Bump the gradle-version-updates group across 1 directory with 7 updates by dependabot[bot] · Pull Request #3650 · secureCodeBox/secureCodeBox

dependabot · 2026-05-19T21:18:30Z

Bumps the gradle-version-updates group with 6 updates in the /hooks/persistence-defectdojo/hook directory:

Package	From	To
com.fasterxml.jackson:jackson-bom	`2.21.2`	`2.21.3`
org.junit:junit-bom	`6.0.3`	`6.1.0`
org.slf4j:slf4j-api	`2.0.17`	`2.0.18`
io.freefair.lombok	`9.4.0`	`9.5.0`
org.sonarqube	`7.2.3.7755`	`7.3.0.8198`
gradle-wrapper	`9.4.1`	`9.5.1`

Updates com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3

Commits

374fbd0 [maven-release-plugin] prepare release jackson-bom-2.21.3
7059df7 Prep for 2.21.3 release
2fd60bd Merge branch '2.20' into 2.21
b82a364 Merge branch '2.19' into 2.20
ef4e013 Merge branch '2.18' into 2.19
536ae51 Post-release dep version bump
536c533 [maven-release-plugin] prepare for next development iteration
426b778 [maven-release-plugin] prepare release jackson-bom-2.18.7
a73cda9 Prep for 2.18.7 release
76b4a05 Post-release dep version bump
Additional commits viewable in compare view

Updates org.junit:junit-bom from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

@JarvisCraft made their first contribution in junit-team/junit-framework#5633

@Maran23 made their first contribution in junit-team/junit-framework#5644

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

@mariokhoury4 made their first contribution in junit-team/junit-framework#4574

@Ogu1208 made their first contribution in junit-team/junit-framework#5145

@HyungGeun94 made their first contribution in junit-team/junit-framework#5271

@yalishevant made their first contribution in junit-team/junit-framework#5316

@JINU-CHANG made their first contribution in junit-team/junit-framework#5290

@jaschdoc made their first contribution in junit-team/junit-framework#5427

@kawshikbuet17 made their first contribution in junit-team/junit-framework#5561

@msridhar made their first contribution in junit-team/junit-framework#5602

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

@vy made their first contribution in junit-team/junit-framework#5041

@Pankraz76 made their first contribution in junit-team/junit-framework#5006

@arukiidou made their first contribution in junit-team/junit-framework#5066

@laeubi made their first contribution in junit-team/junit-framework#5092

@jihun4452 made their first contribution in junit-team/junit-framework#5088

@TWiStErRob made their first contribution in junit-team/junit-framework#5133

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

0dc3af1 Release 6.1.0
1d13002 Prepare 6.1.0 release notes
072b217 Update plugin spotless to v8.5.0 (#5668)
3a53480 Update Gradle to v9.5.1 (#5666)
0e18a20 Update zizmorcore/zizmor-action action to v0.5.4 (#5669)
0a2634f Update github/codeql-action action to v4.35.5 (#5671)
4dbd556 Restructure workflows to have single "status" job (#5670)
f2194ce Increase timeout to reduce flakiness
5c8fdd2 Update dependency org.apache.groovy:groovy to v5.0.6 (#5659)
43c6982 Update dependency org.slf4j:slf4j-jdk14 to v2.0.18 (#5667)
Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.17 to 2.0.18

Updates org.slf4j:slf4j-log4j12 from 2.0.17 to 2.0.18

Updates io.freefair.lombok from 9.4.0 to 9.5.0

Release notes

Sourced from io.freefair.lombok's releases.

9.5.0

What's Changed

Bump com.gradle.develocity from 4.4.0 to 4.4.1 by @dependabot[bot] in freefair/gradle-plugins#1750

Bump org.projectlombok:lombok from 1.18.44 to 1.18.46 by @dependabot[bot] in freefair/gradle-plugins#1752

Bump org.apache.maven:maven-core from 3.9.14 to 3.9.15 in /examples by @dependabot[bot] in freefair/gradle-plugins#1746

Bump org.apache.maven:maven-model from 3.9.14 to 3.9.15 in /examples by @dependabot[bot] in freefair/gradle-plugins#1744

Bump io.freefair.settings.plugin-versions from 9.2.0 to 9.4.0 by @dependabot[bot] in freefair/gradle-plugins#1749

Bump org.apache.maven:maven-plugin-api from 3.9.14 to 3.9.15 in /examples by @dependabot[bot] in freefair/gradle-plugins#1751

Bump io.freefair.settings.plugin-versions from 9.2.0 to 9.4.0 in /examples by @dependabot[bot] in freefair/gradle-plugins#1748

fix: Close URLClassLoader in SassCompile to prevent resource leak by @Frisch12 in freefair/gradle-plugins#1725

fix: Separate try/catch for license and user fetch in GithubPomPlugin by @Frisch12 in freefair/gradle-plugins#1753

Bump org.springframework.boot from 4.0.5 to 4.0.6 in /examples by @dependabot[bot] in freefair/gradle-plugins#1757

Bump org.graalvm.buildtools.native from 1.0.0 to 1.1.0 in /examples by @dependabot[bot] in freefair/gradle-plugins#1758

Bump org.springframework.boot:spring-boot-dependencies from 4.0.5 to 4.0.6 in /examples by @dependabot[bot] in freefair/gradle-plugins#1756

fix(delombok): add sourcepath when module-info.java is present by @dtrunk90 in freefair/gradle-plugins#1754

Bump org.springframework.boot:spring-boot-starter from 4.0.5 to 4.0.6 in /examples by @dependabot[bot] in freefair/gradle-plugins#1755

New Contributors

@dtrunk90 made their first contribution in freefair/gradle-plugins#1754

Full Changelog: freefair/gradle-plugins@9.4.0...9.5.0

Commits

f24a7d5 Merge pull request #1755 from freefair/dependabot/gradle/examples/main/org.sp...
278081c fix deprecation warnings
a1cf246 Merge pull request #1754 from dtrunk90/fix/delombok-sourcepath-for-modules
91dbece Merge branch 'main' of github.com:freefair/gradle-plugins
88570fc fix checkstyle
9ad981d Bump org.springframework.boot:spring-boot-dependencies in /examples (#1756)
7bf9d6e Bump org.graalvm.buildtools.native from 1.0.0 to 1.1.0 in /examples (#1758)
f527dd0 fix javadoc link config
27901ff Update to Gradle 9.5.0
8cfe90c Bump org.springframework.boot from 4.0.5 to 4.0.6 in /examples (#1757)
Additional commits viewable in compare view

Updates org.sonarqube from 7.2.3.7755 to 7.3.0.8198

Updates gradle-wrapper from 9.4.1 to 9.5.1

Release notes

Sourced from gradle-wrapper's releases.

9.5.1

The Gradle team is excited to announce Gradle 9.5.1.

Here are the highlights of this release:

Task provenance in reports and failure messages

Type-safe accessors for precompiled Kotlin Settings plugins

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle: atm1020, mataha, Adam, Attila Kelemen, Benedikt Ritter, Björn Kautler, Caro Silva Rode, CHANHAN, Dmitry Nezavitin, Eng Zer Jun, KugelLibelle, Madalin Valceleanu, Markus Gaisbauer, Oliver Kopp, Philip Wedemann, ploober, Roberto Perez Alcolea, Rohit Anand, Suvrat Acharya, Ujwal Suresh Vanjare, Victor Merkulov

Upgrade instructions

Switch your build to use Gradle 9.5.1 by updating your wrapper:
./gradlew wrapper --gradle-version=9.5.1 && ./gradlew wrapper
See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

9.5.0

... (truncated)

Commits

fd78213 Update Documentation Infrastructure: Fix scrolling issue in user manual (#37861)
7758437 fix scroll
2fd605f Only try to run as worker thread in DefaultBuildOperationQueue (#37845)
af69849 Release notes for Gradle 9.5.1 (#37853)
f4d9d03 Release notes for Gradle 9.5.1
01eda3a Address review feedback on worker-lease retry changes
7024e15 Revert enrich file visitor with size info on release branch (#37848)
d51476f Fix tryRunAsWorkerThread null-return test to match contract
090ebab Revert "Add getLength() to FilePropertyVisitor.VisitState"
bceab24 Revert "Fix annotation"
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gradle-version-updates group with 6 updates in the /hooks/persistence-defectdojo/hook directory: | Package | From | To | | --- | --- | --- | | [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.21.2` | `2.21.3` | | [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` | | org.slf4j:slf4j-api | `2.0.17` | `2.0.18` | | [io.freefair.lombok](https://github.com/freefair/gradle-plugins) | `9.4.0` | `9.5.0` | | org.sonarqube | `7.2.3.7755` | `7.3.0.8198` | | [gradle-wrapper](https://github.com/gradle/gradle) | `9.4.1` | `9.5.1` | Updates `com.fasterxml.jackson:jackson-bom` from 2.21.2 to 2.21.3 - [Commits](FasterXML/jackson-bom@jackson-bom-2.21.2...jackson-bom-2.21.3) Updates `org.junit:junit-bom` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18 Updates `org.slf4j:slf4j-log4j12` from 2.0.17 to 2.0.18 Updates `io.freefair.lombok` from 9.4.0 to 9.5.0 - [Release notes](https://github.com/freefair/gradle-plugins/releases) - [Commits](freefair/gradle-plugins@9.4.0...9.5.0) Updates `org.sonarqube` from 7.2.3.7755 to 7.3.0.8198 Updates `gradle-wrapper` from 9.4.1 to 9.5.1 - [Release notes](https://github.com/gradle/gradle/releases) - [Commits](gradle/gradle@v9.4.1...v9.5.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.21.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gradle-version-updates - dependency-name: org.junit:junit-bom dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gradle-version-updates - dependency-name: org.slf4j:slf4j-log4j12 dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gradle-version-updates - dependency-name: io.freefair.lombok dependency-version: 9.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: org.sonarqube dependency-version: 7.3.0.8198 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: gradle-wrapper dependency-version: 9.5.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2026-05-19T21:19:30Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels May 19, 2026

github-project-automation Bot added this to secureCodeBox May 19, 2026

github-project-automation Bot moved this to Triage in secureCodeBox May 19, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the gradle-version-updates group across 1 directory with 7 updates#3650

Bump the gradle-version-updates group across 1 directory with 7 updates#3650
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/hooks/persistence-defectdojo/hook/gradle-version-updates-5542f3e337

dependabot Bot commented on behalf of github May 19, 2026

Uh oh!

sonarqubecloud Bot commented May 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 19, 2026

New Contributors

New Contributors

New Contributors

9.5.0

What's Changed

New Contributors

9.5.1

Upgrade instructions

Reporting problems

9.5.0

Uh oh!

sonarqubecloud Bot commented May 19, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants