chore(deps): bump the maven-version-updates group across 1 directory with 6 updates

[dependabot]

Bumps the maven-version-updates group with 6 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	3.4.0	4.0.0
com.github.spotbugs:spotbugs-annotations	4.8.3	4.9.8
com.github.spotbugs:spotbugs-maven-plugin	4.9.3.2	4.9.8.2
com.diffplug.spotless:spotless-maven-plugin	2.46.0	3.1.0
org.apache.maven.plugins:maven-surefire-plugin	3.5.3	3.5.4
org.jacoco:jacoco-maven-plugin	0.8.13	0.8.14

Updates org.springframework.boot:spring-boot-starter-parent from 3.4.0 to 4.0.0

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.0.0

Full release notes for Spring Boot 4.0 are available on the wiki. There is also a migration guide to help you upgrade from Spring Boot 3.5.

⭐ New Features

• Change tomcat and jetty runtime modules to starters #48175
• Rename spring-boot-kotlin-serialization to align with the name of the Kotlinx module that it pulls in #48076

🐞 Bug Fixes

• Error properties are a general web concern and should not be located beneath server.* #48201
• With both Jackson 2 and 3 on the classpath, @JsonTest fails due to duplicate jacksonTesterFactoryBean #48198
• Gradle war task does not exclude starter POMs from lib-provided #48197
• spring.test.webclient.mockrestserviceserver.enabled is not aligned with its module's name #48193
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48182
• Properties bound in the child management context ignore the parent's environment prefix #48177
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48171
• Starter for spring-boot-micrometer-metrics is missing #48161
• Elasticsearch client's sniffer functionality should not be enabled by default #48155
• spring-boot-starter-elasticsearch should depend on elasticsearch-java #48141
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48132
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48128
• Properties for configuring an isolated JsonMapper or ObjectMapper are incorrectly named #48116
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48103
• Image building may fail when specifying a platform if an image has already been built with a different platform #48099
• Default values of Kotlinx Serialization JSON configuration properties are not documented #48097
• Custom XML converters should override defaults in HttpMessageConverters #48096
• Kotlin serialization is used too aggressively when other JSON libraries are available #48070
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48059
• Auto-configured JCacheMetrics cannot be customized #48057
• WebSecurityCustomizer beans are excluded by WebMvcTest #48055
• Deprecated EnvironmentPostProcessor does not resolve arguments #48047
• RetryPolicySettings should refer to maxRetries, not maxAttempts #48023
• Devtools Restarter does not work with a parameterless main method #47996
• Dependency management for Kafka should not manage Scala 2.12 libraries #47991
• spring-boot-mail should depend on jakarta.mail:jakarta.mail-api and org.eclipse.angus:angus-mail instead of org.eclipse.angus:jakarta.mail #47983
• spring-boot-starter-data-mongodb-reactive has dependency on reactor-test #47982
• Support for ReactiveElasticsearchClient is in the wrong module #47848

📔 Documentation

• Removed property spring.test.webclient.register-rest-template is still documented #48199
• Mention support for detecting AWS ECS in "Deploying to the Cloud" #48170
• Revise AWS section of "Deploying to the Cloud" in reference manual #48163
• Fix typo in PortInUseException Javadoc #48134
• Correct section about required setters in "Type-safe Configuration Properties" #48131
• Use since attribute in configuration properties deprecation consistently #48122
• Document EndpointJsonMapper and management.endpoints.jackson.isolated-json-mapper #48115
• Document support for configuring servlet context init parameters using properties #48112
• Some configuration properties are not documented in the appendix #48095

... (truncated)

Commits

• 1c0e08b Release v4.0.0
• 3487928 Merge branch '3.5.x'
• 29b8e96 Switch make-default in preparation for Spring Boot 4.0.0
• 88da0dd Merge branch '3.5.x'
• 56feeaa Next development version (v3.5.9-SNAPSHOT)
• 3becdc7 Move server.error properties to spring.web.error
• 2b30632 Merge branch '3.5.x'
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• dc140df Upgrade to Spring Framework 7.0.1
• Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-annotations from 4.8.3 to 4.9.8

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

4.9.8

SpotBugs 4.9.8

CHANGELOG

Fixed

• Maven plugin reporting issue if -adjustPriority is not set (#3774)

CHECKSUM

file	checksum (sha256)
spotbugs-4.9.8-javadoc.jar	06fb742e3170087983c5855d7d8d846d7cdab9badfdf4b3564b424deb1dc0b28
spotbugs-4.9.8-sources.jar	cbee8358dd239e81fdcf37c32d1e6bedf148d25638b0c8d1b687d97c3061ecd9
spotbugs-4.9.8.tgz	2eb8e0f2b223c22ffa2ce0c1cf1be4127dde19d240b8f7ce69a5fd3ad5c36ff3
spotbugs-4.9.8.zip	e13d476403cf69074f415e35ebcc2f865f7a1ea444c1e659516bc0260e74dfa5
spotbugs-annotations-4.9.8-javadoc.jar	aecf15bb27a4d067e9b5a1c85b5d3aeefc5026a66e93040995804662e285d679
spotbugs-annotations-4.9.8-sources.jar	075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44
spotbugs-annotations.jar	6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
spotbugs-ant-4.9.8-javadoc.jar	025b2fb90e089dab1875068397736003bbf9e66bcac287ecb9e512dd0d387748
spotbugs-ant-4.9.8-sources.jar	91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6
spotbugs-ant.jar	22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784
spotbugs.jar	4469bc080afe7cd2290a20bf63e28392b80abcc7c7ace33c8f55da52a17c7ca5
test-harness-4.9.8-javadoc.jar	81677f77441af941613c99a4f04b3cb2f6b1950be589afdec03905d8e2917824
test-harness-4.9.8-sources.jar	805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.9.8.jar	0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189
test-harness-core-4.9.8-javadoc.jar	e3e64a5fd96be16eec8b832e87da703e5eae910b3abd7bda9ff81a10363e5c7f
test-harness-core-4.9.8-sources.jar	043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532
test-harness-core-4.9.8.jar	4e439df3b499660d91a659d7c523fcdc4945c932dfc7fee68e796193f9dff6bb
test-harness-jupiter-4.9.8-javadoc.jar	ae8ddee06796757be0526af1adf5969fbc149c0cf83542e6641405e69a044496
test-harness-jupiter-4.9.8-sources.jar	17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced
test-harness-jupiter-4.9.8.jar	9e1bc39da08c6c80091f34f1fd92ec092109d0cdfd8009910bc22772df06eea7

4.9.7

SpotBugs 4.9.7

CHANGELOG

Fixed

• Fix Eclipse not always using latest preferences file state (#3740)
• Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
• Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
• Documentation of -adjustPriority parameter
• Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
• Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

• Support for fully qualified class names for detectors in -adjustPriority parameter
• Support for numerical and absolute priority adjustments
• Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

• Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.9.8 - 2025-10-18

Fixed

• Maven plugin reporting issue if -adjustPriority is not set (#3774)

4.9.7 - 2025-10-14

Fixed

• Fix Eclipse not always using latest preferences file state (#3740)
• Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
• Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
• Documentation of -adjustPriority parameter
• Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
• Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

• Support for fully qualified class names for detectors in -adjustPriority parameter
• Support for numerical and absolute priority adjustments
• Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

• Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

Build

• Allow our GA builds to work with JDK 25 (and drop support for JDK 24) (#3564)

4.9.6 - 2025-09-16

Fixed

• Fix exception throw when analyzing jakarta.servlet.http.HttpServletRequest method calls (#3711)

4.9.5 - 2025-09-14

Fixed

• Fix for an error when a record method has the @SuppressFBWarnings annotation (#3622)
• Fix SF_SWITCH_FALLTHROUGH false positive when continuing a loop (#3617)
• CWO_CLOSED_WITHOUT_OPENED false positive (#3616)
• SF_SWITCH_NO_DEFAULT false positive fix for switch-arrow (#3645)
• Fix the issue with BCEL logging Duplicating value: ... (#3621)
• Add missing jakarta support for servlets / pre/post destroy (#3694)

Added

• Add 'java.nio.file.Path.of' to known types for path traversal checks (#3699)

Cleanup

• S1481: Unused local variables should be removed (#3654)
• Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotation (#3695)

4.9.4 - 2025-08-07

Changed

• AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.
• Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354).
• Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485)

... (truncated)

Commits

• c1fa7f2 release v4.9.8
• 023f8dd fix(deps): update dependency org.apache.groovy:groovy-all to v5.0.2 (#3782)
• 423f1d1 Unconditional while loops no raising IL_INFINITE_LOOP (#3537)
• 9125bee Fix priority adjustment code
• 183da6c fix(deps): update dependency org.springframework:spring-core to v6.2.12 (#3779)
• a499f2e chore(deps): update dependency com.diffplug.gradle:goomph to v4.4.1 (#3776)
• b339bc1 Unconditionally initialize PriorityAdjuster for AbstractBugReporter
• 96891fe chore(deps): update plugin com.github.spotbugs to v6.4.3 (#3773)
• a3667d7 chore(docs): Updated supported versions
• 333a96a prepare for next release
• Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-maven-plugin from 4.9.3.2 to 4.9.8.2

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.9.8.2

• Fixed generate site reports to include all site variations, thanks to @​bradleylarrick
• Add support for source jar/zip, thanks to @​cortlepp

Spotbugs Maven Plugin 4.9.8.1

Bug fix with SpotbugsInfo.EOF error (was meant to be SpotbugsInfo.EOL).

Spotbugs Maven Plugin 4.9.8.0

Bug fix release supporting spotbugs 4.9.8.

Spotbugs Maven Plugin 4.9.7.0

• Supports 4.9.7 of spotbugs
• Build updates
• Fixes spotbugs/spotbugs-maven-plugin#1215

Spotbugs Maven Plugin 4.9.6.0

• Supports spotbugs 4.9.6
• note: 4.9.5 had a defect with detection of jakarta in servlets that was unexpected and quickly patched for this release.

Spotbugs Maven Plugin 4.9.5.0

• Support spotbugs 4.9.5

Spotbugs Maven Plugin 4.9.4.2

Consumer

• Add support for 'chooseVisitors'
• Minor code cleanup
• Still supports spotbugs 4.9.4

Producer

• Remove add opens from jvm.config as no longer needed

Spotbugs Maven Plugin 4.9.4.1

Consumer

• Cleanup readme to better support plugin
• Dropped direct usage of plexus utils and commons io
• Groovy 5 now run engine
• Correct issue since 4.9.2.0 resulting in most runs getting spotbugs.html file incorrectly. This has been refactored to restore doxia 1 overrides to produce xml report only when not running in site lifecycle
• Correct defects with handling of various files on disk such as exclusion filters that were introduced into 4.9.4.0. Integration tests have been applied to prevent future regression.
• Commons io fileutils replaced by files.walk with detailed output moved to debug collection only rather than all runs
• Normalization of path to linux style
• Any regex usage is now precompiled
• Use re-entrant lock for source indexer
• Correct locale usage to use default if not given
• Block doctype and XXE when processing xml files
• Cleanup some fields from resources and in code never used

Producer

• Pin versions of github actions tools
• Run maven 3.6.3 integration test on windows to get more broad support
• Run maven integration test on mac to get more broad support

... (truncated)

Commits

• a03feda [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.8.2
• 1c8063d [gha] Update actions
• f59d628 Merge pull request #1265 from spotbugs/renovate/actions-checkout-6.x
• 1c232fb chore(deps): update actions/checkout action to v6
• 436be13 Merge pull request #1263 from spotbugs/renovate/actions-checkout-digest
• 0708203 Merge pull request #1264 from spotbugs/renovate/github-codeql-action-digest
• fcd2d1b chore(deps): update github/codeql-action digest to e12f017
• 7c54b5b chore(deps): update actions/checkout digest to 93cb6ef
• 79d724e Merge pull request #1262 from spotbugs/renovate/lang3.version
• b9bbed3 fix(deps): update dependency org.apache.commons:commons-lang3 to v3.20.0
• Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 2.46.0 to 3.1.0

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Lib v3.1.0

Added

• Support forclang-format on maven-plugin (#2406)
• Allow overriding classLoader for all JarStates to enable spotless-cli (#2427)

Maven Plugin v3.1.0

Changes

• Bump default ktfmt version to latest 0.58 -> 0.59. (#2681
• Bump default jackson version to latest 2.20.0 -> 2.20.1. (#2730)
• Bump default cleanthat version to latest 2.23 -> 2.24. (#2620)
• POTENTIALLY BREAKING Removed support for ktlint versions below 1.0. (#2711)

Fixed

• Use absolute path in the git pre push hook
• palantirJavaFormat is no longer arbitrarily set to outdated versions on Java 17, latest available version is always used (#2686 fixes #2685)

Added

• <forbidModuleImports> API for java (#2679)

Lib v3.0.2

Fixed

• Node.JS-based tasks now work with the configuration cache (#2372)
• Eclipse-based tasks can now handle parallel configuration (#2389)

Lib v3.0.1

Fixed

• Deployment was missing part of the CDT formatter, now fixed. (#2384)

Lib v3.0.0

Headline changes

• All steps now support roundtrip serialization (end of #987).
• Spotless now supports linting in addition to formatting.

Changed

• Allow setting Eclipse config from a string, not only from files (#2337)
• Bump default ktlint version to latest 1.3.0 -> 1.4.0. (#2314)
• Add Sort Members feature based on Eclipse JDT implementation. (#2312)
• Bump default jackson version to latest 2.18.0 -> 2.18.1. (#2319)
• Bump default ktfmt version to latest 0.52 -> 0.53. (#2320)
• Bump default ktlint version to latest 1.4.0 -> 1.5.0. (#2354)
• Bump minimum eclipse-cdt version to 11.0 (removed support for 10.7). (#2373)
• Bump default eclipse version to latest 4.32 -> 4.34. (#2381)

Fixed

• You can now use removeUnusedImports and googleJavaFormat at the same time again. (fixes #2159)
• The default list of type annotations used by formatAnnotations now includes Jakarta Validation's Valid and constraints validations (fixes #2334)

Maven Plugin v3.0.0

Changes

• BREAKING Bump the required Java to 17. (#2375, #2540)
• BREAKING Renamed removeWildcardImports to forbidWildcardImports. (#2633)
• BREAKING spotless:install-git-pre-push-hook task is now always installed in the root .git/hooks directory by resolving the top-level project base directory. (#2570)
• Bump JGit from 6.10.1 to 7.3.0 (#2257)

... (truncated)

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

[3.1.0] - 2025-02-20

Added

• Support forclang-format on maven-plugin (#2406)
• Allow overriding classLoader for all JarStates to enable spotless-cli (#2427)

[3.0.2] - 2025-01-14

Fixed

• Node.JS-based tasks now work with the configuration cache (#2372)
• Eclipse-based tasks can now handle parallel configuration (#2389)

[3.0.1] - 2025-01-07

Fixed

• Deployment was missing part of the CDT formatter, now fixed. (#2384)

[3.0.0] - 2025-01-06

Headline changes

• All steps now support roundtrip serialization (end of #987).
• Spotless now supports linting in addition to formatting.

Changed

• Allow setting Eclipse config from a string, not only from files (#2337)
• Bump default ktlint version to latest 1.3.0 -> 1.4.0. (#2314)
• Add Sort Members feature based on Eclipse JDT implementation. (#2312)
• Bump default jackson version to latest 2.18.0 -> 2.18.1. (#2319)
• Bump default ktfmt version to latest 0.52 -> 0.53. (#2320)
• Bump default ktlint version to latest 1.4.0 -> 1.5.0. (#2354)
• Bump minimum eclipse-cdt version to 11.0 (removed support for 10.7). (#2373)
• Bump default eclipse version to latest 4.32 -> 4.34. (#2381)

Fixed

• You can now use removeUnusedImports and googleJavaFormat at the same time again. (fixes #2159)
• The default list of type annotations used by formatAnnotations now includes Jakarta Validation's Valid and constraints validations (fixes #2334)

[3.0.0.BETA4] - 2024-10-24

Added

• APIs to support linting. (implemented in #2148, #2149, #2307)
  • Spotless is still primarily a formatter, not a linter. But when formatting fails, it's more flexible to model those failures as lints so that the formatting can continue and ideally we can also capture the line numbers causing the failure.
  • Lint models a single change. A FormatterStep can create a lint by:
    • throwing an exception during formatting, ideally throw Lint.atLine(127, "code", "Well what happened was...")
    • or by implementing the List<Lint> lint(String content, File file) method to create multiple of them
• Support for line ending policy PRESERVE which just takes the first line ending of every given file as setting (no matter if \n, \r\n or \r) (#2304)

Changed

• BREAKING Moved PaddedCell.DirtyState to its own top-level class with new methods. (#2148)
  • BREAKING Removed isClean, applyTo, and applyToAndReturnResultIfDirty from Formatter because users should instead use DirtyState.
• FenceStep now uses ConfigurationCacheHack. (#2378 fixes #2317)

Fixed

• ktlint steps now read from the string instead of the file so they don't clobber earlier steps. (fixes #1599)

[3.0.0.BETA3] - 2024-10-15

Added

... (truncated)

Commits

• 62eff17 Published lib/3.1.0
• d88a76e feat: allow overriding JarSate classloader (to enable cli) (#2427)
• 06c6ca8 chore: insert created PR#
• 8ee1dfe chore: provide test to make sure overriding classloader works
• 88d3c31 chore: update changelog for reflecting overridable classLoader in JarState
• f519ed3 feat: allow overriding classLoader for jarstate
• a410e9f adopt maven plugin development from gradle x (#2423 closes #2395)
• fd5970c chore(deps): update plugin com.gradle.develocity to v3.19.2 (#2425)
• cdb609e added changelog info in the right place
• d6154e3 added changelog info
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.4

🚀 New features and improvements

• Name the shutdown hook (#3170) @​cstamas
• Implement fail-fast behavior for JUnit Platform provider (#3155) @​marcphilipp
• Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @​marcphilipp

🐛 Bug Fixes

• [SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @​olamy

👻 Maintenance

• feat: enable prevent branch protection rules (#3168) @​sparsick
• Get rid of plexus-annotations (#3163) @​olamy
• Remove maven-changes-plugin (#861) @​sparsick
• Enable GitHub Issues (#831) @​Bukama

📦 Dependency updates

• Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]
• Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]
• Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]
• Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]
• Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]
• Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]
• Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]
• Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]
• Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]
• Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

Commits

• 88513d8 [maven-release-plugin] prepare release surefire-3.5.4
• 9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
• 74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
• 6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
• 9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
• fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
• 1e63159 Name the shutdown hook (#3170)
• 76e806a feat: enable prevent branch protection rules (#3168)
• 0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
• 98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
• Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.14

New Features

• JaCoCo now officially supports Java 25 (GitHub #1950).
• Experimental support for Java 26 class files (GitHub #1870).
• Branches added by the Kotlin compiler for default argument number 33 or higher are filtered out during generation of report (GitHub #1655).
• Part of bytecode generated by the Kotlin compiler for elvis operator that follows safe call operator is filtered out during generation of report (GitHub #1814, #1954).
• Part of bytecode generated by the Kotlin compiler for more cases of chained safe call operators is filtered out during generation of report (GitHub #1956).
• Part of bytecode generated by the Kotlin compiler for invocations of suspendCoroutineUninterceptedOrReturn intrinsic is filtered out during generation of report (GitHub #1929).
• Part of bytecode generated by the Kotlin compiler for suspending lambdas with parameters is filtered out during generation of report (GitHub #1945).
• Part of bytecode generated by the Kotlin compiler for suspending functions and lambdas with suspension points that return inline value class is filtered out during generation of report (GitHub #1871).
• Part of bytecode generated by the Kotlin Compose compiler plugin for pausable composition is filtered out during generation of report (GitHub #1911).
• Methods generated by the Kotlin serialization compiler plugin are filtered out (GitHub #1885, #1970, #1971).

Fixed bugs

• Fixed handling of implicit else clause of when with String subject in Kotlin (GitHub #1813, #1940).
• Fixed handling of implicit default clause of switch by String in Java when compiled by ECJ (GitHub #1813, #1940). Fixed handling of exceptions in chains of safe call operators in Kotlin (GitHub #1819).

Non-functional Changes

• JaCoCo now depends on ASM 9.9 (GitHub #1965).

Commits

• 2eb2483 Prepare release v0.8.14
• de76181 KotlinSerializableFilter should filter more methods (#1971)
• 89c4bd5 Fix NPE in KotlinSerializableFilter (#1970)
• 0981128 Migrate release staging to the Central Publisher Portal (#1968)
• d07bc6b Add filter for bytecode generated by Kotlin serialization compiler plugin (#1...
• 5e35fd5 Upgrade maven-dependency-plugin to 3.9.0 (#1966)
• c2fe5cc Upgrade ASM to 9.9 (#1965)
• b0f8e23 KotlinSafeCallOperatorFilter should filter "unoptimized" safe call followed b...
• c7bd3f4 Upgrade spotless-maven-plugin to 3.0.0 (#1961)
• faa289d KotlinSafeCallOperatorFilter should not be affected by presence of pseudo ins...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions