Skip to content

deps(deps): bump picocli.version from 4.7.6 to 4.7.7#93

Closed
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/maven/picocli.version-4.7.7
Closed

deps(deps): bump picocli.version from 4.7.6 to 4.7.7#93
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/maven/picocli.version-4.7.7

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 9, 2026

Bumps picocli.version from 4.7.6 to 4.7.7.
Updates info.picocli:picocli from 4.7.6 to 4.7.7

Release notes

Sourced from info.picocli:picocli's releases.

Picocli 4.7.7

Picocli 4.7.7

The picocli community is pleased to announce picocli 4.7.7.

This release includes bugfixes and enhancements.

Many thanks to the picocli community for raising these issues and providing the pull requests to address them!

This is the eighty-sixth public release. Picocli follows semantic versioning. Artifacts in this release are signed by Remko Popma (6601 E5C0 8DCC BB96).

Table of Contents

  • New and noteworthy
  • Fixed issues
  • Deprecations
  • Potential breaking changes

New and Noteworthy

This release fixes a problem that was introduced in the previous release (4.7.6), where using an ArgGroup in a Mixin would result in options being added twice, or DuplicateOptionAnnotationsException.

The built-in picocli.CommandLine.HelpCommand subcommand now implements Callable<Integer> and returns the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested.

From this release, if a command implements both Callable and Runnable, then the default execution strategy will invoke the call method instead of the run method.

Fixed issues

  • #2353 Enhancement: picocli.shell.jline3.PicocliCommands::invoke now returns ParseResult instead of null. Thanks to Paul for raising this.
  • #2336 Enhancement: Avoid syntax error in auto-completion script for invalid option names and paramLabel values starting with a digit. Thanks to Ruud Senden and Tobias Knerr for raising this.
  • #2281 Enhancement: Variable interpolation should work for ArgGroup.heading attribute. Thanks to Marc Philipp for raising this.
  • #2355 Bugfix: The built-in help subcommand should return the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested. Thanks to marco-brandizi for raising this.
  • #2335 Bugfix: Module info missing in all jars except the main picocli jar file. Thanks to Oliver B. Fischer for raising this.
  • #2331 Bugfix: AutoComplete with jline3 was showing hidden commands. Thanks to clebertsuconic for raising this.
  • #2291 Bugfix: NullPointerException when using PropertiesDefaultProvider. Thanks to JessHolle for raising this.
  • #2344 Bugfix: negatable=true option in an ArgGroup should not add negated option twice. Thanks to Robin Fritz for raising this.
  • #2309 Bugfix: Duplicate help output for ArgGroup from a Mixin. Thanks to s-falke for raising this. Thanks to Simon Gamma for providing a pull request for this.
  • #2341 Bugfix: Options get doubled in non validating ArgGroup when used in Mixin. Thanks to Selene Feigl for raising this.
  • #2349 Bugfix: Incorrect results when using ArgGroup + defaultValue + split + List/Set. Thanks to Mithun Josalyn Gonsalvez for raising this.
  • #2292 Bugfix: DuplicateOptionAnnotationsException on using negatable option in ArgGroup. Thanks to Bhavik Patel for raising this.
  • #2380 Bugfix: boolean with arity=0 and defaultValue=false behaved unexpectedly. Thanks to Leonard Brünings for raising this.
  • #2290 DOC: User guide, CDI 2.0 (JSR 365) section: fix example and add warning about dynamic proxies. Thanks to Mert Zeybekler for the pull request.
  • #2347 DOC: Fix line-endings in generated asciidoc HTML. Thanks to Fridrich Štrba for the pull request.
  • #2367 DOC: Fix broken link. Thanks to yeoleobun for the pull request.
  • #2370 DOC: Add at least a link to how to use the CodeGen APT under Bazel. Thanks to Michael Vorburger for the pull request.
  • #2302 DEP: Bump actions/checkout from 4.1.4 to 4.1.7
  • #2391 DEP: Bump actions/checkout from 4.1.7 to 4.2.2
  • #2388 DEP: Bump actions/setup-java from 4.2.1 to 4.7.1

... (truncated)

Changelog

Sourced from info.picocli:picocli's changelog.

Picocli 4.7.7

The picocli community is pleased to announce picocli 4.7.7.

This release includes bugfixes and enhancements.

Many thanks to the picocli community for raising these issues and providing the pull requests to address them!

This is the eighty-sixth public release. Picocli follows semantic versioning. Artifacts in this release are signed by Remko Popma (6601 E5C0 8DCC BB96).

Table of Contents

  • New and noteworthy
  • Fixed issues
  • Deprecations
  • Potential breaking changes

New and Noteworthy

This release fixes a problem that was introduced in the previous release (4.7.6), where using an ArgGroup in a Mixin would result in options being added twice, or DuplicateOptionAnnotationsException.

The built-in picocli.CommandLine.HelpCommand subcommand now implements Callable<Integer> and returns the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested.

From this release, if a command implements both Callable and Runnable, then the default execution strategy will invoke the call method instead of the run method.

Fixed issues

  • #2353 Enhancement: picocli.shell.jline3.PicocliCommands::invoke now returns ParseResult instead of null. Thanks to Paul for raising this.
  • #2336 Enhancement: Avoid syntax error in auto-completion script for invalid option names and paramLabel values starting with a digit. Thanks to Ruud Senden and Tobias Knerr for raising this.
  • #2281 Enhancement: Variable interpolation should work for ArgGroup.heading attribute. Thanks to Marc Philipp for raising this.
  • #2355 Bugfix: The built-in help subcommand should return the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested. Thanks to marco-brandizi for raising this.
  • #2335 Bugfix: Module info missing in all jars except the main picocli jar file. Thanks to Oliver B. Fischer for raising this.
  • #2331 Bugfix: AutoComplete with jline3 was showing hidden commands. Thanks to clebertsuconic for raising this.
  • #2291 Bugfix: NullPointerException when using PropertiesDefaultProvider. Thanks to JessHolle for raising this.
  • #2344 Bugfix: negatable=true option in an ArgGroup should not add negated option twice. Thanks to Robin Fritz for raising this.
  • #2309 Bugfix: Duplicate help output for ArgGroup from a Mixin. Thanks to s-falke for raising this. Thanks to Simon Gamma for providing a pull request for this.
  • #2341 Bugfix: Options get doubled in non validating ArgGroup when used in Mixin. Thanks to Selene Feigl for raising this.
  • #2349 Bugfix: Incorrect results when using ArgGroup + defaultValue + split + List/Set. Thanks to Mithun Josalyn Gonsalvez for raising this.
  • #2292 Bugfix: DuplicateOptionAnnotationsException on using negatable option in ArgGroup. Thanks to Bhavik Patel for raising this.
  • #2380 Bugfix: boolean with arity=0 and defaultValue=false behaved unexpectedly. Thanks to Leonard Brünings for raising this.
  • #2290 DOC: User guide, CDI 2.0 (JSR 365) section: fix example and add warning about dynamic proxies. Thanks to Mert Zeybekler for the pull request.
  • #2347 DOC: Fix line-endings in generated asciidoc HTML. Thanks to Fridrich Štrba for the pull request.
  • #2367 DOC: Fix broken link. Thanks to yeoleobun for the pull request.
  • #2370 DOC: Add at least a link to how to use the CodeGen APT under Bazel. Thanks to Michael Vorburger for the pull request.
  • #2302 DEP: Bump actions/checkout from 4.1.4 to 4.1.7
  • #2391 DEP: Bump actions/checkout from 4.1.7 to 4.2.2
  • #2388 DEP: Bump actions/setup-java from 4.2.1 to 4.7.1
  • #2390 DEP: Bump actions/upload-artifact from 4.3.3 to 4.6.2

... (truncated)

Commits
  • 5fcd441 BUILD: use JReleaser for publishing to Maven Central
  • 7f14deb Release picocli version 4.7.7
  • feae94e Bump net.ltgt.gradle:gradle-errorprone-plugin from 4.1.0 to 4.2.0
  • cacb0e7 Bump org.jetbrains.kotlin:kotlin-script-runtime from 2.0.0 to 2.1.20
  • 44de141 Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 2.0.0 to 2.1.20
  • 8440061 Bump jakarta.validation:jakarta.validation-api from 3.1.0 to 3.1.1
  • f5b9590 Bump org.jline:jline from 3.26.1 to 3.29.0
  • 9d94fa6 DOC update RELEASE-NOTES for dependency updates
  • 5bfb673 Revert "Bump org.hamcrest:hamcrest-core from 2.2 to 3.0"
  • 1afa344 Bump org.hibernate.validator:hibernate-validator
  • Additional commits viewable in compare view

Updates info.picocli:picocli-codegen from 4.7.6 to 4.7.7

Release notes

Sourced from info.picocli:picocli-codegen's releases.

Picocli 4.7.7

Picocli 4.7.7

The picocli community is pleased to announce picocli 4.7.7.

This release includes bugfixes and enhancements.

Many thanks to the picocli community for raising these issues and providing the pull requests to address them!

This is the eighty-sixth public release. Picocli follows semantic versioning. Artifacts in this release are signed by Remko Popma (6601 E5C0 8DCC BB96).

Table of Contents

  • New and noteworthy
  • Fixed issues
  • Deprecations
  • Potential breaking changes

New and Noteworthy

This release fixes a problem that was introduced in the previous release (4.7.6), where using an ArgGroup in a Mixin would result in options being added twice, or DuplicateOptionAnnotationsException.

The built-in picocli.CommandLine.HelpCommand subcommand now implements Callable<Integer> and returns the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested.

From this release, if a command implements both Callable and Runnable, then the default execution strategy will invoke the call method instead of the run method.

Fixed issues

  • #2353 Enhancement: picocli.shell.jline3.PicocliCommands::invoke now returns ParseResult instead of null. Thanks to Paul for raising this.
  • #2336 Enhancement: Avoid syntax error in auto-completion script for invalid option names and paramLabel values starting with a digit. Thanks to Ruud Senden and Tobias Knerr for raising this.
  • #2281 Enhancement: Variable interpolation should work for ArgGroup.heading attribute. Thanks to Marc Philipp for raising this.
  • #2355 Bugfix: The built-in help subcommand should return the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested. Thanks to marco-brandizi for raising this.
  • #2335 Bugfix: Module info missing in all jars except the main picocli jar file. Thanks to Oliver B. Fischer for raising this.
  • #2331 Bugfix: AutoComplete with jline3 was showing hidden commands. Thanks to clebertsuconic for raising this.
  • #2291 Bugfix: NullPointerException when using PropertiesDefaultProvider. Thanks to JessHolle for raising this.
  • #2344 Bugfix: negatable=true option in an ArgGroup should not add negated option twice. Thanks to Robin Fritz for raising this.
  • #2309 Bugfix: Duplicate help output for ArgGroup from a Mixin. Thanks to s-falke for raising this. Thanks to Simon Gamma for providing a pull request for this.
  • #2341 Bugfix: Options get doubled in non validating ArgGroup when used in Mixin. Thanks to Selene Feigl for raising this.
  • #2349 Bugfix: Incorrect results when using ArgGroup + defaultValue + split + List/Set. Thanks to Mithun Josalyn Gonsalvez for raising this.
  • #2292 Bugfix: DuplicateOptionAnnotationsException on using negatable option in ArgGroup. Thanks to Bhavik Patel for raising this.
  • #2380 Bugfix: boolean with arity=0 and defaultValue=false behaved unexpectedly. Thanks to Leonard Brünings for raising this.
  • #2290 DOC: User guide, CDI 2.0 (JSR 365) section: fix example and add warning about dynamic proxies. Thanks to Mert Zeybekler for the pull request.
  • #2347 DOC: Fix line-endings in generated asciidoc HTML. Thanks to Fridrich Štrba for the pull request.
  • #2367 DOC: Fix broken link. Thanks to yeoleobun for the pull request.
  • #2370 DOC: Add at least a link to how to use the CodeGen APT under Bazel. Thanks to Michael Vorburger for the pull request.
  • #2302 DEP: Bump actions/checkout from 4.1.4 to 4.1.7
  • #2391 DEP: Bump actions/checkout from 4.1.7 to 4.2.2
  • #2388 DEP: Bump actions/setup-java from 4.2.1 to 4.7.1

... (truncated)

Changelog

Sourced from info.picocli:picocli-codegen's changelog.

Picocli 4.7.7

The picocli community is pleased to announce picocli 4.7.7.

This release includes bugfixes and enhancements.

Many thanks to the picocli community for raising these issues and providing the pull requests to address them!

This is the eighty-sixth public release. Picocli follows semantic versioning. Artifacts in this release are signed by Remko Popma (6601 E5C0 8DCC BB96).

Table of Contents

  • New and noteworthy
  • Fixed issues
  • Deprecations
  • Potential breaking changes

New and Noteworthy

This release fixes a problem that was introduced in the previous release (4.7.6), where using an ArgGroup in a Mixin would result in options being added twice, or DuplicateOptionAnnotationsException.

The built-in picocli.CommandLine.HelpCommand subcommand now implements Callable<Integer> and returns the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested.

From this release, if a command implements both Callable and Runnable, then the default execution strategy will invoke the call method instead of the run method.

Fixed issues

  • #2353 Enhancement: picocli.shell.jline3.PicocliCommands::invoke now returns ParseResult instead of null. Thanks to Paul for raising this.
  • #2336 Enhancement: Avoid syntax error in auto-completion script for invalid option names and paramLabel values starting with a digit. Thanks to Ruud Senden and Tobias Knerr for raising this.
  • #2281 Enhancement: Variable interpolation should work for ArgGroup.heading attribute. Thanks to Marc Philipp for raising this.
  • #2355 Bugfix: The built-in help subcommand should return the exit code of the subcommand's exitCodeOnUsageHelp value for the subcommand whose help was requested. Thanks to marco-brandizi for raising this.
  • #2335 Bugfix: Module info missing in all jars except the main picocli jar file. Thanks to Oliver B. Fischer for raising this.
  • #2331 Bugfix: AutoComplete with jline3 was showing hidden commands. Thanks to clebertsuconic for raising this.
  • #2291 Bugfix: NullPointerException when using PropertiesDefaultProvider. Thanks to JessHolle for raising this.
  • #2344 Bugfix: negatable=true option in an ArgGroup should not add negated option twice. Thanks to Robin Fritz for raising this.
  • #2309 Bugfix: Duplicate help output for ArgGroup from a Mixin. Thanks to s-falke for raising this. Thanks to Simon Gamma for providing a pull request for this.
  • #2341 Bugfix: Options get doubled in non validating ArgGroup when used in Mixin. Thanks to Selene Feigl for raising this.
  • #2349 Bugfix: Incorrect results when using ArgGroup + defaultValue + split + List/Set. Thanks to Mithun Josalyn Gonsalvez for raising this.
  • #2292 Bugfix: DuplicateOptionAnnotationsException on using negatable option in ArgGroup. Thanks to Bhavik Patel for raising this.
  • #2380 Bugfix: boolean with arity=0 and defaultValue=false behaved unexpectedly. Thanks to Leonard Brünings for raising this.
  • #2290 DOC: User guide, CDI 2.0 (JSR 365) section: fix example and add warning about dynamic proxies. Thanks to Mert Zeybekler for the pull request.
  • #2347 DOC: Fix line-endings in generated asciidoc HTML. Thanks to Fridrich Štrba for the pull request.
  • #2367 DOC: Fix broken link. Thanks to yeoleobun for the pull request.
  • #2370 DOC: Add at least a link to how to use the CodeGen APT under Bazel. Thanks to Michael Vorburger for the pull request.
  • #2302 DEP: Bump actions/checkout from 4.1.4 to 4.1.7
  • #2391 DEP: Bump actions/checkout from 4.1.7 to 4.2.2
  • #2388 DEP: Bump actions/setup-java from 4.2.1 to 4.7.1
  • #2390 DEP: Bump actions/upload-artifact from 4.3.3 to 4.6.2

... (truncated)

Commits
  • 5fcd441 BUILD: use JReleaser for publishing to Maven Central
  • 7f14deb Release picocli version 4.7.7
  • feae94e Bump net.ltgt.gradle:gradle-errorprone-plugin from 4.1.0 to 4.2.0
  • cacb0e7 Bump org.jetbrains.kotlin:kotlin-script-runtime from 2.0.0 to 2.1.20
  • 44de141 Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 2.0.0 to 2.1.20
  • 8440061 Bump jakarta.validation:jakarta.validation-api from 3.1.0 to 3.1.1
  • f5b9590 Bump org.jline:jline from 3.26.1 to 3.29.0
  • 9d94fa6 DOC update RELEASE-NOTES for dependency updates
  • 5bfb673 Revert "Bump org.hamcrest:hamcrest-core from 2.2 to 3.0"
  • 1afa344 Bump org.hibernate.validator:hibernate-validator
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
deps(deps): bump picocli.version from 4.7.6 to 4.7.7
46e5b67 
Bumps `picocli.version` from 4.7.6 to 4.7.7.

Updates `info.picocli:picocli` from 4.7.6 to 4.7.7
- [Release notes](https://github.com/remkop/picocli/releases)
- [Changelog](https://github.com/remkop/picocli/blob/main/RELEASE-NOTES.md)
- [Commits](remkop/picocli@v4.7.6...v4.7.7)

Updates `info.picocli:picocli-codegen` from 4.7.6 to 4.7.7
- [Release notes](https://github.com/remkop/picocli/releases)
- [Changelog](https://github.com/remkop/picocli/blob/main/RELEASE-NOTES.md)
- [Commits](remkop/picocli@v4.7.6...v4.7.7)

---
updated-dependencies:
- dependency-name: info.picocli:picocli
  dependency-version: 4.7.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: info.picocli:picocli-codegen
  dependency-version: 4.7.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 9, 2026

Labels

The following labels could not be found: dependencies, java. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from a team as a code owner February 9, 2026 05:33
@github-actions
Copy link

github-actions bot commented Feb 9, 2026

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
maven/info.picocli:picocli 4.7.7 🟢 5.9
Details
CheckScoreReason
Code-Review⚠️ 2Found 4/19 approved changesets -- score normalized to 2
Security-Policy🟢 4security policy file detected
Maintained⚠️ 10 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 1
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Vulnerabilities🟢 100 existing vulnerabilities detected
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts🟢 4binaries present in source code
SAST🟢 7SAST tool detected but not run on all commits

Scanned Files

  • pom.xml

@github-actions github-actions bot changed the base branch from main to develop February 9, 2026 05:36
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 10, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/maven/picocli.version-4.7.7 branch February 10, 2026 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Splatcrafter