Bump the dependencies group across 1 directory with 13 updates

[dependabot]

Bumps the dependencies group with 12 updates in the / directory:

Package	From	To
org.apache.maven.plugins:maven-source-plugin	3.3.0	3.3.1
org.apache.maven.plugins:maven-javadoc-plugin	3.6.3	3.10.0
org.apache.maven.plugins:maven-release-plugin	3.0.1	3.1.1
org.apache.maven.plugins:maven-gpg-plugin	3.1.0	3.2.6
org.sonatype.plugins:nexus-staging-maven-plugin	1.6.13	1.7.0
org.apache.maven.plugins:maven-assembly-plugin	3.6.0	3.7.1
org.apache.maven.plugins:maven-compiler-plugin	3.12.1	3.13.0
com.google.code.gson:gson	2.10.1	2.11.0
org.slf4j:slf4j-api	2.0.12	2.0.16
org.apache.commons:commons-lang3	3.14.0	3.17.0
org.openjfx:javafx-controls	21.0.2	23
ch.qos.logback:logback-classic	1.5.0	1.5.8

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1

Commits

• f80596e [maven-release-plugin] prepare release maven-source-plugin-3.3.1
• 7626998 Bump apache/maven-gh-actions-shared from 3 to 4
• 83c963c Bump org.apache.maven.plugins:maven-plugins from 39 to 41 (#18)
• 40ae495 Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.1 (#20)
• 073462b Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.1 (#21)
• 0b1c823 Fix typos in AbstractSourceJarMojo exception
• 099c65a [MSOURCES-142] Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to 4.8.0 (...
• 1edeea4 [MSOURCES-139] Fix typo in AbstractSourceJarMojo exception
• 436966e [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.10.0

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.7.0

• [MJAVADOC-795] - Upgrade to Parent 42 and Maven 3.6.3 (#281) @​michael-o
• [MJAVADOC-682] - Reactor builds fail when multiple modules with same gr… (#253) @​michael-o
• directory, not folder (#252) @​michael-o
• [MJAVADOC-782] - Align read-only parameters naming with other plugins (#251) @​michael-o
• [MJAVADOC-781] - Upgrade plugins and components (in ITs) (#250) @​michael-o
• [MJAVADOC-780] - add missing plugin configuration (#249) @​hboutemy

📦 Dependency updates

• Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0 (#283) @​dependabot
• Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#282) @​dependabot
• Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 (#271) @​dependabot
• Bump org.apache.commons:commons-text from 1.11.0 to 1.12.0 (#277) @​dependabot
• Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#276) @​dependabot
• [MJAVADOC-789] - Bump org.codehaus.plexus:plexus-interactivity-api from 1.2 to 1.3 (#268) @​dependabot
• [MJAVADOC-788] - Bump commons-io:commons-io from 2.15.1 to 2.16.0 (#273) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#270) @​dependabot
• Bump com.thoughtworks.qdox:qdox from 2.0.3 to 2.1.0 (#266) @​dependabot
• Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 (#269) @​dependabot
• Bump org.codehaus.plexus:plexus-interactivity-api from 1.1 to 1.2 (#258) @​dependabot
• Bump org.codehaus.plexus:plexus-archiver from 4.9.0 to 4.9.1 (#263) @​dependabot
• Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 (#260) @​dependabot
• Bump org.codehaus.plexus:plexus-io from 3.4.1 to 3.4.2 (#262) @​dependabot
• Bump org.codehaus.plexus:plexus-archiver from 4.9.0 to 4.9.1 (#256) @​dependabot
• Bump org.codehaus.plexus:plexus-io from 3.4.1 to 3.4.2 (#257) @​dependabot
• Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#254) @​dependabot

📝 Documentation updates

• Fix addStylesheets Javadoc (#261) @​scordio

👻 Maintenance

• Bump org.springframework:spring-context from 4.3.29.RELEASE to 5.2.21.RELEASE in /src/it/projects/MJAVADOC-434_fixcompile (#280) @​dependabot
• Exclude JDK 8 - temurin, adopt-openj9 on macos (#279) @​slawekjaranowski

🔧 Build

• Fix build (#264) @​slawekjaranowski

Commits

• 487e479 [maven-release-plugin] prepare release maven-javadoc-plugin-3.10.0
• 9638a6a [MJAVADOC-785] Align plugin implementation with AbstractMavenReport (maven-re...
• 9d33925 [MJAVADOC-784] Upgrade to Doxia 2.0.0 Milestone Stack
• a11b921 [MJAVADOC-809] Align Mojo class names
• 7c4b467 Bump org.apache.maven.plugins:maven-plugins from 42 to 43
• 636442b Improve ITs
• dbca15a Bump org.hamcrest:hamcrest-core from 2.2 to 3.0
• d02bb88 Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0
• 0a850a1 [MJAVADOC-807] Simplify IT for MJAVADOC-498
• 43e901f Improve URL handling
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.1

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.1.0

🚀 New features and improvements

• [MRELEASE-1145] - Upgrade to Maven 3.6.3 (#217) @​michael-o
• [MRELEASE-1139] - Improve logging of sources for used credentials (#209) @​kwin
• [MRELEASE-1134] - Pass interactive flag to SCM provider (#197) @​kwin

🐛 Bug Fixes

• [MRELEASE-1064] - [REGRESSION] release:branch uses @​releaseLabel instea… (#221) @​michael-o
• [MRELEASE-1147] - @​junitVersion@ never replaced in UTs (make explicit) (#220) @​michael-o
• [MRELEASE-1148] - Release Manage pulls in transitive dependencies (#219) @​michael-o
• [MRELEASE-1146] - maven-release-plugin tests do not properly check for … (#218) @​michael-o
• [MRELEASE-1109] - patch JDomModel (#201) @​mkolesnikov
• [MRELEASE-1109] - Support CI friendly versions (#198) @​kwin

📦 Dependency updates

• Bump scmVersion from 2.0.1 to 2.1.0 (#213) @​dependabot
• Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0 (#215) @​dependabot
• Bump org.codehaus.plexus:plexus-interactivity-api from 1.2 to 1.3 (#210) @​dependabot
• Bump org.codehaus.plexus:plexus-interpolation from 1.26 to 1.27 (#206) @​dependabot
• Bump org.xmlunit:xmlunit-core from 2.9.1 to 2.10.0 (#214) @​dependabot
• [MRELEASE-1144] - Upgrade to Parent 42 (#216) @​michael-o
• Bump apache/maven-gh-actions-shared from 3 to 4 (#212) @​dependabot
• Bump org.codehaus.plexus:plexus-interactivity-api from 1.1 to 1.2 (#207) @​dependabot
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#200) @​dependabot
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.5.1 to 3.6.0 (#204) @​dependabot
• Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.14.0 (#205) @​dependabot
• [MRELEASE-1128] - update maven-scm to 2.0.1 (#192) @​elharo

👻 Maintenance

• Bump release-drafter/release-drafter from 5 to 6 (#211) @​dependabot
• [MRELEASE-1136] - Upgrade parent pom to 41 (#208) @​slachiewicz
• fixup hamcrest dependencies (#194) @​elharo
• prefer JDK String replace methods to Plexus ones (#193) @​elharo

Commits

• 4f350d4 [maven-release-plugin] prepare release maven-release-3.1.1
• 06f6de4 [MRELEASE-1153] Revert parts of MRELEASE-1109 (8dfcb47996320af5e6f0b2d50eac20...
• 985d0bc [MRELEASE-1149] Current release of the plugin has configuration docs missing
• 47e94b4 [maven-release-plugin] prepare for next development iteration
• f2f9f4e [maven-release-plugin] prepare release maven-release-3.1.0
• e109d3b Bump scmVersion from 2.0.1 to 2.1.0
• 5f794a1 Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0
• 28201bb Bump org.codehaus.plexus:plexus-interactivity-api from 1.2 to 1.3
• 8547606 Bump org.codehaus.plexus:plexus-interpolation from 1.26 to 1.27
• adf6aaf Bump org.xmlunit:xmlunit-core from 2.9.1 to 2.10.0
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.6

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.6

Release Notes - Maven GPG Plugin - Version 3.2.6

---

What's Changed

• [MGPG-135] Support Overriding / Enhance the signer in AbstractGpgMojo by @​laeubi in apache/maven-gpg-plugin#112
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0 by @​dependabot in apache/maven-gpg-plugin#114
• [MGPG-140] Update Maven to 3.9.9 by @​cstamas in apache/maven-gpg-plugin#116
• [MGPG-138] Drop direct use of plexus-cipher and secdispatcher by @​cstamas in apache/maven-gpg-plugin#115
• [MGPG-141] Remove use of deprecated classes by @​cstamas in apache/maven-gpg-plugin#117
• Add FAQ for "no pinentry" issue by @​cstamas in apache/maven-gpg-plugin#118

New Contributors

• @​laeubi made their first contribution in apache/maven-gpg-plugin#112

Full Changelog: apache/maven-gpg-plugin@maven-gpg-plugin-3.2.5...maven-gpg-plugin-3.2.6

3.2.5

Release Notes - Maven GPG Plugin - Version 3.2.5

... (truncated)

Commits

• 1c9a14c [maven-release-plugin] prepare release maven-gpg-plugin-3.2.6
• bbe6156 Add FAQ for "no pinentry" issue (#118)
• 5b94273 [MGPG-141] Remove use of deprecated classes (#117)
• afdfd28 [MGPG-138] Drop direct use of plexus-cipher and secdispatcher (#115)
• 7516e7c [MGPG-140] Update Maven to 3.9.9 (#116)
• 4ec571f [MGPG-139] Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3...
• 1126b7b use new Reproducible Central badge endpoint
• 1b40a05 [MGPG-135] Support Overriding / Enhance the signer in AbstractGpgMojo (#112)
• 3a31714 [maven-release-plugin] prepare for next development iteration
• 737d4ee [maven-release-plugin] prepare release maven-gpg-plugin-3.2.5
• Additional commits viewable in compare view

Updates org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0

Updates org.apache.maven.plugins:maven-assembly-plugin from 3.6.0 to 3.7.1

Release notes

Sourced from org.apache.maven.plugins:maven-assembly-plugin's releases.

3.7.1

Release Notes - Maven Assembly Plugin - Version 3.7.1

What's Changed

• [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 by @​dependabot in apache/maven-assembly-plugin#192
• [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.1 by @​dependabot in apache/maven-assembly-plugin#191
• [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 by @​dependabot in apache/maven-assembly-plugin#195
• [MASSEMBLY-1022] Unresolved artifacts should be not processed by @​slawekjaranowski in apache/maven-assembly-plugin#194

Full Changelog: apache/maven-assembly-plugin@maven-assembly-plugin-3.7.0...maven-assembly-plugin-3.7.1

3.7.0

Release Notes - Maven Assembly Plugin - Version 3.7.0

... (truncated)

Commits

• 0afbb3e [maven-release-plugin] prepare release maven-assembly-plugin-3.7.1
• 74e858a [MASSEMBLY-1022] Unresolved artifacts should be not processed
• cb56382 [MASSEMBLY-1025] Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2...
• 86bbed0 [MASSEMBLY-1024] Bump org.apache.commons:commons-compress from 1.25.0 to 1.26...
• bdcc4d0 [MASSEMBLY-1023] Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3...
• 74fe92e [maven-release-plugin] prepare for next development iteration
• 9be6e87 [maven-release-plugin] prepare release maven-assembly-plugin-3.7.0
• e8630dc Bump apache/maven-gh-actions-shared from 3 to 4
• 98f97a5 Bump org.postgresql:postgresql in /src/it/projects/bugs/massembly-730
• c84e110 [MASSEMBLY-1019] Maven 3.6.3 as minimum requirements
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.13.0

🚀 New features and improvements

• [MCOMPILER-574] - Propagate cause of exception in AbstractCompilerMojo (#232) @​slawekjaranowski
• [MCOMPILER-582] - Automatic detection of release option for JDK < 9 (#228) @​slawekjaranowski
• [MCOMPILER-583] - Require Maven 3.6.3 (#229) @​slawekjaranowski
• [MCOMPILER-577] - Rename parameter "forceJavacCompilerUse" (#225) @​kwin
• [MCOMPILER-570] - Add links to javac documentation of JDK17 (#224) @​kwin
• [MCOMPILER-576] - Deprecate parameter "compilerVersion" (#223) @​kwin

📦 Dependency updates

• [MCOMPILER-575] - Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#226) @​dependabot

📝 Documentation updates

• [MCOMPILER-548] - JDK 21 throws annotations processing warning that can not be turned off (#200) @​hgschmie

👻 Maintenance

• [MCOMPILER-584] - Refresh page - Using Non-Javac Compilers (#231) @​slawekjaranowski
• [MCOMPILER-585] - Refresh plugins versions in ITs (#230) @​slawekjaranowski
• subject verb agreement (#221) @​elharo

Commits

• a1415aa [maven-release-plugin] prepare release maven-compiler-plugin-3.13.0
• b2b9196 [MCOMPILER-574] Propagate cause of exception in AbstractCompilerMojo
• 6d2ce5a [MCOMPILER-584] Refresh page - Using Non-Javac Compilers
• eebad60 [MCOMPILER-585] Refresh plugins versions in ITs
• ceacf68 [MCOMPILER-582] Automatic detection of release option for JDK < 9
• 110293f [MCOMPILER-583] Require Maven 3.6.3
• 90131df [MCOMPILER-575] Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227)
• 74cfc72 [MCOMPILER-548] JDK 21 throws annotations processing warning that can not be ...
• f85aa27 Bump apache/maven-gh-actions-shared from 3 to 4
• d59ef49 extract Maven 3.3.1 specific method call
• Additional commits viewable in compare view

Updates com.google.code.gson:gson from 2.10.1 to 2.11.0

Release notes

Sourced from com.google.code.gson:gson's releases.

Gson 2.11.0

Most important changes

• Added default ProGuard / R8 rules (@​Marcono1234, #2397, #2420; @​sgjesse, #2448; @​sfreilich)
  If you are using ProGuard or R8 (for example for Android projects) you might not need any special Gson configuration anymore if your classes have a no-args constructor and use @SerializedName for their fields.
• On Android, Gson now requires API level 21 or newer
• Added new Strictness API (@​marten-voorberg & fellow students, #2437)
  Some of Gson's API is still lenient by default, but you can now use the newly added methods GsonBuilder#setStrictness, JsonReader#setStrictness and JsonWriter#setStrictness with Strictness.STRICT to override this behavior and to instead strictly adhere to the JSON specification when parsing.
• New FormattingStyle class to allow configuring line breaks in JSON output (@​mihnita, #2231)
  Can be set using GsonBuilder#setFormattingStyle and JsonWriter#setFormattingStyle.
• TypeToken can no longer capture type variables by default (@​Marcono1234, #2376)
  This was previously a common source of issues. The newly thrown exception refers to a Troubleshooting Guide article which explains this in more detail and provides suggestions for updating affected code.
• Added serialization support for anonymous and local classes with a custom adapter (@​Marcono1234, #2498)
  This affects for example List implementations returned by libraries such as Guava which are implemented as anonymous class, which were previously serialized as null. Anonymous and local classes without custom adapter will still be serialized as null.
• Added dependency on com.google.errorprone:error_prone_annotations
  Your project can use Maven or Gradle dependency exclusions to remove the transitive error_prone_annotations dependency from Gson. Or if you are manually maintaining dependencies as JARs in your project you can omit error_prone_annotations. And it should still work correctly.
  But Gson itself does declare it as a required dependency, and if you don't perform any custom configuration, then Maven or Gradle will by default try to download and use it.
• Many exception messages now refer to the Troubleshooting Guide (@​Marcono1234, #2357)
  Feedback regarding the Troubleshooting Guide is appreciated!
• Officially documented that JVM languages other than Java might not be fully supported, see the README.
• Guarantee that JsonElement#toString produces JSON output (@​Marcono1234, #2659)

Other changes

Bug fixes

• Fixed incorrect JsonPrimitive#equals results for large BigInteger values (@​MaicolAntali, #2311)
• Fixed incorrect JsonPrimitive#equals results for large BigDecimal values (@​MaicolAntali, #2364)
• Fixed JsonReader throwing NumberFormatException instead of MalformedJsonException for malformed Unicode escape sequences (@​MaicolAntali, #2337)
• Fixed TypeToken#getParameterized returning bogus ParameterizedType for non-generic types (@​Marcono1234, #2447)
• Fixed Java Record adapter not working for GraalVM Native Image (@​eamonnmcmanus, #2465)
• Fixed JsonWriter#name not throwing exception when no JSON object is currently being written (@​shivam-sehgal, #2475; @​Marcono1234, #2476)
• Fixed Gson#getDelegateAdapter not working properly for @JsonAdapter (@​Marcono1234, #2435)
  Note that null is now not allowed as skipPast value anymore, which was previously allowed but undocumented.
• Fixed GsonBuilder not rejecting type adapters for Object and JsonElement, whose default adapters cannot be overridden (@​sachinp97; #2479)
• Fixed no limits being enforced when deserializing BigDecimal and BigInteger (@​Marcono1234, #2510)
  The new limits prevent potential performance problems when user code uses the deserialized numbers. Gson itself was and is not affected by these performance problems. The limits should be high enough to not cause issues for most use cases, but feedback is appreciated.
• Fixed GsonBuilder#setDateFormat not rejecting invalid date formats (@​Carpe-Wang, #2538)
• Fixed GsonBuilder#setDateFormat not rejecting invalid date styles (@​Marcono1234, #2545)
• Fixed GsonBuilder#setDateFormat ignoring partial DEFAULT style (@​Marcono1234, #2556)
• Fixed TypeToken#isAssignableFrom throwing AssertionError in some cases (@​Marcono1234, #2544)
• Fixed date adapters not restoring time zone after parsing (@​Carpe-Wang, #2549)
• Fixed TypeToken#equals erroneously returning false for equal generic type parameters in some cases (@​d-william, #2599)
• Fixed incorrect inherited URLs in pom.xml (@​Marcono1234, #2351)

Performance improvements

• Slightly reduce memory usage for reflection-based adapter (@​sembseth, #2325; @​Marcono1234, #2440)
• Improved parsing speed of ToNumberPolicy#LONG_OR_DOUBLE (@​ctasada, #2674)

... (truncated)

Commits

• 828a97b [maven-release-plugin] prepare release gson-parent-2.11.0
• 93bc0f2 Skip signing graal-native-test module. (#2675)
• b153ca1 [maven-release-plugin] rollback the release of gson-parent-2.11.0
• 0e3d2aa [maven-release-plugin] prepare for next development iteration
• 545b802 [maven-release-plugin] prepare release gson-parent-2.11.0
• 8bfdbb4 Guarantee that JsonElement.toString() produces JSON (#2659)
• 9008b09 Extend Troubleshooting Guide with some ProGuard / R8 information (#2656)
• 05652c3 Document that other JVM languages are not fully supported (#2666)
• 454a491 Improved Long-Double Number Policy (#2674)
• 570d911 Bump the github-actions group with 4 updates (#2671)
• Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.12 to 2.0.16

Updates org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0

Updates org.openjfx:javafx-controls from 21.0.2 to 23

Updates org.openjfx:javafx-fxml from 21.0.2 to 23

Updates ch.qos.logback:logback-classic from 1.5.0 to 1.5.8

Commits

• 92e1a5e prepare release 1.5.8
• 76d8dd8 Update README.md, comment out CI action results
• d7e0d59 Merge branch 'master' of github.com:qos-ch/logback
• fe3bf9d os.name property is expected to be Mac OS X on Apple computers
• 9806273 Update README.md
• c45f110 check for Mac OS X
• 00c6f5e what is the os.name
• 7d03a42 update actions/setup
• edacb3b skip email sent termination test on MacOs
• 3b5d041 allow more time for timetout
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.