Bump the maven-deps group across 1 directory with 8 updates

[dependabot]

Bumps the maven-deps group with 8 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	3.5.5	4.0.0
org.cyclonedx:cyclonedx-core-java	10.2.1	11.0.1
org.apache.poi:poi-scratchpad	5.4.1	5.5.1
org.apache.httpcomponents.client5:httpclient5	5.5	5.5.1
org.springdoc:springdoc-openapi-starter-webmvc-ui	2.8.13	3.0.0
org.apache.maven.plugins:maven-source-plugin	3.3.1	3.4.0
org.apache.maven.plugins:maven-javadoc-plugin	3.11.3	3.12.0
org.apache.maven.plugins:maven-release-plugin	3.1.1	3.2.0

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.5 to 4.0.0

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.0.0

Full release notes for Spring Boot 4.0 are available on the wiki. There is also a migration guide to help you upgrade from Spring Boot 3.5.

⭐ New Features

• Change tomcat and jetty runtime modules to starters #48175
• Rename spring-boot-kotlin-serialization to align with the name of the Kotlinx module that it pulls in #48076

🐞 Bug Fixes

• Error properties are a general web concern and should not be located beneath server.* #48201
• With both Jackson 2 and 3 on the classpath, @JsonTest fails due to duplicate jacksonTesterFactoryBean #48198
• Gradle war task does not exclude starter POMs from lib-provided #48197
• spring.test.webclient.mockrestserviceserver.enabled is not aligned with its module's name #48193
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48182
• Properties bound in the child management context ignore the parent's environment prefix #48177
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48171
• Starter for spring-boot-micrometer-metrics is missing #48161
• Elasticsearch client's sniffer functionality should not be enabled by default #48155
• spring-boot-starter-elasticsearch should depend on elasticsearch-java #48141
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48132
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48128
• Properties for configuring an isolated JsonMapper or ObjectMapper are incorrectly named #48116
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48103
• Image building may fail when specifying a platform if an image has already been built with a different platform #48099
• Default values of Kotlinx Serialization JSON configuration properties are not documented #48097
• Custom XML converters should override defaults in HttpMessageConverters #48096
• Kotlin serialization is used too aggressively when other JSON libraries are available #48070
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48059
• Auto-configured JCacheMetrics cannot be customized #48057
• WebSecurityCustomizer beans are excluded by WebMvcTest #48055
• Deprecated EnvironmentPostProcessor does not resolve arguments #48047
• RetryPolicySettings should refer to maxRetries, not maxAttempts #48023
• Devtools Restarter does not work with a parameterless main method #47996
• Dependency management for Kafka should not manage Scala 2.12 libraries #47991
• spring-boot-mail should depend on jakarta.mail:jakarta.mail-api and org.eclipse.angus:angus-mail instead of org.eclipse.angus:jakarta.mail #47983
• spring-boot-starter-data-mongodb-reactive has dependency on reactor-test #47982
• Support for ReactiveElasticsearchClient is in the wrong module #47848

📔 Documentation

• Removed property spring.test.webclient.register-rest-template is still documented #48199
• Mention support for detecting AWS ECS in "Deploying to the Cloud" #48170
• Revise AWS section of "Deploying to the Cloud" in reference manual #48163
• Fix typo in PortInUseException Javadoc #48134
• Correct section about required setters in "Type-safe Configuration Properties" #48131
• Use since attribute in configuration properties deprecation consistently #48122
• Document EndpointJsonMapper and management.endpoints.jackson.isolated-json-mapper #48115
• Document support for configuring servlet context init parameters using properties #48112
• Some configuration properties are not documented in the appendix #48095

... (truncated)

Commits

• 1c0e08b Release v4.0.0
• 3487928 Merge branch '3.5.x'
• 29b8e96 Switch make-default in preparation for Spring Boot 4.0.0
• 88da0dd Merge branch '3.5.x'
• 56feeaa Next development version (v3.5.9-SNAPSHOT)
• 3becdc7 Move server.error properties to spring.web.error
• 2b30632 Merge branch '3.5.x'
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• dc140df Upgrade to Spring Framework 7.0.1
• Additional commits viewable in compare view

Updates org.cyclonedx:cyclonedx-core-java from 10.2.1 to 11.0.1

Release notes

Sourced from org.cyclonedx:cyclonedx-core-java's releases.

cyclonedx-core-java-11.0.1

What's Changed

Bug Fixes 🐛

• Fix SchemaFactory configuration of XML validator (GHSA-6fhj-vr9j-g45r) by @​nscuro in CycloneDX/cyclonedx-core-java#737

Dependency Updates 🤖

• chore(deps): Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#727
• chore(deps): Bump github/codeql-action from 3.30.4 to 4.30.8 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#728
• chore(deps): Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.1 to 3.6.2 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#725
• chore(deps): Bump github/codeql-action from 4.30.8 to 4.30.9 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#729
• chore(deps): Bump com.fasterxml.jackson:jackson-bom from 2.20.0 to 2.20.1 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#736
• chore(deps): Bump github/codeql-action from 4.30.9 to 4.31.2 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#735
• chore(deps): Bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#733
• chore(deps): Bump actions/download-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#732
• chore(deps): Bump commons-io:commons-io from 2.20.0 to 2.21.0 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#742
• chore(deps): Bump org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.2.0 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#741
• chore(deps): Bump commons-codec:commons-codec from 1.19.0 to 1.20.0 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#740
• chore(deps): Bump JamesIves/github-pages-deploy-action from 4.7.3 to 4.7.4 by @​dependabot[bot] in CycloneDX/cyclonedx-core-java#739

Full Changelog: CycloneDX/cyclonedx-core-java@cyclonedx-core-java-11.0.0...cyclonedx-core-java-11.0.1

cyclonedx-core-java-11.0.0

What's Changed

Breaking Changes 🚨

• Fix CryptoRef array type by @​mr-zepol in CycloneDX/cyclonedx-core-java#628

Enhancements 🚀

• Polish code for Validation by @​mr-zepol in CycloneDX/cyclonedx-core-java#613
• Add Extra Validations For Metadata by @​mr-zepol in CycloneDX/cyclonedx-core-java#612
• Bump SPDX license list to 3.26.0 by @​nscuro in CycloneDX/cyclonedx-core-java#647
• #640 Added license names to license-mapping.json by @​bilak in CycloneDX/cyclonedx-core-java#641
• chore: GH workflow permissions by @​jkowalleck in CycloneDX/cyclonedx-core-java#654
• feat: Add Apache 2 License by @​jakub-bochenski in CycloneDX/cyclonedx-core-java#677
• feat: Add Eclipse Public License Version 1.0 by @​jakub-bochenski in CycloneDX/cyclonedx-core-java#676
• feat: Add ASL, version 2 and LGPL, version 2.1 by @​jakub-bochenski in CycloneDX/cyclonedx-core-java#675
• feat: Add GPL v2 with the Classpath exception by @​jakub-bochenski in CycloneDX/cyclonedx-core-java#673
• Added mapping for CPL license by @​t-swstk in CycloneDX/cyclonedx-core-java#697
• Adjust release process for new Maven Central publishing by @​nscuro in CycloneDX/cyclonedx-core-java#713
• Bump SPDX license list to 3.27.0 by @​stevenbuccini in CycloneDX/cyclonedx-core-java#715
• Update README with steps to update license list by @​stevenbuccini in CycloneDX/cyclonedx-core-java#720

Bug Fixes 🐛

• Fix wrong property type in ComponentData.content by @​mr-zepol in CycloneDX/cyclonedx-core-java#627
• Fix failing GitHub Actions builds by @​nscuro in CycloneDX/cyclonedx-core-java#648
• Deserializer Nested Components in Metadata - Regression by @​mr-zepol in CycloneDX/cyclonedx-core-java#703
• Fix publish-snapshot workflow by @​nscuro in CycloneDX/cyclonedx-core-java#719
• Fix names of Maven Central secrets by @​nscuro in CycloneDX/cyclonedx-core-java#721

Dependency Updates 🤖

... (truncated)

Commits

• 700ef74 [maven-release-plugin] prepare release cyclonedx-core-java-11.0.1
• 474706a Merge pull request #739 from CycloneDX/dependabot/github_actions/JamesIves/gi...
• 2806f1c Merge pull request #740 from CycloneDX/dependabot/maven/commons-codec-commons...
• 929aee4 Merge pull request #741 from CycloneDX/dependabot/maven/org.apache.maven.plug...
• 61386c5 Merge pull request #742 from CycloneDX/dependabot/maven/commons-io-commons-io...
• 731b802 Merge pull request #737 from nscuro/fix-schemafactory-config
• 794f524 chore(deps): Bump commons-io:commons-io from 2.20.0 to 2.21.0
• 5b737aa chore(deps): Bump org.apache.maven.plugins:maven-release-plugin
• f06bedf chore(deps): Bump commons-codec:commons-codec from 1.19.0 to 1.20.0
• 32a029a chore(deps): Bump JamesIves/github-pages-deploy-action
• Additional commits viewable in compare view

Updates org.apache.poi:poi-scratchpad from 5.4.1 to 5.5.1

Updates org.apache.httpcomponents.client5:httpclient5 from 5.5 to 5.5.1

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.5.1

This is a maintenance release that fixes several defects in the connection management code and a regression in the DIGEST authentication reported since the previous release. It also upgrades HttpCore to version 5.3.6.

Change Log

• HTTPCLIENT-2391: Improved GRACEGUL shutdown of ExecutorService used internally by async clients. Contributed by Oleg Kalnichevski

• Bug fix: Use a 1 second timeout when closing out connections inside a connection pool lock. Contributed by Oleg Kalnichevski

• Clarified the behavior of the protocol-level responseTimeout and the connection management level socketTimeout and their interrelation. Contributed by ChangYong

• Bug fix: Connection managers to ensure open connections have a socket timeout set based on ConnectionConfig upon lease. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2393: Remove rspauth attribute from Authorization DIGEST header (#716) RFC 7616 compliance: rspauth is server-side (Authentication-Info 3.5) only. Contributed by Arturo Bernal

• HTTPCLIENT-2386: Classic transport to use the connect timeout as a default if the TLS timeout has not been explicitly set. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2384: Socket options related to TcpKeepAlive are ignored. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2371: Logging of request re-execution at INFO priority. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2379: Fixed a defect in H2SharingConnPool causing an IllegalStateException when releasing the same connection from multiple threads. (#663) Contributed by Arturo Bernal abernal@apache.org

• Fixed the behavior of the validateAfterInactivity connection setting by the async connection manager. Contributed by Ryan Schmitt

• HTTPCLIENT-2376: Fixed the problem with ContentCompressionExec not taking acceptEncoding parameter into account.

... (truncated)

Commits

• 6a3d332 HttpClient 5.5.1 release
• 66dea80 Updated release notes for HttpClient 5.5.1 release
• 61f21a5 Upgraded HttpCore to version 5.3.6
• 694394c HTTPCLIENT-2391: improved GRACEGUL shutdown of ExecutorService used internall...
• 038b74f Bug fix: Use 1 second timeout when closing out connections inside a connectio...
• 6675520 Clarify behavior of the protocol level responseTimeout and the connection man...
• cb2ccda Bug fix: connections managers to ensure open connections have socket timeout ...
• 4466cca HTTPCLIENT-2393 - remove rspauth from Authorization (#716)
• da1a8e0 Imporved TestAsyncClient wiring; added internal methods to get the underlying...
• ab40ec9 Upgraded HttpCore to version 5.3.5
• Additional commits viewable in compare view

Updates org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.13 to 3.0.0

Release notes

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's releases.

springdoc-openapi v3.0.0 released!

Added

• #2975 - Spring Framework 7 - Initial API versioning support
• #3123 - Support static resources for webflux

Changed

• Upgrade to Spring Boot 4.0.0!
• Upgrade to Scalar 0.4.3

Fixed

• #3131 - Warning messages when docs are explicitly enabled
• #3121 - NPE in KotlinDeprecatedPropertyCustomizer - resolvedSchema is null

Full Changelog: springdoc/springdoc-openapi@v3.0.0-RC1...v3.0.0

springdoc-openapi v3.0.0-RC1 released!

Added

• #3095 - Add support for Spring Boot 4.0.0-RC1

Full Changelog: springdoc/springdoc-openapi@v3.0.0-M1...v3.0.0-RC1

springdoc-openapi v3.0.0-M1 released!

Added

• #3062 - Add Spring Boot 4.0.0-M2 support

springdoc-openapi v2.8.14 released!

What's Changed

• disable "/v3/api-docs", and "/swagger-ui.html" by default and upgrade to Scalar 0.2.1 by @​zakaria-shahen in springdoc/springdoc-openapi#3090
• Upgrade swagger-core to version 2.2.38 by @​Mattias-Sehlstedt in springdoc/springdoc-openapi#3105
• fix:compatible with lower version of getOpenApi(). by @​SkyeBeFreeman in springdoc/springdoc-openapi#3107
• Add logs to notify when SpringDocs/Scalar is enabled because SpringDocs/Scalar is enabled by default (#3090) by @​zakaria-shahen in springdoc/springdoc-openapi#3122

Added

• #3090 - Add logs to notify when SpringDocs/Scalar is enabled because SpringDocs/Scalar is enabled by default

Changed

• Upgrade swagger-ui to v5.30.1
• Upgrade swagger-core to v2.2.38
• Upgrade spring-boot to v3.5.7
• Upgrade commons-lang3 to v3.18.0
• Upgrade scalar to v0.3.12

Fixed

• #3107 - Fix:compatible with lower version of getOpenApi().

... (truncated)

Changelog

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[2.8.14] - 2025-11-02

Added

• #3090 - Add logs to notify when SpringDocs/Scalar is enabled because SpringDocs/Scalar is enabled by default

Changed

• Upgrade swagger-ui to v5.30.1
• Upgrade swagger-core to v2.2.38
• Upgrade spring-boot to v3.5.7
• Upgrade commons-lang3 to v3.18.0
• Upgrade scalar to v0.3.12

Fixed

• #3107 - Fix:compatible with lower version of getOpenApi().
• #3121 - NPE in KotlinDeprecatedPropertyCustomizer - resolvedSchema is null

Commits

• 6526d7a [maven-release-plugin] prepare release v3.0.0
• 49409a9 Prepare for next release
• aa333b3 moving to 3.0.0-SNAPSHOT
• 44e2f70 Upgrade to spring-boot 4
• 4b95d0e scalar upgrade to version 0.4.3
• 9b3dd90 Remove dependency on the latest spring-framework SNAPSHOT.
• 95c3b87 Warning messages when docs are explicitly enabled. Fixes #3131
• e444dee Changes report: Regression where content type from swagger @​RequestBody does ...
• 007977e feat: static resources for webflux #3123
• 0293459 Spring Framework 7 - API versioning support #2975
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.1 to 3.4.0

Release notes

Sourced from org.apache.maven.plugins:maven-source-plugin's releases.

3.4.0

🐛 Bug Fixes

• [MSOURCES-140] - fail only if re-attach different files (#24) @​hboutemy

👻 Maintenance

• Bump m-invoker-p to 3.9.1 (#251) @​slachiewicz
• Allow to manually execute release drafter (#58) @​slawekjaranowski
• GH Issues (Maven 3 branch) (#57) @​Bukama
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#49) @​Bukama

📦 Dependency updates

• Use plexus-utils version from parent (#252) @​slachiewicz
• Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#247) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (#248) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5 (#241) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3 (#242) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#246) @dependabot[bot]
• Bump mavenVersion from 3.2.5 to 3.9.11 (#221) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#233) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.3 to 3.6.4 (#229) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 41 to 45 (#218) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 3.5.1 to 3.6.0 (#226) @dependabot[bot]
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#222) @dependabot[bot]
• Bump commons-io:commons-io from 2.16.1 to 2.19.0 (#68) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0 (#63) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.3 (#66) @dependabot[bot]
• Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#27) @dependabot[bot]
• [MSOURCES-147] - Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 (#23) @dependabot[bot]
• [MSOURCES-146] - Bump commons-io:commons-io from 2.11.0 to 2.16.0 (#25) @dependabot[bot]
• [MSOURCES-145] - Bump org.apache.maven:maven-archiver from 3.6.1 to 3.6.2 (#26) @dependabot[bot]

Commits

• ecf937a [maven-release-plugin] prepare release maven-source-plugin-3.4.0
• 95b3bf4 Revert "[maven-release-plugin] prepare for next development iteration"
• 7a9a770 [maven-release-plugin] prepare for next development iteration
• 292c1ce Use plexus-utils version from parent
• bf79b71 Bump m-invoker-p to 3.9.1
• 4f3fcb9 Bump commons-io:commons-io from 2.20.0 to 2.21.0
• a867442 Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4
• 51c66ac Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5
• 267df46 Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3
• ef85324 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to 3.12.0

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.12.0

💥 Breaking changes

• remove fix mojo (#1263) @​elharo
• detectOfflineLinks is now false per default for all jar mojo issue #1258 (#1259) @​olamy

🐛 Bug Fixes

• Fix legacyMode (#1265) @​fridrich
• Fix package {...} does not exist in legacyMode (#1243) @​JackPGreen
• Ensure UTF-8 charset is used to avoid IllegalArgumentException: Null charset name (#1245) @​elharo
• Remove Javadoc 1.4+ / -1.1 switch related warning (#1240) @​perceptron8

👻 Maintenance

• protect 3.8.x branch (#1238) @​hboutemy
• feat: enable prevent branch protection rules (#1228) @​sparsick

📦 Dependency updates

• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#1257) @dependabot[bot]

Commits

• 2a06bed [maven-release-plugin] prepare release maven-javadoc-plugin-3.12.0
• a71ecf9 bump version 3.12.0-SNAPSHOT
• 88f2b71 [maven-release-plugin] prepare for next development iteration
• 7e18956 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.4
• c11b76c In legacyMode, don't use -sourcepath, unless excludePackageNames is not empty...
• bc9904b remove fix mojo (#1263)
• f310135 Fix package {...} does not exist in legacyMode (#1243)
• c8270f9 detectOfflineLinks is now false per default for all jar mojo issue #1258 ...
• 953e609 Delete flaky test (#1260)
• 2bba7a4 Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.2.0

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.2.0

🚀 New features and improvements

• Add "serverId" and "privateKey" SCM parameters (#1385) @​kwin
• Support complex CI-Friendly expressions (#1382) @​kwin
• [MRELEASE-1160] - Consider releaseDescriptor's pushChanges for ScmRepositoryConfigurator.getConfiguredRepository() (#237) @​kwin
• [MRELEASE-1054] - Support for excluding submodules changes. (#196) @​wuwen5

🐛 Bug Fixes

• [MRELEASE-1154] - Never fail for unresolvable version expressions (#230) @​kwin
• [MRELEASE-1153] - Revert parts of MRELEASE-1109 (8dfcb47996320af5e6f0b2d50eac209… (#224) @​michael-o

📝 Documentation updates

• Convert APT to Markdown (#1405) @​kwin
• (doc) Add FAQ entry for using custom deploy plugin (#1388) @​Marcono1234
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#238) @​Bukama

👻 Maintenance

• PlexusFileUtils Refaster recipes (#1403) @​slachiewicz
• PlexusStringUtils Refaster recipes (#1404) @​slachiewicz
• Update site descriptor to 2.0.0 (#1399) @​slawekjaranowski
• feat: enable prevent branch protection rules (#1387) @​sebtiem
• Github Issues (#241) @​Bukama
• Convert to Guice constructor injection (#236) @​elharo

📦 Dependency updates

• Bump parent from 42 to 45 (#1396) @​slawekjaranowski
• Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#1392) @dependabot[bot]
• Bump scmVersion from 2.1.0 to 2.2.1 (#1393) @dependabot[bot]
• Bump org.xmlunit:xmlunit-core from 2.10.3 to 2.10.4 (#1389) @dependabot[bot]
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#1386) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#1378) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interactivity-api from 1.3 to 1.4 (#239) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#240) @dependabot[bot]
• Bump org.xmlunit:xmlunit-core from 2.10.1 to 2.10.3 (#1377) @dependabot[bot]
• Bump org.xmlunit:xmlunit-core from 2.10.0 to 2.10.1 (#242) @dependabot[bot]
• Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 (#227) @dependabot[bot]
• Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#226) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.17.0 (#231) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 (#225) @dependabot[bot]

Commits

• 167c489 [maven-release-plugin] prepare release maven-release-3.2.0
• 0ab10be Improve javadoc for parameter "pushChanges"
• f06aaa2 Add links to Javadocs for SCM authentication
• bf44cbe Site: Convert APT to Markdown
• 71db7e5 Move to match target converter format MARKDOWN with doxia-converter
• 46a6026 PlexusFileUtils Refaster recipes (#1403)
• b3d49dc PlexusStringUtils Refaster recipes (#1404)
• ce76e9f Update site descriptor to 2.0.0
• 0ef78fd Bump parent from 42 to 45
• dfe917c Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#1392)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions