chore(deps-dev): bump the dev-deps group across 1 directory with 5 updates

[dependabot]

Bumps the dev-deps group with 5 updates in the / directory:

Package	From	To
org.apache.maven.plugins:maven-release-plugin	3.1.1	3.3.1
org.jsonschema2pojo:jsonschema2pojo-maven-plugin	1.2.2	1.3.2
org.apache.maven.plugins:maven-source-plugin	3.3.1	3.4.0
org.assertj:assertj-core	3.27.6	3.27.7
org.codehaus.mojo:properties-maven-plugin	1.2.1	1.3.0

Updates org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.3.1

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.3.1

💥 Breaking changes

• Revert inclusion of ci skip in release commit msg (#1445) @​rvesse

🐛 Bug Fixes

• Revert inclusion of ci skip in release commit msg (#1445) @​rvesse

📦 Dependency updates

• Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1444) @dependabot[bot]

3.3.0

💥 Breaking changes

• Include "[ci skip]" by default in scmReleaseCommitComment (#1423) @​kwin

🚀 New features and improvements

• Fixed #1426 : Replace archived org.semver:api with custom SemVer implementation (#1430) @​HarshMehta112
• Introduce new SemVer policies (#1424) @​slawekjaranowski
• Include "[ci skip]" by default in scmReleaseCommitComment (#1423) @​kwin

🐛 Bug Fixes

• Check all project parents for SCM information. (#1421) @​slawekjaranowski

👻 Maintenance

• Fix license header in xml files (#1443) @​slawekjaranowski
• Make implementation of new SemVer policies private for project (#1440) @​slawekjaranowski
• Resolve todo that led to pointless asserts (#1442) @​elharo
• Prefer JDK join method (#1434) @​elharo
• Remove old-style plexus annotation (#1432) @​elharo
• Clean up exceptions (#1433) @​elharo
• Replace deprecated classes (#1438) @​elharo
• Simplify code (#1429) @​elharo
• Fix spelling typo (#1431) @​elharo
• Prefer JDK join method (#1428) @​elharo
• Fixed #1410 [DOCS] Update Javadoc return tags in ReleaseDescriptor.java (#1427) @​HarshMehta112
• Remove manual configuration for plugin requirementsHistories (#1425) @​slawekjaranowski
• Correct misleading @​return descriptions in Javadoc (#1413) @​HarshMehta112
• Migrate JUnit 3/4 to JUnit 5 (#1414) @​slawekjaranowski
• Add tag-template to release-drafter configuration (#1415) @​slawekjaranowski
• Fix assertions and cleanups in Mojo Tests (#1412) @​slawekjaranowski
• Fix Javadoc issues per Oracle conventions (#1408) @​elharo
• Migrate JUnit 3/4 to JUnit 5 (#1411) @​slawekjaranowski

... (truncated)

Commits

• 7e8ebac [maven-release-plugin] prepare release maven-release-3.3.1
• f0f28e5 Revert inclusion of ci skip in release commit msg
• 2a82901 Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1444)
• c8613d2 [maven-release-plugin] prepare for next development iteration
• 2b8adaa [maven-release-plugin] prepare release maven-release-3.3.0
• 88630f9 Fixed #1426 : Replace archived org.semver:api with custom SemVer implemen...
• 7af8ace Fix license header in xml files
• 8914b84 Make implementation of new SemVer policies private for project
• 7e861f0 Resolve todo that led to pointless asserts (#1442)
• 422f895 Prefer JDK join method (#1434)
• Additional commits viewable in compare view

Updates org.jsonschema2pojo:jsonschema2pojo-maven-plugin from 1.2.2 to 1.3.2

Release notes

Sourced from org.jsonschema2pojo:jsonschema2pojo-maven-plugin's releases.

1.3.2

• Could not apply requested plugin error when using version 1.3.1 of Gradle plugin 'org.jsonschema2pojo' (#1769)

1.3.1

• Add plexus-utils dependency, as this is no longer provided in Maven 3.9 (#1751)

1.3.0

• Migrate publishing from legacy OSSRH to Maven Central Portal (#1747)
• Remove Ant task (no longer supported) (#1743)
• Require JDK 17 (#1741)
• Add Jackson 3 annotation support (#1740)
• Prevent StackOverflowError when root is self-referencing (#1679)
• Fix 'AbstractCompile.destinationDir property has been deprecated' error when using Gradle 8 (#1646)
• Fix problems with remote URL (e.g. http) when using Maven Plugin (#1614)
• Fix generics class warning when using generated base builder class (#1587)
• Allow URL(s) as source in jsonschema2pojo-gradle-plugin (#1554)

Changelog

Sourced from org.jsonschema2pojo:jsonschema2pojo-maven-plugin's changelog.

1.3.2

• Could not apply requested plugin error when using version 1.3.1 of Gradle plugin 'org.jsonschema2pojo' (#1769)

1.3.1

• Add plexus-utils dependency, as this is no longer provided in Maven 3.9 (#1751)

1.3.0

• Migrate publishing from legacy OSSRH to Maven Central Portal (#1747)
• Remove Ant task (no longer supported) (#1743)
• Require JDK 17 (#1741)
• Add Jackson 3 annotation support (#1740)
• Prevent StackOverflowError when root is self-referencing (#1679)
• Fix 'AbstractCompile.destinationDir property has been deprecated' error when using Gradle 8 (#1646)
• Fix problems with remote URL (e.g. http) when using Maven Plugin (#1614)
• Fix generics class warning when using generated base builder class (#1587)
• Allow URL(s) as source in jsonschema2pojo-gradle-plugin (#1554)

Commits

• 91a1019 [maven-release-plugin] prepare release jsonschema2pojo-1.3.2
• fc5b3e3 Restore Gradle plugin metadata so that it's included in Maven Central jar
• 7a2842a Remove unused Eclipse Java compiler(we only use the system compiler now)
• 3727c2a Avoid dependency on maven-xml (it will be provided)
• c42d9b6 Merge pull request #1753 from joelittlejohn/dependabot/github_actions/actions...
• 4a12bd1 Bump actions/checkout from 3 to 6
• 11422aa [release] Update CHANGELOG.md for 1.3.1
• 57f9cd6 [release] updating README.md for 1.3.1
• 89b493f [maven-release-plugin] prepare for next development iteration
• a9b17ed [maven-release-plugin] prepare release jsonschema2pojo-1.3.1
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.1 to 3.4.0

Release notes

Sourced from org.apache.maven.plugins:maven-source-plugin's releases.

3.4.0

🐛 Bug Fixes

• [MSOURCES-140] - fail only if re-attach different files (#24) @​hboutemy

👻 Maintenance

• Bump m-invoker-p to 3.9.1 (#251) @​slachiewicz
• Allow to manually execute release drafter (#58) @​slawekjaranowski
• GH Issues (Maven 3 branch) (#57) @​Bukama
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#49) @​Bukama

📦 Dependency updates

• Use plexus-utils version from parent (#252) @​slachiewicz
• Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#247) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (#248) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5 (#241) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3 (#242) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#246) @dependabot[bot]
• Bump mavenVersion from 3.2.5 to 3.9.11 (#221) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#233) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.3 to 3.6.4 (#229) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 41 to 45 (#218) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 3.5.1 to 3.6.0 (#226) @dependabot[bot]
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#222) @dependabot[bot]
• Bump commons-io:commons-io from 2.16.1 to 2.19.0 (#68) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0 (#63) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.3 (#66) @dependabot[bot]
• Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#27) @dependabot[bot]
• [MSOURCES-147] - Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 (#23) @dependabot[bot]
• [MSOURCES-146] - Bump commons-io:commons-io from 2.11.0 to 2.16.0 (#25) @dependabot[bot]
• [MSOURCES-145] - Bump org.apache.maven:maven-archiver from 3.6.1 to 3.6.2 (#26) @dependabot[bot]

