Skip to content

fix(deps): update all #1219

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update all #1219

wants to merge 1 commit into from
+12 −12

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 31, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Confidence
gradle (source) patch 8.14.1 -> 8.14.3 age confidence
com.github.spotbugs:spotbugs-annotations (source) dependencies patch 4.9.3 -> 4.9.4 age confidence
commons-codec:commons-codec (source) dependencies minor 1.18.0 -> 1.19.0 age confidence
commons-io:commons-io (source) dependencies minor 2.19.0 -> 2.20.0 age confidence
org.apache.commons:commons-text (source) dependencies minor 1.13.1 -> 1.14.0 age confidence
com.github.ben-manes.caffeine:caffeine dependencies patch 3.2.0 -> 3.2.2 age confidence
pmd (source) dependencies minor 7.13.0 -> 7.16.0 age confidence
org.assertj:assertj-core (source) dependencies patch 3.27.3 -> 3.27.4 age confidence
com.commercetools.sdk:commercetools-sdk-java-api (source) dependencies minor 18.0.0 -> 18.3.0 age confidence
com.commercetools.sdk:commercetools-http-client (source) dependencies minor 18.0.0 -> 18.3.0 age confidence
com.diffplug.spotless plugin minor 7.0.3 -> 7.2.1 age confidence
com.github.spotbugs plugin minor 6.1.12 -> 6.2.4 age confidence
org.ajoberstar.grgit plugin patch 5.3.0 -> 5.3.2 age confidence

Release Notes

gradle/gradle (gradle)

v8.14.3: 8.14.3

Compare Source

The Gradle team is excited to announce Gradle 8.14.3.

This is a patch release for 8.14. We recommend using 8.14.3 instead of 8.14.

Here are the highlights of this release:

  • Java 24 support
  • GraalVM Native Image toolchain selection
  • Enhancements to test reporting
  • Build Authoring improvements

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle:
Aurimas,
Ben Bader,
Björn Kautler,
chandre92,
Daniel Hammer,
Danish Nawab,
Florian Dreier,
Ivy Chen,
Jendrik Johannes,
jimmy1995-gu,
Madalin Valceleanu,
Na Minhyeok.

Upgrade instructions

Switch your build to use Gradle 8.14.3 by updating your wrapper:

./gradlew wrapper --gradle-version=8.14.3 && ./gradlew wrapper

See the Gradle 8.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

v8.14.2

Compare Source

spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)

v4.9.4

Compare Source

Changed
  • AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.
  • Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#​3354).
  • Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#​3485)
Fixed
  • Widen main method recognition according to JEP 445. (#​3371)
  • Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields, parameters, packages or classes with an *.Generated annotation with retention >= class (#​3350)(#​3409)
  • Rewrite some member in ResourceValueFrame.java to Enum (#​2061)
  • Ignore non-interpreted text when looking for FS_BAD_DATE_FORMAT_FLAG_COMBO (#​3387)
  • Fix IllegalArgumentException thrown from FindNoSideEffectMethods detector (#​3320)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito doAnswer(), doCallRealMethod(), doNothing(), doThrow() or doReturn() call (#​3334)
  • Fix CT_CONSTRUCTOR_THROW false positive with public and private constructors in specific order of methods (#​3417)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE FP when the relevant code is in private method, which is only called with proper synchronization (#​3428)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a BDDMockito call (#​3441)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE when field of a local variable is set. (#​3459)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE FP when there was no compound operation (#​3363)
  • Fix NM_FIELD_NAMING_CONVENTION crash in the TestASM detector (#​3489)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in JUnit 3/4 setUp() method. (#​3169)
  • Fix US_USELESS_SUPPRESSION_ON_FIELD/UUF_UNUSED_FIELD false positive (#​3496)
  • Make the osgi manifest of the annotations jar Java 8 compatible (#​3498) (#​3500)
  • TextUICommandLine supports all options encoded in Eclipse preferences file (#​3520)
  • Unnecessary suppressions fix for records headers (#​3471)
  • Dead store fix when switch case contains loops (#​3530) (#​3449)
  • Consider PUTFIELD and PUTSTATIC when looking for assertions with side effects (#​3463)
  • Detect cases when equals() unconditionally returns true or false (#​3528)
  • Do not report that an Iterator does not throw NoSuchElementException when hasNext() returns true (#​3501)
  • Detect random value cast to int when stored in temporary variable (#​3461)
  • Look for interfaces default methods when searching uncalled private methods (#​1988)
  • Fixed field self assignment false positive (#​2258)
  • Fixed DMI_INVOKING_TOSTRING_ON_ARRAY on newer JDK (#​1147)
  • Fix NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive with Objects.requireNonNull (#​2965) (#​3573)
  • Track inner classes access methods to correctly report the bugs (#​2029)
  • SF_SWITCH_NO_DEFAULT false positive fix (#​1148) (#​3572)
Added
  • Added the unnecessary annotation to the US_USELESS_SUPPRESSION_ON_* messages (#​3395)
  • Multi-threaded code checks can be skipped with @NotThreadSafe (#​3390)
  • New bug type CWO_CLOSED_WITHOUT_OPENED for locks that might be released without even being acquired. (See SEI CERT rule LCK08-J) (#​2055)
    • Breaking change: changed values and new items in ResourceValueFrame.
  • Inline access method for method. (#​3481)
  • Added DMI_MISLEADING_SUBSTRING for calling subString(0) on a StringBuffer/StringBuilder (#​1928)
Signing
  • Signing for Eclipse plugin has been removed at the current time due to signing keys being expired. The expired key produced a warning during install, the same is true without signing.
apache/commons-codec (commons-codec:commons-codec)

v1.19.0

The Apache Commons Codec team is pleased to announce the release of Apache Commons Codec 1.19.0.

The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.

This is a feature and maintenance release. Java 8 or later is required.

ben-manes/caffeine (com.github.ben-manes.caffeine:caffeine)

v3.2.2: 3.2.2

  • Fixed characteristics returned by Spliterators (#​1883)

v3.2.1: 3.2.1

  • Fixed computeIfAbsent for an async cache's synchronous view to retry if incomplete
  • Improved CaffeineSpec when being reflectively constructed (#​1839)
  • Improved the handling of negative durations with variable expiration
  • Fixed intermittent null after replacing a weak/soft value (#​1820)
commercetools/commercetools-sdk-java-v2 (com.commercetools.sdk:commercetools-sdk-java-api)

v18.3.0

Compare Source

What's Changed

Api changes

Removed Property(s)
  • ⚠️ removed property /[0-9].[0-9]*[1-9]/ from type CategoryOrderHints
  • ⚠️ removed property // from type ProductVariantChannelAvailabilityMap
Changed Property(s)
  • ⚠️ changed property filter of type SearchSorting from type SearchQueryExpression to SearchQuery
Added Property(s)
  • added property /^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/ to type CategoryOrderHints
  • added property /^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/ to type ProductVariantChannelAvailabilityMap

Full Changelog: commercetools/commercetools-sdk-java-v2@18.2.0...18.3.0

v18.2.0

Compare Source

Fixes

Fixed version ranges for OkHttp and Apache clients to prevent the resolution of next major alpha versions using Maven.

What's Changed

Api changes

Added Type(s)
  • added type ExpiredCustomerEmailTokenError
  • added type ExpiredCustomerPasswordTokenError
  • added type GraphQLExpiredCustomerEmailTokenError
  • added type GraphQLExpiredCustomerPasswordTokenError
  • added type CheckoutOrderCreationFailedEvent
  • added type CheckoutPaymentAuthorizationCancelledEvent
  • added type CheckoutPaymentAuthorizationFailedEvent
  • added type CheckoutPaymentAuthorizedEvent
  • added type CheckoutPaymentCancelAuthorizationFailedEvent
  • added type CheckoutPaymentChargeFailedEvent
  • added type CheckoutPaymentChargedEvent
  • added type CheckoutPaymentRefundFailedEvent
  • added type CheckoutPaymentRefundedEvent
  • added type CheckoutMessageOrderPayloadBaseData
  • added type CheckoutMessagePaymentsPayloadBaseData
Added Property(s)
  • added property invalidateOlderTokens to type CustomerCreateEmailToken
  • added property invalidateOlderTokens to type CustomerCreatePasswordResetToken
  • added property invalidateOlderTokens to type CustomerToken
  • added property value to type CustomerEmailTokenCreatedMessage
  • added property invalidateOlderTokens to type CustomerEmailTokenCreatedMessage
  • added property value to type CustomerPasswordTokenCreatedMessage
  • added property invalidateOlderTokens to type CustomerPasswordTokenCreatedMessage
  • added property value to type CustomerEmailTokenCreatedMessagePayload
  • added property invalidateOlderTokens to type CustomerEmailTokenCreatedMessagePayload
  • added property value to type CustomerPasswordTokenCreatedMessagePayload
  • added property invalidateOlderTokens to type CustomerPasswordTokenCreatedMessagePayload
Added Enum(s)
  • added enum checkout to type EventSubscriptionResourceTypeId
  • added enum CheckoutOrderCreationFailed to type EventType
  • added enum CheckoutPaymentAuthorizationCancelled to type EventType
  • added enum CheckoutPaymentAuthorizationFailed to type EventType
  • added enum CheckoutPaymentAuthorized to type EventType
  • added enum CheckoutPaymentCancelAuthorizationFailed to type EventType
  • added enum CheckoutPaymentCharged to type EventType
  • added enum CheckoutPaymentChargeFailed to type EventType
  • added enum CheckoutPaymentRefunded to type EventType
  • added enum CheckoutPaymentRefundFailed to type EventType

Import changes

Removed Property(s)
  • ⚠️ removed property /^[a-z]{2}(-[A-Z]{2})?$/ from type SearchKeywords
  • ⚠️ removed property /^[a-z]{2}(-[A-Z]{2})?$/ from type LocalizedString
Added Property(s)
  • added property /^[a-zA-Z]{2,3}(?:-[a-zA-Z]{4})?(?:-(?:[a-zA-Z]{2}|\d{3}))?$/ to type SearchKeywords
  • added property /^[a-zA-Z]{2,3}(?:-[a-zA-Z]{4})?(?:-(?:[a-zA-Z]{2}|\d{3}))?$/ to type LocalizedString

Full Changelog: commercetools/commercetools-sdk-java-v2@18.1.0...18.2.0

v18.1.0

Compare Source

New features

Split packages

Additionally to the package commercetools-sdk-java-api we also release packages split by domain. This allows package size optimization for deployment targets with size constrains. See also https://commercetools.github.io/commercetools-sdk-java-v2/javadoc/com/commercetools/docs/meta/SizeOptimization.html

What's Changed

Import changes

Removed Property(s)
  • ⚠️ removed property /^[a-z]{2}(-[A-Z]{2})?$/ from type SearchKeywords
  • ⚠️ removed property /^[a-z]{2}(-[A-Z]{2})?$/ from type LocalizedString
Added Property(s)
  • added property /^[a-zA-Z]{2,3}(?:-[a-zA-Z]{4})?(?:-(?:[a-zA-Z]{2}|\d{3}))?$/ to type SearchKeywords
  • added property /^[a-zA-Z]{2,3}(?:-[a-zA-Z]{4})?(?:-(?:[a-zA-Z]{2}|\d{3}))?$/ to type LocalizedString

Full Changelog: commercetools/commercetools-sdk-java-v2@18.0.0...18.1.0

ajoberstar/grgit (org.ajoberstar.grgit)

v5.3.2

Compare Source

Patch release to fix a vulnerable transitive dependency.

[!NOTE]
This release is the same as 5.3.1.

Breaking Changes

None

Enhancements

None

Fixes

  • Update dependencies to resolve JGit vulnerability

Deprecations

None

Compatibility

Tested on the following version:

Java Version Gradle Versions
11 7.0.2, 7.6.4, 8.0.2, 8.14.2
17 7.3.3, 7.6.4, 8.0.2, 8.14.2, 9.0.0-milestone-9
21 8.4, 8.14.2, 9.0.0-milestone-9

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from 03eb329 to 99952bc Compare June 9, 2025 09:34
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from b56a6c0 to 9451e46 Compare June 20, 2025 12:34
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 620b976 to fcff3d2 Compare June 27, 2025 12:39
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from fc02e2f to a5bbb3e Compare July 8, 2025 03:03
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from ca537aa to caf5655 Compare July 13, 2025 06:00
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from 56a024b to 5997ad2 Compare July 25, 2025 10:29
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from aece820 to 12348ee Compare August 7, 2025 16:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants