Bump the standard-plugins group across 1 directory with 5 updates #59

dependabot · 2025-09-16T20:12:06Z

Bumps the standard-plugins group with 5 updates in the / directory:

Package	From	To
org.codehaus.mojo:flatten-maven-plugin	`1.7.0`	`1.7.2`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.3`	`3.5.4`
org.apache.maven.plugins:maven-failsafe-plugin	`3.5.3`	`3.5.4`
org.apache.maven.plugins:maven-javadoc-plugin	`3.11.2`	`3.11.3`
org.apache.maven.plugins:maven-gpg-plugin	`3.2.7`	`3.2.8`

Updates org.codehaus.mojo:flatten-maven-plugin from 1.7.0 to 1.7.2

Release notes

Sourced from org.codehaus.mojo:flatten-maven-plugin's releases.

1.7.2

🐛 Bug Fixes

Create missing target directories, use NIO for file block operations (#471) @slawekjaranowski

📝 Documentation updates

Clarify example in usage about updatePomFile behavior (#477) @slawekjaranowski

👻 Maintenance

Add stale GitHub Action (#476) @slawekjaranowski

Add Maven 4 to build matrix on GitHub Actions (#474) @slawekjaranowski

Improve assertions in no-overwrite tests (#475) @slawekjaranowski

Add a missing plugin version in ITS (#473) @slawekjaranowski

Add integration test for install and deploy flattened pom (#472) @slawekjaranowski

📦 Dependency updates

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#470) @dependabot[bot]

Bump mavenVersion from 3.9.10 to 3.9.11 (#467) @dependabot[bot]

Bump com.fasterxml.jackson.core:jackson-core from 2.3.3 to 2.15.0 in /src/it/projects/bom-flattenMode/bom (#464) @dependabot[bot]

Bump com.fasterxml.jackson.core:jackson-core from 2.13.0 to 2.15.0 in /src/it/projects/bom-pomElements/bom (#463) @dependabot[bot]

1.7.1

🐛 Bug Fixes

Fix #400 - Preserve POM content ordering (and formatting) on resolveCiFriendliesOnly flattenMode (#446) @stechio

Fix FilteringValueSourceWrapper for a newer version of plexus-interpolation, Maven 3.9.10 (#453) @slawekjaranowski

📝 Documentation updates

Use resolveCiFriendliesOnly in examples instead of minimum for flattenMode (#460) @slawekjaranowski

Remove a dead link to MOJO-2030 from documentation (#459) @slawekjaranowski

Rename 'Goals' to 'Plugin Documentation' in site manu (#456) @slawekjaranowski

👻 Maintenance

Fix typo in License name (#458) @slawekjaranowski

Use constant 3.6.3 in prerequisites/maven as minimal Maven version (#457) @slawekjaranowski

📦 Dependency updates

Bump mavenVersion from 3.6.3 to 3.9.10 (#455) @dependabot[bot]

Bump com.fasterxml.jackson.core:jackson-core from 2.3.3 to 2.13.0 in /src/it/projects/bom-pomElements/bom (#450) @dependabot[bot]

Bump org.codehaus.mojo:mojo-parent from 87 to 92 (#454) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#443) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#444) @dependabot[bot]

Commits

9d80041 [maven-release-plugin] prepare release 1.7.2
6c62863 Clarify example in usage about updatePomFile behavior
fc35f4c Add stale GitHub Action
0fb1ea0 Add Maven 4 to build matrix on GitHub Actions (#474)
35e0e0c Improve assertions in no-overwrite tests
e193a20 Add a missing plugin version in ITS
87009a4 Add integration test for install and deploy flattened pom
e02117c Create missing target directories, use NIO for file block operations
f9289bf Bump commons-io:commons-io from 2.19.0 to 2.20.0
227ae5e Bump mavenVersion from 3.9.10 to 3.9.11
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.4

🚀 New features and improvements

Name the shutdown hook (#3170) @cstamas

Implement fail-fast behavior for JUnit Platform provider (#3155) @marcphilipp

Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @marcphilipp

🐛 Bug Fixes

[SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @olamy

👻 Maintenance

feat: enable prevent branch protection rules (#3168) @sparsick

Get rid of plexus-annotations (#3163) @olamy

Remove maven-changes-plugin (#861) @sparsick

Enable GitHub Issues (#831) @Bukama

📦 Dependency updates

Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]

Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]

Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]

Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

Commits

88513d8 [maven-release-plugin] prepare release surefire-3.5.4
9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
1e63159 Name the shutdown hook (#3170)
76e806a feat: enable prevent branch protection rules (#3168)
0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.3 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.4

🚀 New features and improvements

Name the shutdown hook (#3170) @cstamas

Implement fail-fast behavior for JUnit Platform provider (#3155) @marcphilipp

Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @marcphilipp

🐛 Bug Fixes

[SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @olamy

👻 Maintenance

feat: enable prevent branch protection rules (#3168) @sparsick

Get rid of plexus-annotations (#3163) @olamy

Remove maven-changes-plugin (#861) @sparsick

Enable GitHub Issues (#831) @Bukama

📦 Dependency updates

Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]

Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]

Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]

Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

Commits

88513d8 [maven-release-plugin] prepare release surefire-3.5.4
9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
1e63159 Name the shutdown hook (#3170)
76e806a feat: enable prevent branch protection rules (#3168)
0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.11.3

🚨 Removed

Remove workaround for long patched CVE in javadoc (#388) @elharo

🚀 New features and improvements

Issue #369 Support --no-fonts option per default for jdk 23+ (#375) @olamy

🐛 Bug Fixes

Make the legacyMode consistent (Filter out all of the module-info.java files in legacy mode, do not use --source-path in legacy mode) (#1217) @fridrich

[MJAVADOC-826] - Don't try to modify project source roots (#358) @oehme

📝 Documentation updates

Correct javadoc-no-fork description on index-page (#368) @Bukama

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#360) @Bukama

(doc) Close links tag in links parameter javadoc example (#355) @sixcorners

👻 Maintenance

Be consistent about data encoding when copying files (#1215) @fridrich

Clean up JavadocUtilTest (#1210) @elharo

Use Java 7 relativization instead of hand-rolled code (#385) @elharo

Rephrase source code fix interactive messages for clarity (#390) @elharo

Reduce non-debug logging (#389) @elharo

Delete duplicate @throws clause (#384) @elharo

Use Java 7 relativization instead of our hand-rolled code (#381) @elharo

Clean up comments and argument names (#386) @elharo

Remove workaround for long patched CVE in javadoc (#388) @elharo

Issue #378 Cleanup of code related to old non supported Java version (#382) @olamy

Cure deprecation warning (#383) @elharo

[MJAVADOC-773] - deprecate toRelative (#379) @elharo

Issue #373 Fix JDK 23 build (#374) @olamy

Fix aggregate Javadoc typo (#371) @JackPGreen

Enable GH issues (#365) @Bukama

[MJAVADOC-825] - Prefer NullPointerExceptions for null arguments (#350) @elharo

📦 Dependency updates

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#1221) @dependabot[bot]

Bump org.apache.commons:commons-text from 1.13.1 to 1.14.0 (#1222) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.6 to 3.18.0 in /src/it/projects/MJAVADOC-787 (#1227) @dependabot[bot]

Maven Archiver 3.6.4 (#1226) @olamy

Bump org.apache.commons:commons-lang3 from 3.6 to 3.18.0 in /src/it/projects/MJAVADOC-575_source8-module-info (#1224) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#1223) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.6 to 3.18.0 in /src/it/projects/MJAVADOC-506_excl-module-info (#1218) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.3.0 to 1.5.0 (#363) @dependabot[bot]

... (truncated)

Commits

8357bc2 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.3
ab6e97e Bump commons-io:commons-io from 2.19.0 to 2.20.0
83788c1 Bump org.apache.commons:commons-text from 1.13.1 to 1.14.0
99ee1fc Bump org.apache.commons:commons-lang3 in /src/it/projects/MJAVADOC-787
18bfeb8 Maven Archiver 3.6.4 (#1226)
63618bb Bump org.apache.commons:commons-lang3 (#1224)
81afff9 Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#1223)
8bcdebf Add Apache 2.0 LICENSE file (#1220)
2299072 Make the legacyMode consistent and actually useful (#1217)
33c9f01 Be consistent about data encoding when copying files (#1215)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.8

🐛 Bug Fixes

Make empty classifier null (not empty string) (#287) @cstamas

📝 Documentation updates

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#129) @Bukama

Describe how to prime a specific GPG key (#128) @kwin

👻 Maintenance

Enable GitHub issues (#134) @Bukama

Prefer Guice constructor injection (#126) @elharo

📦 Dependency updates

Update parent POM to 45 (#284) @cstamas

Bump bouncycastleVersion from 1.78.1 to 1.80 (#127) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133) @dependabot[bot]

Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125) @dependabot[bot]

Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1 (#131) @dependabot[bot]

Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#124) @dependabot[bot]

Commits

8a46455 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.8
7012821 Fix issueManagement, ciManagement system and url
a9a8c84 Make empty classifier null (not empty string) (#287)
a8368b0 Add .mvn
f0e45e0 Update parent POM to 45 (#284)
cb1236c Bump bouncycastleVersion from 1.78.1 to 1.80 (#127)
5377a10 Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133)
8b63932 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125)
54ea518 Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1
a6a412d Remove old JIRA issue link
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the standard-plugins group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [org.codehaus.mojo:flatten-maven-plugin](https://github.com/mojohaus/flatten-maven-plugin) | `1.7.0` | `1.7.2` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.11.2` | `3.11.3` | | [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) | `3.2.7` | `3.2.8` | Updates `org.codehaus.mojo:flatten-maven-plugin` from 1.7.0 to 1.7.2 - [Release notes](https://github.com/mojohaus/flatten-maven-plugin/releases) - [Commits](mojohaus/flatten-maven-plugin@1.7.0...1.7.2) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.11.2 to 3.11.3 - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.2...maven-javadoc-plugin-3.11.3) Updates `org.apache.maven.plugins:maven-gpg-plugin` from 3.2.7 to 3.2.8 - [Release notes](https://github.com/apache/maven-gpg-plugin/releases) - [Commits](apache/maven-gpg-plugin@maven-gpg-plugin-3.2.7...maven-gpg-plugin-3.2.8) --- updated-dependencies: - dependency-name: org.codehaus.mojo:flatten-maven-plugin dependency-version: 1.7.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: standard-plugins - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: standard-plugins - dependency-name: org.apache.maven.plugins:maven-failsafe-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: standard-plugins - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-version: 3.11.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: standard-plugins - dependency-name: org.apache.maven.plugins:maven-gpg-plugin dependency-version: 3.2.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: standard-plugins ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Sep 16, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the standard-plugins group across 1 directory with 5 updates #59

Bump the standard-plugins group across 1 directory with 5 updates #59

Uh oh!

dependabot bot commented on behalf of github Sep 16, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the standard-plugins group across 1 directory with 5 updates #59

Are you sure you want to change the base?

Bump the standard-plugins group across 1 directory with 5 updates #59

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 16, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

1.7.2

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

1.7.1

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.5.4

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.5.4

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.11.3

🚨 Removed

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.2.8

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Sep 16, 2025 •

edited

Loading