Commits

• ecf937a [maven-release-plugin] prepare release maven-source-plugin-3.4.0
• 95b3bf4 Revert "[maven-release-plugin] prepare for next development iteration"
• 7a9a770 [maven-release-plugin] prepare for next development iteration
• 292c1ce Use plexus-utils version from parent
• bf79b71 Bump m-invoker-p to 3.9.1
• 4f3fcb9 Bump commons-io:commons-io from 2.20.0 to 2.21.0
• a867442 Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4
• 51c66ac Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5
• 267df46 Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3
• ef85324 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
• Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.6 to 3.27.7

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.7

🔒 Security

Core

• Fix XXE vulnerability in isXmlEqualTo assertion (CVE-2026-24400)
  • See GHSA-rqfh-9r24-8c9r for details; many thanks to @​wxt201 and @​Song-Li for responsibly reporting it!

🚫 Deprecated

Core

• Deprecate XmlStringPrettyFormatter with no replacement

🐛 Bug Fixes

Guava

• Navigation to assertj-core or guava types from assertj-guava Javadoc site has unnecessary header #3478

🔨 Dependency Upgrades

Core

• Upgrade to Byte Buddy 1.18.3
• Upgrade to JUnit BOM 5.14.1

Guava

• Upgrade to Guava 33.5.0-jre

Commits

• e840716 [maven-release-plugin] prepare release assertj-build-3.27.7
• 85ca7eb Deprecate XmlStringPrettyFormatter
• 77081dc Merge commit from fork
• b68fc24 Bump github/codeql-action from 4.31.9 to 4.31.10 in the github-actions group ...
• 0cf5bb6 Bump kotlin.version from 2.1.0 to 2.2.21
• d393ef1 Abort tests when symbolic links cannot be created (#3788)
• 2212433 Add IntelliJ custom inspection for test class names
• 5717d02 Update JetBrains icon
• a8ec20b Add icon for JetBrains products
• c05fb3d Bump Maven to 3.9.12 and Wrapper to 3.3.4
• Additional commits viewable in compare view

Updates org.codehaus.mojo:properties-maven-plugin from 1.2.1 to 1.3.0

Release notes

Sourced from org.codehaus.mojo:properties-maven-plugin's releases.

1.3.0

🚀 New features and improvements

• Feature Request: add yml properties manager (#134) @​mattmeye
• Include/exclude project properties (#126) @​reda-alaoui

👻 Maintenance

• Use Sisu plugin (#140) @​slachiewicz

🔧 Build

• Bump release-drafter/release-drafter from 5 to 6 (#120) @dependabot[bot]

📦 Dependency updates

• Bump org.codehaus.mojo:mojo-parent from 94 to 95 (#156) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 93 to 94 (#154) @dependabot[bot]
• Bump org.yaml:snakeyaml from 2.4 to 2.5 (#153) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 92 to 93 (#152) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 91 to 92 (#149) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 87 to 91 (#148) @dependabot[bot]
• Require Maven 3.6.3 (#139) @​slachiewicz
• Bump org.yaml:snakeyaml from 2.3 to 2.4 (#138) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 86 to 87 (#137) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 85 to 86 (#132) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2 (#133) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 84 to 85 (#131) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 80 to 84 (#130) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 78 to 80 (#122) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (#125) @dependabot[bot]
• Bump apache/maven-gh-actions-shared from 3 to 4 (#124) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 77 to 78 (#119) @dependabot[bot]

Commits

• 91a2ade [maven-release-plugin] prepare release properties-maven-plugin-1.3.0
• bf56d32 Bump org.codehaus.mojo:mojo-parent from 94 to 95
• 80e20be Bump org.codehaus.mojo:mojo-parent from 93 to 94
• e8ae7a5 Bump org.yaml:snakeyaml from 2.4 to 2.5
• bb39c3d Bump org.codehaus.mojo:mojo-parent from 92 to 93
• b41267b Bump org.codehaus.mojo:mojo-parent from 91 to 92
• bb548c5 Bump org.codehaus.mojo:mojo-parent from 87 to 91
• 3ffa9cb Use Sisu plugin
• 7adbe3b Require Maven 3.6.3
• 407342f Bump org.yaml:snakeyaml from 2.3 to 2.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud