Dependabot: Bump the maven-patch-and-minor group with 12 updates by dependabot[bot] · Pull Request #27 · open-eid/SiGa

dependabot · 2026-05-21T07:54:54Z

Bumps the maven-patch-and-minor group with 12 updates:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	`3.5.10`	`3.5.14`
co.elastic.logging:logback-ecs-encoder	`1.7.0`	`1.8.0`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.4`	`3.5.5`
org.apache.maven.plugins:maven-enforcer-plugin	`3.6.2`	`3.6.3`
com.google.guava:guava	`33.5.0-jre`	`33.6.0-jre`
org.bouncycastle:bcpkix-jdk18on	`1.83`	`1.84`
org.bouncycastle:bcprov-jdk18on	`1.83`	`1.84`
org.bouncycastle:bcutil-jdk18on	`1.83`	`1.84`
org.apache.cxf:cxf-wadl2java-plugin	`4.1.4`	`4.2.1`
org.postgresql:postgresql	`42.7.9`	`42.7.10`
ee.sk.mid:mid-rest-java-client	`1.6`	`1.7`
commons-io:commons-io	`2.21.0`	`2.22.0`

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.10 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.14

🐞 Bug Fixes

ApplicationPidFileWriter does not handle symlinks correctly #50173

RandomValuePropertySource is not suitable for secrets #50172

Cassandra auto-configuration misconfigures CqlSessionBuilder #50171

ApplicationTemp does not handle symlinks correctly #50170

Remote DevTools performs comparison incorrectly #50169

spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168

EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035

Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033

Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021

WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008

500 response from env endpoint when supplied pattern is invalid #49942

HTTP method is lost when configuring excludes in EndpointRequest #49885

Docker Compose support doesn't work with apache/artemis image #49865

Honor HttpMethod for reactive additional endpoint paths #49864

Docker Compose support doesn't work with apache/activemq image #49863

Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

Link to the observability section of the Lettuce documentation is broken #50092

Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083

MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023

Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010

Link to the Kubernetes documentation when discussing startup probes #50007

Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895

Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

Upgrade to Groovy 4.0.31 #49905

Upgrade to Hibernate 6.6.49.Final #50140

Upgrade to Jaxen 2.0.1 #50109

Upgrade to Jaybird 6.0.5 #49907

Upgrade to Jetty 12.0.34 #49908

Upgrade to jOOQ 3.19.32 #50110

Upgrade to Lombok 1.18.46 #50148

Upgrade to MariaDB 3.5.8 #49909

Upgrade to Micrometer 1.15.11 #49961

Upgrade to Micrometer Tracing 1.5.11 #49962

Upgrade to MySQL 9.7.0 #50161

Upgrade to Neo4j Java Driver 5.28.13 #50074

Upgrade to Reactor Bom 2024.0.17 #49963

Upgrade to Spring AMQP 3.2.10 #49964

Upgrade to Spring Authorization Server 1.5.7 #49965

Upgrade to Spring Data Bom 2025.0.11 #49966

Upgrade to Spring Framework 6.2.18 #49967

Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

7d7b3ac Release v3.5.14
9dc5aa2 Polish
f533a45 Do not follow symlinks when writing PID file
f3b8eb0 Use SecureRandom in RandomValuePropertySource
e22083a Enable hostname verification for SSL connections to Cassandra
5ceb1a2 Improve ApplicationTemp's temporary directory creation
4b0862c Use constant-time comparison for remote DevTools secret
e4febe2 Apply verify-hostname consistently
2c2ffe5 Fix Windows test failure
0046a44 Protect against corrupt buildpack archives
Additional commits viewable in compare view

Updates co.elastic.logging:logback-ecs-encoder from 1.7.0 to 1.8.0

Release notes

Sourced from co.elastic.logging:logback-ecs-encoder's releases.

Release 1.8.0

What's Changed

[release] release-step-4 1.7.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#324

build(deps): bump the github-actions group across 1 directory with 2 updates by @dependabot[bot] in elastic/ecs-logging-java#326

deps: Bump updatecli version to v0.99.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#325

[docs] Add products to docset.yml by @colleenmcginnis in elastic/ecs-logging-java#329

github-action: add catalog-validate for GitHub actions by @v1v in elastic/ecs-logging-java#328

add reviewers to codeowners by @SylvainJuge in elastic/ecs-logging-java#333

deps: Bump updatecli version to v0.101.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#335

fix codeowners ordering by @SylvainJuge in elastic/ecs-logging-java#336

[ci] align labeler with other repositories by @SylvainJuge in elastic/ecs-logging-java#337

build(deps): bump actions/attest-build-provenance from 2.3.0 to 2.4.0 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#339

docs-builder: add pull-requests: write permission to docs-build workflow by @reakaleek in elastic/ecs-logging-java#341

deps: Bump updatecli version to v0.102.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#340

Switch to central-publishing-maven-plugin for publishing by @JonasKunz in elastic/ecs-logging-java#343

deps: Bump updatecli version to v0.104.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#344

deps(updatecli): bump all policies by @elastic-observability-automation[bot] in elastic/ecs-logging-java#345

deps: Bump updatecli version to v0.105.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#346

build(deps): bump docker/login-action from 3.4.0 to 3.5.0 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#348

deps: Bump updatecli version to v0.105.1 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#349

ci: fix semgrep reported run-shell-injection by @oakrizan in elastic/ecs-logging-java#347

build(deps): bump actions/checkout from 4 to 5 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#351

deps(updatecli): bump all policies by @elastic-observability-automation[bot] in elastic/ecs-logging-java#352

deps: Bump updatecli version to v0.106.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#353

build(deps): bump actions/attest-build-provenance from 2.4.0 to 3.0.0 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#354

deps: Bump updatecli version to v0.107.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#355

deps: Bump updatecli version to v0.108.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#358

Replace tibdex/github-app-token with actions/create-github-app-token by @Copilot in elastic/ecs-logging-java#357

build(deps): bump docker/login-action from 3.5.0 to 3.6.0 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#359

deps: Bump updatecli version to v0.109.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#360

build(deps): bump actions/upload-artifact from 4 to 5 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#361

deps: Bump updatecli version to v0.110.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#362

deps: Bump updatecli version to v0.110.1 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#363

deps: Bump updatecli version to v0.110.2 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#364

deps: Bump updatecli version to v0.110.3 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#365

build(deps): bump actions/checkout from 5 to 6 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#366

deps(updatecli): bump all policies by @elastic-observability-automation[bot] in elastic/ecs-logging-java#367

deps: Bump updatecli version to v0.111.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#369

build(deps): bump actions/upload-artifact from 5 to 6 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#371

deps: Bump updatecli version to v0.112.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#370

build(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0 in the github-actions group across 1 directory by @dependabot[bot] in elastic/ecs-logging-java#374

assign internal PRs to author by @SylvainJuge in elastic/ecs-logging-java#375

deps: Bump updatecli version to v0.113.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#376

github-action: add artifact-metadata permission for attestations by @v1v in elastic/ecs-logging-java#377

build(deps-dev): bump org.assertj:assertj-core from 3.12.2 to 3.27.7 by @dependabot[bot] in elastic/ecs-logging-java#378

build(deps): bump the github-actions group across 1 directory with 2 updates by @dependabot[bot] in elastic/ecs-logging-java#379

Add Vale docs linting support by @theletterf in elastic/ecs-logging-java#382

github-action: use actions/attest by @elastic-vault-github-plugin-prod[bot] in elastic/ecs-logging-java#385

build(deps): bump the github-actions group across 1 directory with 2 updates by @dependabot[bot] in elastic/ecs-logging-java#386

deps: Bump updatecli version to v0.114.0 by @elastic-observability-automation[bot] in elastic/ecs-logging-java#387

... (truncated)

Commits

4988ae8 add missing project.name in some pom.xml (#406)
1649f98 pre release: ecs-logging-java v1.8.0 (#405)
984434d filter mdc + spring cleaning (#404)
e080372 Fix unbounded StringBuilder retention in ThreadLocal (memory leak) (#391)
0404feb docs: add applies_to frontmatter and scope Filebeat section to stack (#380)
71ba8f8 deps: Bump updatecli version to v0.116.3 (#403)
cfc89c0 Avoid bumping versions for legacy tests (#401)
c5d178b Bumping log4j version (#402)
213b919 deps: Bump updatecli version to v0.116.1 (#400)
42a3f3a build(deps): bump docker/login-action (#397)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.4 to 3.5.5

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.5

🚀 New features and improvements

Replace runing external process and parsing output with simple ProcessHandle if available (Java9+) (#3252) @olamy

Pass slf4j context to spawned thread (#3241) @scottrw93

[SUREFIRE-3239] - allow override of statistics file checksum (#3247) @XN137

Reduce log level for skipped tests result to info (#3232) @strangelookingnerd

🐛 Bug Fixes

Use PowerShell instead of WMIC for detecting zombie process on Windows (#3258) @jbliznak. Please note if you are using Windows with Java 8 and not PowerShell (you have options to: use Java 9+, install PowerShell or stay on Surefire 3.5.4)

Properly work with test failures caused during beforeAll phase (#3194) @Frawless

📝 Documentation updates

Clarify how late placeholder replacement (@{...}) deals with (#3208) @kwin

👻 Maintenance

Fix Jenkin badges in README (#3254) @slawekjaranowski

Use JUnit5 in failsafe ITs (#3251) @slawekjaranowski

Remove long-deprecated unused encoding property from VerifyMojo (#3198) @Tomlincoln

Add IT and deal with corner cases of handling beforeAll failures (#3200) @Frawless

Revert PR #3194 that handle beforeAll failures to follow proper contributing rules (#3211) @Frawless

🔧 Build

Missing many files in the GH Artifacts of CI ex-post. (#3219) @Tibor17

📦 Dependency updates

Bump org.xmlunit:xmlunit-core from 2.10.4 to 2.11.0 (#3209) @dependabot[bot]

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.1 (#3260) @dependabot[bot]

Bump parent from 44 to 47 (#3253) @slawekjaranowski

Bump org.assertj:assertj-core from 3.16.1 to 3.27.7 in /surefire-its/src/test/resources/surefire-1733-testng (#3246) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (#3245) @dependabot[bot]

Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.26 to 1.27 (#3243) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.20.0 to 4.21.0 (#3236) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2 (#3235) @dependabot[bot]

Bump org.apache.logging.log4j:log4j-core from 2.17.1 to 2.25.3 in /surefire-its/src/test/resources/surefire-1659-stream-corruption (#3234) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.19.0 to 4.20.0 (#3228) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.18.0 to 4.19.0 (#3224) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#3223) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29 (#3221) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0.0 to 1.1.0 (#3220) @dependabot[bot]

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#3217) @dependabot[bot]

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#3214) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.5.0 to 1.5.1 (#3218) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.16.0 to 4.18.0 (#3213) @dependabot[bot]

... (truncated)

Commits

968cb38 [maven-release-plugin] prepare release surefire-3.5.5
8e7dc41 Reapply "Replace runing external process and parsing output with simple Proce...
4ced57c Revert "Replace runing external process and parsing output with simple Proces…"
8496d9a Bump org.xmlunit:xmlunit-core from 2.10.4 to 2.11.0 (#3209)
68265e5 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#3260)
0b19014 Replace runing external process and parsing output with simple ProcessHandle ...
688f8c4 Use PowerShell instead of WMIC for detecting zombie process on Windows (#3258)
e5c01a6 Build only by the latest Maven on Jenkins (#3255)
9c99e97 Fix Jenkin badges in README (#3254)
20930ea Bump parent from 44 to 47 (#3253)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-enforcer-plugin from 3.6.2 to 3.6.3

Release notes

Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.

3.6.3

🚀 New features and improvements

Make bannedDependencies report root and transitive dependency in case both are banned. (#940) @hvoynov

Add enforceBytecodeVersion rule based on mojohaus (#968) @cstamas

Improve formatting of deprecated API warning (#951) @mthmulders

🐛 Bug Fixes

Fix handling of Java versions like 21.0.10.0.1 (#967) @parttimenerd

Add null checks for modelId in PluginWrapper (#974) @cpfeiffer

📝 Documentation updates

Document the banMavenDefaults option for the requirePluginVersions rule. (#936) @rpkrajewski

👻 Maintenance

PlexusStringUtils Refaster recipes (#943) @slachiewicz

JUnit Jupiter migration from JUnit 4.x (#941) @slachiewicz

📦 Dependency updates

Bump org.apache.logging.log4j:log4j-core from 2.25.3 to 2.25.4 in /maven-enforcer-plugin/src/it/projects/MENFORCER-434 (#970) @dependabot[bot]

Deps: Parent POM 48 and align deps (#979) @cstamas

Bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#976) @dependabot[bot]

Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#975) @dependabot[bot]

Bump mavenVersion from 3.9.14 to 3.9.15 (#973) @dependabot[bot]

Bump mavenVersion from 3.9.13 to 3.9.14 (#965) @dependabot[bot]

Bump mavenVersion from 3.9.12 to 3.9.13 (#964) @dependabot[bot]

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.5.0 to 3.5.1 (#963) @dependabot[bot]

Update log4j in test to avoid CVE (#961) @Bukama

Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 (#962) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (#960) @dependabot[bot]

Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (#959) @dependabot[bot]

Bump org.apache.maven:maven-parent from 46 to 47 (#958) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.4 to 4.11.0 (#957) @dependabot[bot]

Update to 46 including fixes (#955) @Bukama

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.5.0 (#956) @dependabot[bot]

Bump mavenVersion from 3.9.11 to 3.9.12 (#948) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#947) @dependabot[bot]

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#946) @dependabot[bot]

Bump commons-codec:commons-codec from 1.19.0 to 1.20.0 (#945) @dependabot[bot]

Commits

c7daff3 [maven-release-plugin] prepare release enforcer-3.6.3
ee46e78 Make bannedDependencies report root and transitive dependency in case both ar...
0806924 Document the banMavenDefaults option for the requirePluginVersions rule. (#936)
8e4f5b9 Add better enforceBytecodeVersion rule based on mojohaus (#968)
fd4b148 Add fix for 21.0.10.0.1 issue (#967)
f32d597 Deps: Parent POM 48 and align deps (#979)
df0f2a6 Bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#976)
2da7a68 Add null checks for modelId in PluginWrapper
91eb4d9 Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#975)
b622245 Bump mavenVersion from 3.9.14 to 3.9.15 (#973)
Additional commits viewable in compare view

Updates com.google.guava:guava from 33.5.0-jre to 33.6.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.6.0

Maven
<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.6.0-jre</version>
  
  <version>33.6.0-android</version>
</dependency>
Jar files

33.6.0-jre.jar

33.6.0-android.jar

Guava requires one runtime dependency, which you can download here:

failureaccess-1.0.3.jar

Javadoc

33.6.0-jre

33.6.0-android

JDiff

33.6.0-jre vs. 33.5.0-jre

33.6.0-android vs. 33.5.0-android

33.6.0-android vs. 33.6.0-jre

Changelog

Migrated some classes from finalize() to PhantomReference in preparation for the removal of finalization. (786b619dd6, 7c6b17c, aeef90988d)

cache: Deprecated CacheBuilder APIs that use TimeUnit in favor of those that use Duration. (73f8b0bb84)

collect: Added toImmutableSortedMap collectors that use the natural comparator. (64d70b9f94)

collect: Changed ConcurrentHashMultiset, ImmutableMap and TreeMultiset deserialization to avoid mutating final fields. In extremely unlikely scenarios in which an instance of that type contains an object that refers back to that instance, this could lead to a broken instance that throws NullPointerException when used. (8240c7e596, 046468055f)

graph: Removed @Beta from all APIs in the package. (dae9566b73)

graph: Added support to Graphs.transitiveClosure() for different strategies for adding self-loops. (2e13df25b2)

graph: Added an asNetwork() view to Graph and ValueGraph. (909c593c61)

hash: Added BloomFilter.serializedSize(). (df9bcc251a)

net: Added HttpHeaders.CDN_CACHE_CONTROL. (75331b5030)

Commits

See full diff in compare view

Updates org.bouncycastle:bcpkix-jdk18on from 1.83 to 1.84

Changelog

Sourced from org.bouncycastle:bcpkix-jdk18on's changelog.

... (truncated)

Commits

See full diff in compare view

Updates org.bouncycastle:bcprov-jdk18on from 1.83 to 1.84

Changelog

Sourced from org.bouncycastle:bcprov-jdk18on's changelog.

... (truncated)

Commits

See full diff in compare view

Updates org.bouncycastle:bcutil-jdk18on from 1.83 to 1.84

Changelog

Sourced from org.bouncycastle:bcutil-jdk18on's changelog.

... (truncated)

Commits

See full diff in compare view

Updates org.bouncycastle:bcprov-jdk18on from 1.83 to 1.84

Changelog

Sourced from org.bouncycastle:bcprov-jdk18on's changelog.

... (truncated)

Commits

See full diff in compare view

Updates org.apache.cxf:cxf-wadl2java-plugin from 4.1.4 to 4.2.1

Updates org.postgresql:postgresql from 42.7.9 to 42.7.10

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.10

Changes

Update site for 42.7.10 release @davecramer (#3936)

Create DisabledIfServerGreater annotation @davecramer (#3937)

fix non-standard strings failing test for version 19 @davecramer (#3934)

Revert "fix: make all Calendar instances proleptic Gregorian (#3837)" @davecramer (#3932)

fix small issues in ConnectionFactoryImpl @davecramer (#3929)

Migrate to Shadow 9 @Goooler (#3931)

style: fix empty line before javadoc for checkstyle compliance @Praveen7294 (#3925)

style: fix lambda argument indentation for checkstyle compliance @aclfe (#3922)

test: add autosave=always|never|conservative and cleanupSavepoints=true|false to the randomized CI jobs @vlsi (#3917)

doc: use.md, fix typos @mjschwaiger (#3911)

doc: datasource.md, fix minor formatting issue @mjschwaiger (#3912)

lastEditYear to 2026 and bump version @davecramer (#3909)

🐛 Bug Fixes

fix: process pending responses before fastpath to avoid protocol errors @vlsi (#3913)

⬆️ Dependencies

chore(deps): update github/codeql-action digest to 4bdb89f @renovate-bot (#3914)

chore(deps): update ubuntu:24.04 docker digest to cd1dba6 @renovate-bot (#3915)

chore(deps): update dependency com.typesafe.play:sbt-plugin to v2.9.10 @renovate-bot (#3916)

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.10] (2026-02-11)

Changed

chore: Migrate to Shadow 9 PR 3931

style: fix empty line before javadoc for checkstyle compliance [PR #3925](pgjdbc/pgjdbc#3925)

style: fix lambda argument indentation for checkstyle compliance [PR #3922](pgjdbc/pgjdbc#3922)

test: add autosave=always|never|conservative and cleanupSavepoints=true|false to the randomized CI jobs [PR #3917](pgjdbc/pgjdbc#3917)

Fixed

fix: non-standard strings failing test for version 19 [PR #3934](pgjdbc/pgjdbc#3934)

fix: small issues in ConnectionFactoryImpl [PR #3929](pgjdbc/pgjdbc#3929)

fix: process pending responses before fastpath to avoid protocol errors PR # 3913

doc: use.md, fix typos [PR #3911](pgjdbc/pgjdbc#3911)

doc: datasource.md, fix minor formatting issue [PR #3912](pgjdbc/pgjdbc#3912)

doc: add the new PGP signing key to the official documentation [PR #3912](pgjdbc/pgjdbc#3813)

Reverted

Revert "fix: make all Calendar instances proleptic Gregorian (#3837) (#3887)" [PR #3932](pgjdbc/pgjdbc#3932)

Commits

27571c8 Update site for 42.7.10 release (#3936)
c7b512d Create DisabledIfServerGreater annotation for disabling tests for newer serve...
47f7e3b fix non-standard strings failing test for version 19 (#3934)
d4cf420 Revert "fix: make all Calendar instances proleptic Gregorian (#3837) (#3887)"...
6ea732c fix small issues in ConnectionFactoryImpl (#3929)
95cecdb Migrate to Shadow 9
5762c42 style: fix empty line before javadoc for checkstyle compliance
1ac8d99 style: fix lambda argument indentation for checkstyle compliance
3fab588 test: add autosave=always|never|conservative and cleanupSavepoints=true|false...
9c20cc2 chore(deps): update github/codeql-action digest to 4bdb89f
Additional commits viewable in compare view

Updates ee.sk.mid:mid-rest-java-client from 1.6 to 1.7

Release notes

Sourced from ee.sk.mid:mid-rest-java-client's releases.

1.7

Changed

Reduce logging level when validating user certificates

Changelog

Sourced from ee.sk.mid:mid-rest-java-client's changelog.

[1.7] - upcoming

Changed

Reduce logging level when validating user certificates

Update demo certificates

Commits

f6a4eac Merge pull request #64 from SK-EID/Publish_fix
8d5520b Fix copy command for artifact in publish workflow
9ede6e5 Modify artifact directories in publish.yaml
fe6aa3b Merge pull request #63 from SK-EID/Publish_fix
afa360d Modify publish workflow for central.sonatype.com
a60feb8 Merge pull request #62 from Johxzu/feature/DDS-3046
f00170c Update changelog
7143063 Update demo certificates
5579276 Revert logback version downgrade and remove test - test will be added after m...
9ae9334 feat: DDS-3046 - reduce logging level when validating user certificates
See full diff in compare view

Updates org.bouncycastle:bcutil-jdk18on from 1.83 to 1.84

Changelog

Sourced from org.bouncycastle:bcutil-jdk18on...

Description has been truncated

Bumps the maven-patch-and-minor group with 12 updates: | Package | From | To | | --- | --- | --- | | [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.10` | `3.5.14` | | [co.elastic.logging:logback-ecs-encoder](https://github.com/elastic/ecs-logging-java) | `1.7.0` | `1.8.0` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.4` | `3.5.5` | | [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.6.2` | `3.6.3` | | [com.google.guava:guava](https://github.com/google/guava) | `33.5.0-jre` | `33.6.0-jre` | | [org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java) | `1.83` | `1.84` | | [org.bouncycastle:bcprov-jdk18on](https://github.com/bcgit/bc-java) | `1.83` | `1.84` | | [org.bouncycastle:bcutil-jdk18on](https://github.com/bcgit/bc-java) | `1.83` | `1.84` | | org.apache.cxf:cxf-wadl2java-plugin | `4.1.4` | `4.2.1` | | [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) | `42.7.9` | `42.7.10` | | [ee.sk.mid:mid-rest-java-client](https://github.com/SK-EID/mid-rest-java-client) | `1.6` | `1.7` | | commons-io:commons-io | `2.21.0` | `2.22.0` | Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.10 to 3.5.14 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.10...v3.5.14) Updates `co.elastic.logging:logback-ecs-encoder` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.7.0...v1.8.0) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.4 to 3.5.5 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.4...surefire-3.5.5) Updates `org.apache.maven.plugins:maven-enforcer-plugin` from 3.6.2 to 3.6.3 - [Release notes](https://github.com/apache/maven-enforcer/releases) - [Commits](apache/maven-enforcer@enforcer-3.6.2...enforcer-3.6.3) Updates `com.google.guava:guava` from 33.5.0-jre to 33.6.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `org.bouncycastle:bcpkix-jdk18on` from 1.83 to 1.84 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcprov-jdk18on` from 1.83 to 1.84 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcutil-jdk18on` from 1.83 to 1.84 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcprov-jdk18on` from 1.83 to 1.84 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.apache.cxf:cxf-wadl2java-plugin` from 4.1.4 to 4.2.1 Updates `org.postgresql:postgresql` from 42.7.9 to 42.7.10 - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.7.9...REL42.7.10) Updates `ee.sk.mid:mid-rest-java-client` from 1.6 to 1.7 - [Release notes](https://github.com/SK-EID/mid-rest-java-client/releases) - [Changelog](https://github.com/SK-EID/mid-rest-java-client/blob/master/CHANGELOG.md) - [Commits](SK-EID/mid-rest-java-client@1.6...1.7) Updates `org.bouncycastle:bcutil-jdk18on` from 1.83 to 1.84 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `commons-io:commons-io` from 2.21.0 to 2.22.0 --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 3.5.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-patch-and-minor - dependency-name: co.elastic.logging:logback-ecs-encoder dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: maven-patch-and-minor - dependency-name: org.apache.maven.plugins:maven-enforcer-plugin dependency-version: 3.6.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: maven-patch-and-minor - dependency-name: com.google.guava:guava dependency-version: 33.6.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-version: '1.84' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-version: '1.84' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.bouncycastle:bcutil-jdk18on dependency-version: '1.84' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-version: '1.84' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.apache.cxf:cxf-wadl2java-plugin dependency-version: 4.2.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.postgresql:postgresql dependency-version: 42.7.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-patch-and-minor - dependency-name: ee.sk.mid:mid-rest-java-client dependency-version: '1.7' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: org.bouncycastle:bcutil-jdk18on dependency-version: '1.84' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor - dependency-name: commons-io:commons-io dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-patch-and-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels May 21, 2026

github-actions Bot merged commit 5060827 into master-dependency-update May 21, 2026
1 check passed

dependabot Bot deleted the dependabot/maven/master-dependency-update/maven-patch-and-minor-6616719bbf branch May 21, 2026 07:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependabot: Bump the maven-patch-and-minor group with 12 updates#27

Dependabot: Bump the maven-patch-and-minor group with 12 updates#27
github-actions[bot] merged 1 commit into
master-dependency-updatefrom
dependabot/maven/master-dependency-update/maven-patch-and-minor-6616719bbf

dependabot Bot commented on behalf of github May 21, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 21, 2026

v3.5.14

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

Release 1.8.0

What's Changed

3.5.5

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

🔧 Build

📦 Dependency updates

3.6.3

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

33.6.0

Maven

Jar files

Javadoc

JDiff

Changelog

v42.7.10

Changes

🐛 Bug Fixes

⬆️ Dependencies

[42.7.10] (2026-02-11)

Changed

Fixed

Reverted

1.7

Changed

[1.7] - upcoming

Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants