Bump the all-dependencies group across 1 directory with 20 updates

[dependabot]

Bumps the all-dependencies group with 19 updates in the / directory:

Package	From	To
jvm	2.1.0	2.2.21
org.jmailen.kotlinter	5.0.1	5.2.0
com.amazonaws:aws-lambda-java-core	1.2.3	1.4.0
com.amazonaws:aws-lambda-java-events	3.14.0	3.16.1
org.slf4j:slf4j-api	2.0.16	2.0.17
com.fasterxml.jackson.core:jackson-databind	2.18.2	2.20.1
com.fasterxml.jackson.module:jackson-module-kotlin	2.18.2	2.20.1
com.google.guava:guava	33.4.0-jre	33.5.0-jre
org.junit.jupiter:junit-jupiter-engine	5.11.4	6.0.1
org.assertj:assertj-core	3.27.2	3.27.6
io.mockk:mockk	1.13.14	1.14.6
ch.qos.logback:logback-classic	1.5.16	1.5.20
com.google.protobuf:protobuf-java	4.29.3	4.33.0
com.google.protobuf:protobuf-java-util	4.29.3	4.33.0
com.google.protobuf:protoc	4.29.3	4.33.0
org.slf4j:slf4j-simple	2.0.16	2.0.17
com.jayway.jsonpath:json-path	2.9.0	2.10.0
com.google.protobuf	0.9.4	0.9.5
com.atlassian.oai:swagger-request-validator-core	2.44.1	2.46.0

Updates jvm from 2.1.0 to 2.2.21

Release notes

Sourced from jvm's releases.

Kotlin 2.2.21

Changelog

Backend. Wasm

• KT-81372 K/Wasm: JsException: Exception was thrown while running JavaScript code on Safari 18.2/18.3
• KT-80018 K/Wasm: exceptions don't work properly in JavaScriptCore (vm inside Safari, WebKit)

Compiler

• KT-81191 K2: "null cannot be cast to non-null type ConeTypeParameterLookupTag" with invalid code
• KT-80936 NON_PUBLIC_CALL_FROM_PUBLIC_INLINE : @PublishedApi doesn't work for fun interfaces

JavaScript

• KT-79926 Wrong export of interfaces with companions with ES Modules
• KT-81424 Kotlin/JS: Cannot Get / in a simple running application
• KT-80873 KJS: Stdlib requires ES2020-compatible JS engine due to BigInt type literal

Native

• KT-79384 K/N: Application Not Responding: Thread Deadlock

Tools. Gradle

• KT-79047 Gradle compileKotlin fails with configuration cache
• KT-81148 Publishing helpers in KGP are incompatible with Isolated Projects
• KT-80950 KGP breaks configuration cache when signing plugin with GnuPG is applied

Tools. Gradle. Multiplatform

• KT-61127 Remove scoped resolvable and intransitive DependenciesMetadata configurations used in the pre-IdeMultiplatformImport IDE import
• KT-81249 Kotlin 2.2.20 broke KMP implementation of Parcelize

Tools. Gradle. Native

• KT-81510 commonizeCInterop exception with 'kotlinNativeBundleConfiguration' not found
• KT-81134 Native: Gradle configuration failure likely related to Klibs cross-compilation
• KT-77732 commonizeCInterop failed with "Unresolved classifier: platform/posix/size_t"
• KT-80675 Commonized cinterops between "test" compilations produce an import failure

Tools. Maven

• KT-81218 Kotlin Maven Plugin 2.2.20: Java classes not resolved with enabled incremental compilation without daemon

Tools. Wasm

• KT-80582 Multiple reloads when using webpack dev server after 2.2.20-Beta2

Kotlin 2.2.21-RC2

... (truncated)

Changelog

Sourced from jvm's changelog.

2.2.21

Backend. Wasm

• KT-81372 K/Wasm: JsException: Exception was thrown while running JavaScript code on Safari 18.2/18.3
• KT-80018 K/Wasm: exceptions don't work properly in JavaScriptCore (vm inside Safari, WebKit)

Compiler

• KT-81191 K2: "null cannot be cast to non-null type ConeTypeParameterLookupTag" with invalid code
• KT-80936 NON_PUBLIC_CALL_FROM_PUBLIC_INLINE : @PublishedApi doesn't work for fun interfaces

JavaScript

• KT-79926 Wrong export of interfaces with companions with ES Modules
• KT-81424 Kotlin/JS: Cannot Get / in a simple running application
• KT-80873 KJS: Stdlib requires ES2020-compatible JS engine due to BigInt type literal

Native

• KT-79384 K/N: Application Not Responding: Thread Deadlock

Tools. Gradle

• KT-79047 Gradle compileKotlin fails with configuration cache
• KT-81148 Publishing helpers in KGP are incompatible with Isolated Projects
• KT-80950 KGP breaks configuration cache when signing plugin with GnuPG is applied

Tools. Gradle. Multiplatform

• KT-61127 Remove scoped resolvable and intransitive DependenciesMetadata configurations used in the pre-IdeMultiplatformImport IDE import
• KT-81249 Kotlin 2.2.20 broke KMP implementation of Parcelize

Tools. Gradle. Native

• KT-81510 commonizeCInterop exception with 'kotlinNativeBundleConfiguration' not found
• KT-81134 Native: Gradle configuration failure likely related to Klibs cross-compilation
• KT-77732 commonizeCInterop failed with "Unresolved classifier: platform/posix/size_t"
• KT-80675 Commonized cinterops between "test" compilations produce an import failure

Tools. Maven

• KT-81218 Kotlin Maven Plugin 2.2.20: Java classes not resolved with enabled incremental compilation without daemon

Tools. Wasm

• KT-80582 Multiple reloads when using webpack dev server after 2.2.20-Beta2

2.2.20

... (truncated)

Commits

• 2146684 Add ChangeLog for 2.2.21-RC2
• d8cf44a [KGP][IT] Require Xcode 26 for shouldDownloadLightNativeBundleWithMaven
• bd2b426 [Gradle] Only register commonizeCInterop if there are native targets
• f66516e [Gradle] Added tests for accessing target's publishable property
• 7aad8e5 [Gradle] Workaround for not completable Future with cross compilation
• d061774 [Wasm, JS] Add statics field to DevServer data constructor for data class
• 0609896 Add ChangeLog for 2.2.21-RC
• 4f2bc0c [Gradle] Dont add parcelize plugin to JVM compilations
• 948802f [K/N][tests] Fixed lldb tests to work with Xcode 26
• a32c8f3 [stdlib] Add os.arch as an input property to prevent build cache reuse acro...
• Additional commits viewable in compare view

Updates org.jmailen.kotlinter from 5.0.1 to 5.2.0

Updates com.amazonaws:aws-lambda-java-core from 1.2.3 to 1.4.0

Commits

• See full diff in compare view

Updates com.amazonaws:aws-lambda-java-events from 3.14.0 to 3.16.1

Commits

• See full diff in compare view

Updates org.slf4j:slf4j-api from 2.0.16 to 2.0.17

Updates com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.20.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.module:jackson-module-kotlin from 2.18.2 to 2.20.1

Commits

• 7602d41 [maven-release-plugin] prepare release jackson-module-kotlin-2.20.1
• a3e110c Prep for 2.20.1 release
• 2613d4f Merge branch '2.19' into 2.20
• 35aa6ab Post-release dep version bump
• c71ae67 [maven-release-plugin] prepare for next development iteration
• f475369 [maven-release-plugin] prepare release jackson-module-kotlin-2.19.4
• 1c832b0 Prep for 2.19.4 release
• d7ffcd3 Update README.md
• 613f938 Merge branch '2.19' into 2.20
• 30f83b1 Post-release dep version bump
• Additional commits viewable in compare view

Updates com.google.guava:guava from 33.4.0-jre to 33.5.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.5.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.5.0-jre</version>
  <!-- or, for Android: -->
  <version>33.5.0-android</version>
</dependency>

Jar files

• 33.5.0-jre.jar
• 33.5.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.3.jar

Javadoc

• 33.5.0-jre
• 33.5.0-android

JDiff

• 33.5.0-jre vs. 33.4.8-jre
• 33.5.0-android vs. 33.4.8-android
• 33.5.0-android vs. 33.5.0-jre

Changelog

• Restored the Automatic-Module-Name to guava-android. (It, unlike, guava-jre, is not a proper module.) (7a04a8a955)
• For users of guava-gwt: Google has moved off GWT internally. We plan to continue to release guava-gwt for users of GWT and J2CL, but the artifact is no longer tested for GWT-specific issues, and we have limited resources to fix any unexpected issues that might arise. While we do not anticipate any specific problems, we can't guarantee how long support will continue.
• Increased our Android minSdkVersion to 23 (Marshmallow). This follows the minimum of Google's foundational Android libraries, and we expect it to have no practical impact on users. (5c23347cc1)
• Listed the JSpecify annotations as an optional dependency in our OSGi metadata. (2dfd572981)
• cache: Improved the handling of exceptions from compute functions in Cache.asMap(). (We do still recommend using Caffeine rather than com.google.common.cache.) (087f2c4a80)
• collect: Improved Iterators.mergeSorted() to preserve stability for equal elements. (4dc93be9a8)
• math: Added saturatedAbs methods to IntMath and LongMath. (ed0e518f20)
• net: Added image/avif to MediaType. (53344caba6)
• testing: Made CollectorTester available to Android users. (294c251079)
• util.concurrent: Added Striped.custom. (1586eb271d)

33.4.8

Guava 33.4.8 fixes a problem that we introduced while starting to migrate guava-android off Unsafe in 33.4.7.

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about the effects of Guava 33.4.5 and higher on the module system.

... (truncated)

Commits

• See full diff in compare view

Updates org.junit.jupiter:junit-jupiter-engine from 5.11.4 to 6.0.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter-engine's releases.

JUnit 6.0.1 = Platform 6.0.1 + Jupiter 6.0.1 + Vintage 6.0.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0...r6.0.1

JUnit 6.0.0 = Platform 6.0.0 + Jupiter 6.0.0 + Vintage 6.0.0

See Release Notes.

New Contributors

• @​2897robo made their first contribution in junit-team/junit-framework#4525
• @​strangelookingnerd made their first contribution in junit-team/junit-framework#4683
• @​eric6iese made their first contribution in junit-team/junit-framework#4717
• @​raccoonback made their first contribution in junit-team/junit-framework#4822
• @​currenjin made their first contribution in junit-team/junit-framework#4823
• @​mehulimukherjee made their first contribution in junit-team/junit-framework#4913
• @​lslonina made their first contribution in junit-team/junit-framework#4629

Full Changelog: junit-team/junit-framework@r5.14.0...r6.0.0

JUnit 6.0.0-RC3 = Platform 6.0.0-RC3 + Jupiter 6.0.0-RC3 + Vintage 6.0.0-RC3

See Release Notes.

New Contributors

• @​mehulimukherjee made their first contribution in junit-team/junit-framework#4913
• @​lslonina made their first contribution in junit-team/junit-framework#4629

Full Changelog: junit-team/junit-framework@r6.0.0-RC2...r6.0.0-RC3

JUnit 6.0.0-RC2 = Platform 6.0.0-RC2 + Jupiter 6.0.0-RC2 + Vintage 6.0.0-RC2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0-RC1...r6.0.0-RC2

JUnit 6.0.0-RC1 = Platform 6.0.0-RC1 + Jupiter 6.0.0-RC1 + Vintage 6.0.0-RC1

See Release Notes.

New Contributors

• @​raccoonback made their first contribution in junit-team/junit-framework#4822
• @​currenjin made their first contribution in junit-team/junit-framework#4823

Full Changelog: junit-team/junit-framework@r6.0.0-M2...r6.0.0-RC1

JUnit 6.0.0-M2 = Platform 6.0.0-M2 + Jupiter 6.0.0-M2 + Vintage 6.0.0-M2

See Release Notes.

... (truncated)

Commits

• d774b9c Release 6.0.1 (second attempt)
• 8178545 Mark module as deprecated for removal
• 7b43fcc Back to snapshots for further development
• a5ef746 Release 6.0.1
• 008be8d Finalize 5.14.1 release notes
• b2c55a8 Finalize 6.0.1 release notes
• 866c01a Add note about duplicate test execution with @​Suite (#5080)
• de88e88 Fix broken links in documentation
• 9dd132d Add Valhalla EA to workflow matrix
• fedda88 Make jdk.jfr import optional in OSGi manifest (#5092)
• Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter-params from 5.11.4 to 6.0.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter-params's releases.

JUnit 6.0.1 = Platform 6.0.1 + Jupiter 6.0.1 + Vintage 6.0.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0...r6.0.1

JUnit 6.0.0 = Platform 6.0.0 + Jupiter 6.0.0 + Vintage 6.0.0

See Release Notes.

New Contributors

• @​2897robo made their first contribution in junit-team/junit-framework#4525
• @​strangelookingnerd made their first contribution in junit-team/junit-framework#4683
• @​eric6iese made their first contribution in junit-team/junit-framework#4717
• @​raccoonback made their first contribution in junit-team/junit-framework#4822
• @​currenjin made their first contribution in junit-team/junit-framework#4823
• @​mehulimukherjee made their first contribution in junit-team/junit-framework#4913
• @​lslonina made their first contribution in junit-team/junit-framework#4629

Full Changelog: junit-team/junit-framework@r5.14.0...r6.0.0

JUnit 6.0.0-RC3 = Platform 6.0.0-RC3 + Jupiter 6.0.0-RC3 + Vintage 6.0.0-RC3

See Release Notes.

New Contributors

• @​mehulimukherjee made their first contribution in junit-team/junit-framework#4913
• @​lslonina made their first contribution in junit-team/junit-framework#4629

Full Changelog: junit-team/junit-framework@r6.0.0-RC2...r6.0.0-RC3

JUnit 6.0.0-RC2 = Platform 6.0.0-RC2 + Jupiter 6.0.0-RC2 + Vintage 6.0.0-RC2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0-RC1...r6.0.0-RC2

JUnit 6.0.0-RC1 = Platform 6.0.0-RC1 + Jupiter 6.0.0-RC1 + Vintage 6.0.0-RC1

See Release Notes.

New Contributors

• @​raccoonback made their first contribution in junit-team/junit-framework#4822
• @​currenjin made their first contribution in junit-team/junit-framework#4823

Full Changelog: junit-team/junit-framework@r6.0.0-M2...r6.0.0-RC1

JUnit 6.0.0-M2 = Platform 6.0.0-M2 + Jupiter 6.0.0-M2 + Vintage 6.0.0-M2

See Release Notes.

... (truncated)

Commits

• d774b9c Release 6.0.1 (second attempt)
• 8178545 Mark module as deprecated for removal
• 7b43fcc Back to snapshots for further development
• a5ef746 Release 6.0.1
• 008be8d Finalize 5.14.1 release notes
• b2c55a8 Finalize 6.0.1 release notes
• 866c01a Add note about duplicate test execution with @​Suite (#5080)
• de88e88 Fix broken links in documentation
• 9dd132d Add Valhalla EA to workflow matrix
• fedda88 Make jdk.jfr import optional in OSGi manifest (#5092)
• Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.2 to 3.27.6

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.6

🐛 Bug Fixes

Core

• Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​duponter

v3.27.5

⚡ Improvements

Core

• ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

• Upgrade to Byte Buddy 1.17.7 #3947
• Upgrade to JUnit BOM 5.13.4 #3947

Guava

• Upgrade to Guava 33.4.8-jre #3947

v3.27.4

🚫 Deprecated

Core

• Deprecate org.assertj.core.annotations.Beta in favor of org.assertj.core.annotation.Beta
• Deprecate org.assertj.core.util.CanIgnoreReturnValue in favor of org.assertj.core.annotation.CanIgnoreReturnValue
• Deprecate org.assertj.core.util.CheckReturnValue in favor of org.assertj.core.annotation.CheckReturnValue

🐛 Bug Fixes

Core

• Fix thread-safety in AbstractDateAssert #3874

⚡ Improvements

• Migrate to the Central Publisher Portal, enable snapshot publishing #3881

... (truncated)

Commits

• 716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
• e189652 Add missing export for org.assertj.core.annotation (#3951)
• 0cb489e Update Maven Central URL
• 7286309 [maven-release-plugin] prepare for next development iteration
• dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
• 1d0defc Add missing permission to release workflow
• 844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
• bdd7106 Add CodeQL custom workflow
• a93d7e6 Remove EOL Java 24
• 26ea866 Update production dependencies (#3947)
• Additional commits viewable in compare view

Updates io.mockk:mockk from 1.13.14 to 1.14.6

Release notes

Sourced from io.mockk:mockk's releases.

1.14.6

What's Changed

• Fix and add clearMocks test cases by @​jmatsu in mockk/mockk#1419
• make captured value reference volatile by @​mmimica in mockk/mockk#1418
• add fail-fast guard for Kotlin inline function mocking (#1030) by @​ch200203 in mockk/mockk#1421
• add test reports to GitHub actions by @​aSemy in mockk/mockk#994
• fix duration denormalized error by @​tigermint in mockk/mockk#1424
• refactor: enhance confirmVerified function to include clear option by @​felix-dolderer-el in mockk/mockk#1427

New Contributors

• @​jmatsu made their first contribution in mockk/mockk#1419
• @​mmimica made their first contribution in mockk/mockk#1418
• @​ch200203 made their first contribution in mockk/mockk#1421
• @​tigermint made their first contribution in mockk/mockk#1424
• @​felix-dolderer-el made their first contribution in mockk/mockk#1427

Full Changelog: mockk/mockk@1.14.5...1.14.6

1.14.5

What's Changed

• [Feature] Implement BDD-style aliases as separate module (mockk-bdd) by @​Minseok-2001 in mockk/mockk#1399
• fix: downgrade byte-buddy to 1.5.11 by @​Komdosh in mockk/mockk#1413

New Contributors

• @​Minseok-2001 made their first contribution in mockk/mockk#1399

Full Changelog: mockk/mockk@1.14.4...1.14.5

1.14.4

This release is functionally equivalent to v1.14.3, I just wanted to try out the new publishing process that uses Maven Central instead of OSSRH.

Full Changelog: mockk/mockk@1.14.3...1.14.4

1.14.3

What's Changed

• chore: bump byte buddy version to support java 24 by @​Komdosh in mockk/mockk#1387
• chore: bump gradle version to 8.14 by @​Komdosh in mockk/mockk#1389
• chore: bump dokka, kotlinx.coroutines, slf4j, logback, junit jupiter by @​Komdosh in mockk/mockk#1388
• Add recursive detection of meta-annotations by @​VitalyVPinchuk in mockk/mockk#1393
• chore: bump kotlin to 2.1.20 by @​Komdosh in mockk/mockk#1390
• fix: enable confirmVerified to work with static mocks by @​happysubin in mockk/mockk#1396
• Add logging on failure inside withArg by @​Djaler in mockk/mockk#1395
• Update Android aritfacts to support 16kb page sizes by @​WhosNickDoglio in mockk/mockk#1394
• Use instance factory for value classes with any() matcher by @​esafak in mockk/mockk#1403

New Contributors

• @​Komdosh made their first contribution in mockk/mockk#1387
• @​happysubin made their first contribution in mockk/mockk#1396
• @​Djaler made their first contribution in mockk/mockk#1395
• @​WhosNickDoglio made their first contribution in mockk/mockk#1394

... (truncated)

Commits

• b089459 Version bump
• 1688904 Merge pull request #1427 from felix-dolderer-el/master
• de0ba9e docs: update README to include clear option for confirmVerified
• 794cd06 remove whitespaces from README
• aa1f91e default: false for internalConfirmVerified
• ace1da9 add KDoc explaining clear parameter for confirmVerified
• 6e93ff3 refactor: enhance confirmVerified function to include clear option
• 244af21 Fix code example and clarify that the matchers must match
• 50331c6 Merge pull request #1424 from tigermint/fix-duration-denormalized-error
• 5d8c9b2 Apply review feedback
• Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.16 to 1.5.20

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.20

2025-10-19 Release of logback version 1.5.20

• Due to potential vulnerabilities associated with dynamic, i.e. runtime, java code compilation and execution (using Janino), the 'condition' attribute within the <if> element is deprecated and will be removed in 2027.

An online migration service is provided to help with the transition.

The <condition> element, new in this version, admits custom PropertyEvaluator as a recommended alternative. See also the updated documentation on conditional configuration.

• Logback-classic's initialization procedure has been simplified by removing the step instantiating a SerializedModelConfigurator. However, it is still possible to set up SerializedModelConfigurator as a custom configurator.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 930fb15c993a4344bcecc6ba2225c12a2c38e676 associated with the tag v_1.5.20. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.19

2025-09-30 Release of logback version 1.5.19

• Disallow "new" operator in the condition attribute of <if> elements. This fixes an ACE vulnerability recorded as CVE-2025-11226.

• At initialization time, slightly better reporting about watched configuration files.

• Softer message regarding usage of ConsoleAppender and its potential impact on performance.

• In ViewStatusMessagesServlet, restrict processing of "Clear" button to POST method. This change was proposed by Ralf Wiebicke who also provided the relevant PR.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e572d4f87f06674788eb3ca7148e8d1dffc615fa associated with the tag v_1.5.19. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.17

2025-02-25 Release of logback version 1.5.17

• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.

• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• 930fb15 prepare release 1.5.20
• 0b4432a provide an alternative to Janino based conditional configuration processing -...
• 258558f provide an alternative to Janino based conditional configuration processing -...
• ee77a70 provide an alternative to Janino based conditional configuration processing -...
• 5ca7ce8 provide an alternative to Janino based conditional configuration processing -...
• 728803f fix typo
• aa5eeb1 start work on version 1.5.20-SNAPSHOT
• e572d4f skip deployment of blackbox and example modules, published as version 1.5.9
• 4adae8b add plugin for Maven Central deployment
• ee70cf4 prepare release 1.5.19
• Additional commits viewable in compare view

Updates com.google.protobuf:protobuf-java from 4.29.3 to 4.33.0

Commits

• See full diff in compare view

Updates com.google.protobuf:protobuf-java-util from 4.29.3 to 4.33.0

Updates com.google.protobuf:protoc from 4.29.3 to 4.33.0

Commits

• See full diff in compare view

Updates com.google.protobuf:protobuf-java-util from 4.29.3 to 4.33.0

Updates org.slf4j:slf4j-simple from 2.0.16 to 2.0.17

Updates com.jayway.jsonpath:json-path from 2.9.0 to 2.10.0

Release notes

Sourced from com.jayway.jsonpath:json-path's releases.

json-path-2.10.0

What's Changed

• Upgrade to junit-jupiter by @​kallestenflo in json-path/JsonPath#993
• Remove web-test project by @​kallestenflo in json-path/JsonPath#994
• Upgrade to gradle 8.5 and add java 21 build by @​kallestenflo in json-path/JsonPath#995
• Upgrade net.minidev:json-smart from 2.5.0 to 2.5.1 by @​oswaldobapvicjr in json-path/JsonPath#1004
• [CI] Remove Java 18 from build matrix by @​valfirst in json-path/JsonPath#1005
• Bumps dependency versions by @​kallestenflo in json-path/JsonPath#1057
• Release 2.10.0 by @​kallestenflo in json-path/JsonPath#1058

Full Changelog: json-path/JsonPath@json-path-2.9.0...json-path-2.10.0

Commits

• a427387 Release 2.10.0 (#1058)
• 8e3b92f Bumps dependency versions (#1057)
• 45333e0 [CI] Remove Java 18 from build matrix (#1005)
• 3732a85 Upgrade net.minidev:json-smart from 2.5.0 to 2.5.1 (#1004)
• 2d4cc06 Upgrade to gradle 8.5 and add java 21 build (#995)
• 83ced52 Remove web-test project (#994)
• af031cd Upgrade to junit-jupiter (#993)
• 0ed52b4 Prepare next version
• See full diff in compare view

Updates com.google.protobuf:protoc from 4.29.3 to 4.33.0

Commits

• See full diff in compare view

Updates com.google.protobuf from 0.9.4 to 0.9.5

Updates com.atlassian.oai:swagger-request-validator-core from 2.44.1 to 2.46.0

Changelog

Sourced from com.atlassian.oai:swagger-request-validator-core's changelog.

2.46.0

• Bump dependencies:
  • spring: 6.1.21 -> 6.2.11
  • spring (legacy): 5.3.26 -> 5.3.39
  • spring-boot: 2.6.12 -> 2.6.15
  • jackson: 2.19.0 -> 2.20.0
  • swagger-parser: 2.1.31 -> 2.1.34
  • jetty: 9.4.56.v20240826 -> 9.4.58.v20250814
  • commons-codec: 1.17.1 -> 1.19.0
  • awaitility: 4.2.2 -> 4.3.0
  • snakeyaml: 2.4 -> 2.5

2.45.1

• Fix single level of ref resolution when parseOptions.resolveFully is disabled [#824](https://bitbucket.org/atlassian/swagger-request-validator/issues/824) [Details]

2.45.0

• Bump dependencies:
  • spring: 6.1.13 -> 6.1.21
  • jackson: 2.15.2 -> 2.19.0
  • mockito: 4.8.0 -> 4.11.0
  • swagger-parser: 2.1.22 -> 2.1.31
  • scala-library: 2.13.14 -> 2.13.16
  • license-maven-plugin: 2.4.0 -> 2.6.0
  • build-helper-maven-plugin: 3.6.0 -> 3.6.1
  • snakeyaml: 2.0 -> 2.4

2.44.9

• Fix handling of multi-type path params in OpenAPI 3.1 [#406](https://bitbucket.org/atlassian/swagger-request-validator/issues/406) [Details]

2.44.8

• Fix handling of "null" literal for String params [#815](https://bitbucket.org/atlassian/swagger-request-validator/issues/815) [Details]

Commits

• 6aae9cc [Renovate] Update jetty monorepo to v9.4.58.v20250814
• c8b8450 VULN-1727170: fix: upgrade spring-core from 6.1.21 to 6.2.10 to resolve secu...
• 002a3eb [Renovate] Update jackson monorepo
• 74eaea1 Merged in issue/VULN-1727170-autodev-bot-07b58cfa-0d0f-40aa-8514-7ad27854ce27...
• 042ccc3 Merged in renovate/jetty-monorepo (pull request #458)
• 893e297 Merged in renovate/maven.gpg.plugin.version (pull request #456)
• cde7925 Merged in renovate/guava-monorepo (pull request #461)
• 237cc7c Merged master into renovate/jackson-monorepo
• 1c42c65 Switch to use jackson BOM for managing Jackson deps
• b8ed339 Merged in renovate/jackson-monorepo (pull request #457)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dep...

Description has been truncated