes #1246 Coercion bug (#1247)
• Cleanup of IOException leftovers after update to jackson3 (#1244) Thanks @​afiluba

3.0.2- 2026-04-14

Added

Changed

• Upgrade Jackson from 3.1.0 to 3.1.1 to fix CWE-770 (#1236) Thanks @​cjun-coveo
• Support handling of non-finite numbers if present (#1241) Thanks @​justin-tay

3.0.1- 2026-03-10

Added

Changed

• Upgrade Jackson from 3.0.3 to 3.1.0 to fix CVE-2026-29062 (#1236) Thanks @​AhsanSheraz
• Fix minimum maximum validators with type array (#1227) Thanks @​justin-tay
• Add method to SpecificationVersion to determine from schema node (#1221) Thanks @​justin-tay
• update contributor list in README.md

3.0.0- 2025-12-13

Added

Changed

... (truncated)

Commits

• 7407ddd upgrade to 3.0.3 and update changelog
• 07b694b fixes #1246 Coercion bug (#1247)
• 9df7d32 Merge branch 'master' of github.com:networknt/json-schema-validator
• 2686725 add gitignore
• 331ced5 Cleanup of IOException leftovers after update to jackson3 (#1244)
• a6ae62c upgrade to 3.0.2 and update changelog
• 054f2f6 Support handling of non-finite numbers if present (#1241)
• d352d6f update version to 3.0.1
• a313e60 upgrade to 3.0.1 and update changelog
• ff327ec Upgrade Jackson from 3.0.3 to 3.1.0 to fix CVE-2026-29062 (#1236)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.10.0 to 3.11.0

Release notes

Sourced from org.apache.maven.plugins:maven-dependency-plugin's releases.

3.11.0

🚀 New features and improvements

• Add dependency:add and dependency:remove goals (#1599) @​brunoborges
• Added ability to provide arbitrary dependencies to properties mojo (#1561) @​treilhes

🐛 Bug Fixes

• Fix artifact relocation support (#1633) @​slawekjaranowski
• fix: fix addParentPoms=true causes repositories to be ignored. (#1585) @​k-wall
• Fix false positive in analyze-exclusions with transitive dependency exclusion (#1628) @​slawekjaranowski
• Make AbstractAnalyzeMojo.filterArtifactsByScope() null-safe (#1622) @​elharo
• Prevent NPE in BuildClasspathMojo.appendArtifactPath() when an artifact has no resolved file (#1623) @​elharo
• Log unpacking at debug level (#1624) @​elharo
• Resolve plugins declared in pluginManagement for resolve-plugins and go-offline (#1603) @​slawekjaranowski
• Fix analyze-exclusions crashes if there is no dependencyManagement element (#1597) @​JackPGreen

👻 Maintenance

• Enable ITs for dependency:remove and use mock dependencies (#1613) @​slawekjaranowski
• More meaningful assertions (#1611) @​elharo
• Cure various typos IntelliJ complains about (#1612) @​elharo
• Remove unused jansi dependency (#1606) @​slawekjaranowski
• Enable ITs for dependecy:add and use mock dependencies (#1610) @​slawekjaranowski
• Cleaner exception handling (#1566) @​elharo

📦 Dependency updates

• Manage ASM version 9.10 to support JDK 27 (#1632) @​slawekjaranowski
• Bump eu.maveniverse.maven.domtrip:domtrip-core from 1.5.0 to 1.5.1 (#1631) @dependabot[bot]
• Bump eu.maveniverse.maven.domtrip:domtrip-maven from 1.5.0 to 1.5.1 (#1630) @dependabot[bot]
• Bump mavenVersion from 3.9.15 to 3.9.16 (#1626) @dependabot[bot]
• Bump org.apache.maven.shared:maven-dependency-analyzer from 1.17.0 to 1.17.1 (#1627) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 in /src/it/projects/remove-dependency/basic (#1607) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 47 to 48 (#1605) @dependabot[bot]
• Bump mavenVersion from 3.9.14 to 3.9.15 (#1601) @dependabot[bot]
• Bump org.jsoup:jsoup from 1.22.1 to 1.22.2 (#1602) @dependabot[bot]
• Bump org.apache.maven.doxia:doxia-sink-api from 2.0.0 to 2.1.0 (#1595) @dependabot[bot]
• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#1596) @dependabot[bot]
• Bump mavenVersion from 3.9.12 to 3.9.14 (#1594) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.5.0 to 3.5.1 (#1589) @dependabot[bot]

Commits

• c186d05 [maven-release-plugin] prepare release maven-dependency-plugin-3.11.0
• 3712611 Fix artifact relocation support
• e873e0e Manage ASM version 9.10 to support JDK 27
• 70b5356 fix: fix addParentPoms=true causes repositories to be ignored. (#1585)
• 51d8939 Fix false positive in analyze-exclusions with transitive dependency exclusion...
• 02b865b Bump eu.maveniverse.maven.domtrip:domtrip-core from 1.5.0 to 1.5.1
• 04f4de1 Bump eu.maveniverse.maven.domtrip:domtrip-maven from 1.5.0 to 1.5.1
• 2812490 Bump mavenVersion from 3.9.15 to 3.9.16
• ce117da Bump org.apache.maven.shared:maven-dependency-analyzer
• aea7a64 Prevent NPE (#1622)
• Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 3.5.1 to 3.6.0

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.6.0

Added

• Add <cacheDirectory> to <eclipse>, <greclipse>, and <eclipseCdt> for the Equo/Solstice P2 cache. (#2944)
• EclipseJdtFormtterStep now can conditionally set compiler source/compliance options. Allows for better parsing of AST Node for newer language features and more correct sorting; e.g. records or seal classes. (#2942)

Fixed

• <versionCatalog> no longer splits long inline tables across multiple lines — Gradle's TOML 1.0 parser cannot read multi-line inline tables. The maxLineLength option has been removed. (#2948)
• spotless:apply no longer aborts on the first file with lints; it now formats all files and reports a single aggregated lint failure across every file, matching the Gradle plugin's behavior. (#2937)
• <greclipse> and <eclipseCdt> now default P2 data to the Maven local repository. (#2944)
• forbidWildcardImports and forbidModuleImports now detect imports that have leading whitespace (indentation/tabs). (#2939)

Changes

• Improved formatting performance by eliminating redundant per-step line-ending normalization in the core formatter loop. (#2934)

Commits

• 71a433c Published maven/3.6.0
• 3a0f101 Published gradle/8.6.0
• 007e9d8 Published lib/4.6.2
• a074d53 Allow setting the local P2 cache dir in the Spotless Gradle plugin (#2944)
• a266fc2 Merge branch 'main' into add-cache-directory-dsl
• e0d466e Fix: sort members treats record declarations as types (#2942)
• 3936b6f Merge branch 'main' into main
• 278765f fix: expandWildcardImports support pom type dependency, fix #2839 (#2935)
• a18ddec Remove maxLineLength from versionCatalog step (#2949)
• b91ad87 Add changelog entries for versionCatalog maxLineLength removal
• Additional commits viewable in compare view

Updates org.sonarsource.scanner.maven:sonar-maven-plugin from 5.6.0.6792 to 5.7.0.6970

Release notes

Sourced from org.sonarsource.scanner.maven:sonar-maven-plugin's releases.

5.7.0.6970

Release notes - Sonar Scanner for Maven - 5.7

Feature

SCANMAVEN-317 Support encryption of sonar.token, and other new secure properties SCANMAVEN-332 support modular-jar artifact type SCANMAVEN-341 Rework the support of encrypted properties

Maintenance

SCANMAVEN-370 Prepare next development iteration 5.7.0 SCANMAVEN-372 Configure Renovate for sonar-scanner-maven SCANMAVEN-373 SubmitReview: Use Vault token SCANMAVEN-374 Unpin internal GitHub actions SCANMAVEN-376 Use SonarSource/.../sonar-update-center-release@v1 instead of @​master SCANMAVEN-377 Update dependency org.assertj:assertj-core to v3.27.7 [SECURITY]

Commits

• 9e114d7 SCANMAVEN-332 Support modular-jar (#402)
• 7424fe5 SCANMAVEN-317 - Support encryption of sonar.token, and other new secure prope...
• b8ff39f SCANMAVEN-341 Fix regex for encrypted property filtering for mvn4 and add tes...
• b4c0b4a SCANMAVEN-377 Update dependency org.assertj:assertj-core to v3.27.7 [SECURITY...
• cd19506 SCANMAVEN-372 Configure Renovate (#393)
• 944f552 SCANMAVEN-376 Use SonarSource/.../sonar-update-center-release@v1 instead of @...
• 2832b8a SCANMAVEN-374 Unpin internal GitHub actions (#396)
• 81caeeb SCANMAVEN-373 SubmitReview: Use Vault token (#395)
• c62dd74 SCANMAVEN-370 Prepare next development iteration 5.7.0 (#392)
• See full diff in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.6

🚀 New features and improvements

• Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

• Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_socket at address' is not displayed anymore when using maven.surefire.debug (#3353) (#3354) @​olamy
• Ensure that the statistics filename is calculated only once. (#3326) (#3327) @​olamy
• Add flakes attribute to use in testsuite report (#3306) (#3308) @​olamy
• [BACKPORT 3.5.x] [SUREFIRE-2049] - Fix SHUTDOWN type lost during command serialization. (#3270) (#3289) @​olamy
• fix: null guard for context map (#3269) (#3272) @​olamy

👻 Maintenance

• 3.5.x/bug/cherry pick embedded mode its (#3328) @​olamy
• Use surefire 3.5.5 by project itself for testing (#3324) @​slawekjaranowski
• Follow Oracle javadoc guidelines (#3177) @​elharo

📦 Dependency updates

• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#3334) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3350) @dependabot[bot]

Commits

• 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
• e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
• dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
• 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
• 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
• 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
• 04ad9a2 Use surefire 3.5.5 by project itself for testing
• 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
• a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
• e838393 deploy 3.5.x branch to nexus
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.6

🚀 New features and improvements

• Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

• Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_socket at address' is not displayed anymore when using maven.surefire.debug (#3353) (#3354) @​olamy
• Ensure that the statistics filename is calculated only once. (#3326) (#3327) @​olamy
• Add flakes attribute to use in testsuite report (#3306) (#3308) @​olamy
• [BACKPORT 3.5.x] [SUREFIRE-2049] - Fix SHUTDOWN type lost during command serialization. (#3270) (#3289) @​olamy
• fix: null guard for context map (#3269) (#3272) @​olamy

👻 Maintenance

• 3.5.x/bug/cherry pick embedded mode its (#3328) @​olamy
• Use surefire 3.5.5 by project itself for testing (#3324) @​slawekjaranowski
• Follow Oracle javadoc guidelines (#3177) @​elharo

📦 Dependency updates

• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#3334) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3350) @dependabot[bot]

Commits

• 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
• e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
• dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
• 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
• 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
• 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
• 04ad9a2 Use surefire 3.5.5 by project itself for testing
• 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
• a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
• e838393 deploy 3.5.x branch to nexus
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.6

🚀 New features and improvements

• Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

• Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_socket at address' is not displayed anymore when using maven.surefire.debug (#3353) (#3354) @​olamy
• Ensure that the statistics filename is calculated only once. (#3326) (#3327) @​olamy
• Add flakes attribute to use in testsuite report (#3306) (#3308) @​olamy
• [BACKPORT 3.5.x] [SUREFIRE-2049] - Fix SHUTDOWN type lost during command serialization. (#3270) (#3289) @​olamy
• fix: null guard for context map (#3269) (#3272) @​olamy

👻 Maintenance

• 3.5.x/bug/cherry pick embedded mode its (#3328) @​olamy
• Use surefire 3.5.5 by project itself for testing (#3324) @​slawekjaranowski
• Follow Oracle javadoc guidelines (#3177) @​elharo

📦 Dependency updates

• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#3334) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3350) @dependabot[bot]

Commits

• 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
• e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
• dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
• 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
• 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
• 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
• 04ad9a2 Use surefire 3.5.5 by project itself for testing
• 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
• a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
• e838393 deploy 3.5.x branch to nexus
• Additional commits viewable in compare view

Updates tools.jackson:jackson-bom from 3.1.3 to 3.1.4

Commits

• 4085e4d [maven-release-plugin] prepare release jackson-bom-3.1.4
• f8e1a4e Prep for 3.1.4 release
• 47eb6ea Merge branch '2.x' into 3.1
• 902ec69 Update Woodstox/stax2-api (to 7.2.0/4.3.0)
• d5df403 Post-release dep version bump
• 7ed6798 [maven-release-plugin] prepare for next development iteration
• 2570647 Merge branch '2.21' into 2.x
• 9d3a9d5 Post-release dep version bump
• 84bcf7f [maven-release-plugin] prepare for next development iteration
• 374fbd0 [maven-release-plugin] prepare release jackson-bom-2.21.3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud