Skip to content

build(deps): bump the safe-patch-updates group with 5 updates#73

Merged
khalilmalla95 merged 2 commits into
developfrom
dependabot/maven/develop/safe-patch-updates-6e4463ee5d
Jun 2, 2026
Merged

build(deps): bump the safe-patch-updates group with 5 updates#73
khalilmalla95 merged 2 commits into
developfrom
dependabot/maven/develop/safe-patch-updates-6e4463ee5d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the safe-patch-updates group with 5 updates:

Package From To
org.apache.maven.plugins:maven-surefire-plugin 3.5.4 3.5.6
org.apache.maven.plugins:maven-shade-plugin 3.6.1 3.6.2
jakarta.xml.bind:jakarta.xml.bind-api 4.0.2 4.0.5
org.glassfish.jaxb:jaxb-runtime 4.0.5 4.0.9
info.picocli:picocli 4.7.4 4.7.7

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.4 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.6

🚀 New features and improvements

  • Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.5.5

🚀 New features and improvements

🐛 Bug Fixes

  • Use PowerShell instead of WMIC for detecting zombie process on Windows (#3258) @​jbliznak. Please note if you are using Windows with Java 8 and not PowerShell (you have options to: use Java 9+, install PowerShell or stay on Surefire 3.5.4)
  • Properly work with test failures caused during beforeAll phase (#3194) @​Frawless

📝 Documentation updates

  • Clarify how late placeholder replacement (@{...}) deals with (#3208) @​kwin

👻 Maintenance

... (truncated)

Commits
  • 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
  • e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
  • dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
  • 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
  • 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
  • 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
  • 04ad9a2 Use surefire 3.5.5 by project itself for testing
  • 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
  • a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
  • e838393 deploy 3.5.x branch to nexus
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2

Release notes

Sourced from org.apache.maven.plugins:maven-shade-plugin's releases.

3.6.2

🐛 Bug Fixes

  • Bug: Extra JARs and Artifacts were not subjected to filtering (#785) @​cstamas

👻 Maintenance

📦 Dependency updates

Commits
  • ad8de59 [maven-release-plugin] prepare release maven-shade-plugin-3.6.2
  • 8eb19dc Drop unneeded dependencies (#788)
  • 397b2cd Drop excessive dependencies (#786)
  • eca6398 Bug: Extra JARs and Artifacts were not subjected to filtering (#785)
  • 7edce17 Update to parent POM v 47 (#781)
  • 3171a34 Mockito improvements (#783)
  • 678844b Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#782)
  • 73ec909 Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (#780)
  • 5f7a877 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#778)
  • 73c5247 chore: remove junit3 reference (#762)
  • Additional commits viewable in compare view

Updates jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.5

Release notes

Sourced from jakarta.xml.bind:jakarta.xml.bind-api's releases.

Jakarta XML Binding API 4.0.5

What's Changed

Full Changelog: jakartaee/jaxb-api@4.0.4...4.0.5

Jakarta XML Binding API 4.0.4

What's Changed

New Contributors

Full Changelog: jakartaee/jaxb-api@4.0.3...4.0.4

Jakarta XML Binding API 4.0.3

What's Changed

New Contributors

Full Changelog: jakartaee/jaxb-api@4.0.2...4.0.3

Commits
  • 33af600 Update API version of : to 4.0.5
  • e8bc066 Bump the maven-plugins group across 2 directories with 15 updates
  • 5884465 Bump the dependencies group across 1 directory with 2 updates
  • a12f7b7 Bump the actions-dependencies group with 2 updates
  • 1375104 move dependabot config to the right location
  • 7680773 add dependabot
  • cd71d76 #330 fixes documentation
  • 4d531bd #325 restore permissive base64 decoding
  • 31505d0 Merge pull request #324 from jakartaee/4.0.4-RELEASE
  • c3f3109 Update API version of : to 4.0.5-SNAPSHOT
  • Additional commits viewable in compare view

Updates org.glassfish.jaxb:jaxb-runtime from 4.0.5 to 4.0.9

Updates info.picocli:picocli from 4.7.4 to 4.7.7

Release notes

Sourced from info.picocli:picocli's releases.

Picocli 4.7.7

Picocli 4.7.7

The picocli community is pleased to announce picocli 4.7.7.

This release includes bugfixes and enhancements.

Many thanks to the picocli community for raising these issues and providing the pull requests to address them!

This is the eighty-sixth public release. Picocli follows semantic versioning. Artifacts in this release are signed by Remko Popma (6601 E5C0 8DCC BB96).

Table of Contents

  • New and noteworthy
  • Fixed issues
  • Deprecations
  • Potential breaking changes

New and Noteworthy

This release fixes a problem that was introduced in the previous release (4.7.6), where using an ArgGroup in a Mixin would result in options being added twice, or DuplicateOptionAnnotationsException.

The built-in picocli.CommandLine.HelpCommand subcommand now implements Callable<Integer> and returns the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested.

From this release, if a command implements both Callable and Runnable, then the default execution strategy will invoke the call method instead of the run method.

Fixed issues

  • #2353 Enhancement: picocli.shell.jline3.PicocliCommands::invoke now returns ParseResult instead of null. Thanks to Paul for raising this.
  • #2336 Enhancement: Avoid syntax error in auto-completion script for invalid option names and paramLabel values starting with a digit. Thanks to Ruud Senden and Tobias Knerr for raising this.
  • #2281 Enhancement: Variable interpolation should work for ArgGroup.heading attribute. Thanks to Marc Philipp for raising this.
  • #2355 Bugfix: The built-in help subcommand should return the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested. Thanks to marco-brandizi for raising this.
  • #2335 Bugfix: Module info missing in all jars except the main picocli jar file. Thanks to Oliver B. Fischer for raising this.
  • #2331 Bugfix: AutoComplete with jline3 was showing hidden commands. Thanks to clebertsuconic for raising this.
  • #2291 Bugfix: NullPointerException when using PropertiesDefaultProvider. Thanks to JessHolle for raising this.
  • #2344 Bugfix: negatable=true option in an ArgGroup should not add negated option twice. Thanks to Robin Fritz for raising this.
  • #2309 Bugfix: Duplicate help output for ArgGroup from a Mixin. Thanks to s-falke for raising this. Thanks to Simon Gamma for providing a pull request for this.
  • #2341 Bugfix: Options get doubled in non validating ArgGroup when used in Mixin. Thanks to Selene Feigl for raising this.
  • #2349 Bugfix: Incorrect results when using ArgGroup + defaultValue + split + List/Set. Thanks to Mithun Josalyn Gonsalvez for raising this.
  • #2292 Bugfix: DuplicateOptionAnnotationsException on using negatable option in ArgGroup. Thanks to Bhavik Patel for raising this.
  • #2380 Bugfix: boolean with arity=0 and defaultValue=false behaved unexpectedly. Thanks to Leonard Brünings for raising this.
  • #2290 DOC: User guide, CDI 2.0 (JSR 365) section: fix example and add warning about dynamic proxies. Thanks to Mert Zeybekler for the pull request.
  • #2347 DOC: Fix line-endings in generated asciidoc HTML. Thanks to Fridrich Štrba for the pull request.
  • #2367 DOC: Fix broken link. Thanks to yeoleobun for the pull request.
  • #2370 DOC: Add at least a link to how to use the CodeGen APT under Bazel. Thanks to Michael Vorburger for the pull request.
  • #2302 DEP: Bump actions/checkout from 4.1.4 to 4.1.7
  • #2391 DEP: Bump actions/checkout from 4.1.7 to 4.2.2
  • #2388 DEP: Bump actions/setup-java from 4.2.1 to 4.7.1

... (truncated)

Changelog

Sourced from info.picocli:picocli's changelog.

Picocli 4.7.7

The picocli community is pleased to announce picocli 4.7.7.

This release includes bugfixes and enhancements.

Many thanks to the picocli community for raising these issues and providing the pull requests to address them!

This is the eighty-sixth public release. Picocli follows semantic versioning. Artifacts in this release are signed by Remko Popma (6601 E5C0 8DCC BB96).

Table of Contents

  • New and noteworthy
  • Fixed issues
  • Deprecations
  • Potential breaking changes

New and Noteworthy

This release fixes a problem that was introduced in the previous release (4.7.6), where using an ArgGroup in a Mixin would result in options being added twice, or DuplicateOptionAnnotationsException.

The built-in picocli.CommandLine.HelpCommand subcommand now implements Callable<Integer> and returns the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested.

From this release, if a command implements both Callable and Runnable, then the default execution strategy will invoke the call method instead of the run method.

Fixed issues

  • #2353 Enhancement: picocli.shell.jline3.PicocliCommands::invoke now returns ParseResult instead of null. Thanks to Paul for raising this.
  • #2336 Enhancement: Avoid syntax error in auto-completion script for invalid option names and paramLabel values starting with a digit. Thanks to Ruud Senden and Tobias Knerr for raising this.
  • #2281 Enhancement: Variable interpolation should work for ArgGroup.heading attribute. Thanks to Marc Philipp for raising this.
  • #2355 Bugfix: The built-in help subcommand should return the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested. Thanks to marco-brandizi for raising this.
  • #2335 Bugfix: Module info missing in all jars except the main picocli jar file. Thanks to Oliver B. Fischer for raising this.
  • #2331 Bugfix: AutoComplete with jline3 was showing hidden commands. Thanks to clebertsuconic for raising this.
  • #2291 Bugfix: NullPointerException when using PropertiesDefaultProvider. Thanks to JessHolle for raising this.
  • #2344 Bugfix: negatable=true option in an ArgGroup should not add negated option twice. Thanks to Robin Fritz for raising this.
  • #2309 Bugfix: Duplicate help output for ArgGroup from a Mixin. Thanks to s-falke for raising this. Thanks to Simon Gamma for providing a pull request for this.
  • #2341 Bugfix: Options get doubled in non validating ArgGroup when used in Mixin. Thanks to Selene Feigl for raising this.
  • #2349 Bugfix: Incorrect results when using ArgGroup + defaultValue + split + List/Set. Thanks to Mithun Josalyn Gonsalvez for raising this.
  • #2292 Bugfix: DuplicateOptionAnnotationsException on using negatable option in ArgGroup. Thanks to Bhavik Patel for raising this.
  • #2380 Bugfix: boolean with arity=0 and defaultValue=false behaved unexpectedly. Thanks to Leonard Brünings for raising this.
  • #2290 DOC: User guide, CDI 2.0 (JSR 365) section: fix example and add warning about dynamic proxies. Thanks to Mert Zeybekler for the pull request.
  • #2347 DOC: Fix line-endings in generated asciidoc HTML. Thanks to Fridrich Štrba for the pull request.
  • #2367 DOC: Fix broken link. Thanks to yeoleobun for the pull request.
  • #2370 DOC: Add at least a link to how to use the CodeGen APT under Bazel. Thanks to Michael Vorburger for the pull request.
  • #2302 DEP: Bump actions/checkout from 4.1.4 to 4.1.7
  • #2391 DEP: Bump actions/checkout from 4.1.7 to 4.2.2
  • #2388 DEP: Bump actions/setup-java from 4.2.1 to 4.7.1
  • #2390 DEP: Bump actions/upload-artifact from 4.3.3 to 4.6.2

... (truncated)

Commits
  • 5fcd441 BUILD: use JReleaser for publishing to Maven Central
  • 7f14deb Release picocli version 4.7.7
  • feae94e Bump net.ltgt.gradle:gradle-errorprone-plugin from 4.1.0 to 4.2.0
  • cacb0e7 Bump org.jetbrains.kotlin:kotlin-script-runtime from 2.0.0 to 2.1.20
  • 44de141 Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 2.0.0 to 2.1.20
  • 8440061 Bump jakarta.validation:jakarta.validation-api from 3.1.0 to 3.1.1
  • f5b9590 Bump org.jline:jline from 3.26.1 to 3.29.0
  • 9d94fa6 DOC update RELEASE-NOTES for dependency updates
  • 5bfb673 Revert "Bump org.hamcrest:hamcrest-core from 2.2 to 3.0"
  • 1afa344 Bump org.hibernate.validator:hibernate-validator
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the safe-patch-updates group with 5 updates
2d73066 
Bumps the safe-patch-updates group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.4` | `3.5.6` |
| [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) | `3.6.1` | `3.6.2` |
| [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) | `4.0.2` | `4.0.5` |
| org.glassfish.jaxb:jaxb-runtime | `4.0.5` | `4.0.9` |
| [info.picocli:picocli](https://github.com/remkop/picocli) | `4.7.4` | `4.7.7` |


Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.4 to 3.5.6
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.4...surefire-3.5.6)

Updates `org.apache.maven.plugins:maven-shade-plugin` from 3.6.1 to 3.6.2
- [Release notes](https://github.com/apache/maven-shade-plugin/releases)
- [Commits](apache/maven-shade-plugin@maven-shade-plugin-3.6.1...maven-shade-plugin-3.6.2)

Updates `jakarta.xml.bind:jakarta.xml.bind-api` from 4.0.2 to 4.0.5
- [Release notes](https://github.com/jakartaee/jaxb-api/releases)
- [Commits](jakartaee/jaxb-api@4.0.2...4.0.5)

Updates `org.glassfish.jaxb:jaxb-runtime` from 4.0.5 to 4.0.9

Updates `info.picocli:picocli` from 4.7.4 to 4.7.7
- [Release notes](https://github.com/remkop/picocli/releases)
- [Changelog](https://github.com/remkop/picocli/blob/main/RELEASE-NOTES.md)
- [Commits](remkop/picocli@v4.7.4...v4.7.7)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: safe-patch-updates
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
  dependency-version: 3.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: safe-patch-updates
- dependency-name: jakarta.xml.bind:jakarta.xml.bind-api
  dependency-version: 4.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: safe-patch-updates
- dependency-name: org.glassfish.jaxb:jaxb-runtime
  dependency-version: 4.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: safe-patch-updates
- dependency-name: info.picocli:picocli
  dependency-version: 4.7.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: safe-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jun 2, 2026
@khalilmalla95 khalilmalla95 merged commit 270a883 into develop Jun 2, 2026
12 checks passed
@dependabot dependabot Bot deleted the dependabot/maven/develop/safe-patch-updates-6e4463ee5d branch June 2, 2026 13:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@khalilmalla95 khalilmalla95 khalilmalla95 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@khalilmalla95