build(deps): bump the dependabot-dependency-updates group across 1 directory with 17 updates

[dependabot]

Bumps the dependabot-dependency-updates group with 17 updates in the / directory:

Package	From	To
com.siemens.pki:CmpRaComponent	4.1.4	4.2.0
jakarta.xml.bind:jakarta.xml.bind-api	4.0.1	4.0.2
org.glassfish.jaxb:jaxb-runtime	4.0.4	4.0.5
org.slf4j:slf4j-api	2.0.11	2.0.16
org.slf4j:slf4j-simple	2.0.11	2.0.16
org.eclipse.californium:californium-core	3.10.0	3.13.0
com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider	2.16.1	2.18.2
com.fasterxml.jackson.core:jackson-databind	2.16.1	2.18.2
commons-cli:commons-cli	1.6.0	1.9.0
org.jacoco:jacoco-maven-plugin	0.8.11	0.8.12
org.apache.maven.plugins:maven-dependency-plugin	3.6.1	3.8.1
org.apache.maven.plugins:maven-jar-plugin	3.3.0	3.4.2
org.apache.maven.plugins:maven-surefire-plugin	3.2.5	3.5.2
org.apache.maven.plugins:maven-javadoc-plugin	3.6.3	3.11.1
com.diffplug.spotless:spotless-maven-plugin	2.42.0	2.43.0
org.apache.maven.plugins:maven-source-plugin	3.3.0	3.3.1
org.cyclonedx:cyclonedx-maven-plugin	2.7.11	2.9.1

Updates com.siemens.pki:CmpRaComponent from 4.1.4 to 4.2.0

Release notes

Sourced from com.siemens.pki:CmpRaComponent's releases.

Use same credentials for MAC based protection at Downstream

• If outgoing message is configured to be reprotected, any configuration of outgoing credentials is ignored and the verification credentials are used instead.

Changelog

Sourced from com.siemens.pki:CmpRaComponent's changelog.

4.1.4 (Jul 23 2024)

fix: again fix protection of NESTED responses

4.2.0 (Sep 10 2024)

feat: Use same credentials for MAC based protection at Downstream

Commits

• 041ef55 Use same credentials for MAC based protection at Downstream (#106)
• 79eb00a Bump the dependabot-dependency-updates group across 1 directory with 9 update...
• See full diff in compare view

Updates jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2

Release notes

Sourced from jakarta.xml.bind:jakarta.xml.bind-api's releases.

Jakarta XML Binding API 4.0.2

The 4.0.2 release is a bug fix release of 4.0.0.

Following changes are included:

• #229 - Documented exception thrown is incorrect for javax.xml.bind.DatatypeConverter#print(Object) methods
• #231 - Incorrect exception thrown by javax.xml.bind.DatatypeConverter
• #236 - Fix the link to WS-I BP 1.0 in the spec
• #284 - Re-use SAXParserFactory in AbstractUnmarshallerImpl for better performance
• Javadoc improvements - formatting, typos, grammar, sample code
• uses Jakarta Activation APIs 2.1.3

New Contributors

• @​antoniosanct made their first contribution in jakartaee/jaxb-api#281

Full Changelog: jakartaee/jaxb-api@4.0.1...4.0.2

Commits

• ca43d8b Update API version of : to 4.0.2
• 80da6a2 Snippet fix
• 31fd9dc fix whitespaces (tabs to spaces)
• d2a6134 drop obsolete travis config
• 6c40045 build by 21
• 8e787dc fix typo indicated in #234 (#295)
• b2c0e7a typos, grammar,
• 62206ad Apply @​snippet to javadoc,
• 2156e6a fix #242
• c87d01c update legal files
• Additional commits viewable in compare view

Updates org.glassfish.jaxb:jaxb-runtime from 4.0.4 to 4.0.5

Updates org.slf4j:slf4j-api from 2.0.11 to 2.0.16

Updates org.slf4j:slf4j-simple from 2.0.11 to 2.0.16

Updates org.eclipse.californium:californium-core from 3.10.0 to 3.13.0

Updates com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider from 2.16.1 to 2.18.2

Updates com.fasterxml.jackson.core:jackson-databind from 2.16.1 to 2.18.2

Commits

• See full diff in compare view

Updates commons-cli:commons-cli from 1.6.0 to 1.9.0

Updates org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.12

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.12

New Features

• JaCoCo now officially supports Java 22 (GitHub #1596).
• Experimental support for Java 23 class files (GitHub #1553).

Fixed bugs

• Branches added by the Kotlin compiler for functions with default arguments and having more than 32 parameters are filtered out during generation of report (GitHub #1556).
• Branch added by the Kotlin compiler version 1.5.0 and above for reading from lateinit property is filtered out during generation of report (GitHub #1568).

Non-functional Changes

• JaCoCo now depends on ASM 9.7 (GitHub #1600).

Commits

• dbfb6f2 Prepare release 0.8.12
• a50585b Upgrade maven-plugin-plugin to 3.6.4 (#1604)
• fd63cc5 Configure labels that Dependabot assigns to PRs (#1603)
• 03a5333 Add configuration for Dependabot to simplify updates of ASM (#1601)
• 40ff9fb Upgrade ASM to 9.7 (#1600)
• 9077178 Happy birthday Java 22! (#1596)
• 7edd1b5 Bump actions/setup-java from 4.1.0 to 4.2.1 (#1594)
• e50b547 Upgrade ECJ to 3.37.0 (#1590)
• a1144d0 Upgrade maven-site-plugin to 3.12.1 (#1586)
• 04b0141 Bump actions/setup-java from 4.0.0 to 4.1.0 (#1587)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.8.1

Release notes

Sourced from org.apache.maven.plugins:maven-dependency-plugin's releases.

3.8.1

What's Changed

• Bump org.apache.maven.doxia:doxia-sink-api from 2.0.0-M12 to 2.0.0 by @​dependabot in apache/maven-dependency-plugin#432
• [MDEP-956][MDEP-932] Silence artifact copying by @​elharo in apache/maven-dependency-plugin#436
• Minor copy editing by @​elharo in apache/maven-dependency-plugin#437
• [MDEP-958] Bump org.apache.maven.shared:maven-dependency-analyzer from 1.14.1 to 1.15.0 by @​dependabot in apache/maven-dependency-plugin#434
• Bump org.apache.maven.reporting:maven-reporting-api from 4.0.0-M12 to 4.0.0 by @​dependabot in apache/maven-dependency-plugin#435
• [MNGSITE-393] Cleanup and correct usage docs by @​elharo in apache/maven-dependency-plugin#440
• Replace old workaround for Maven 3.2.5 bug by @​elharo in apache/maven-dependency-plugin#438
• Delete obsolete commented code by @​elharo in apache/maven-dependency-plugin#446
• [MDEP-930] Make test robust against platform default character sets by @​elharo in apache/maven-dependency-plugin#448

... (truncated)

Commits

• 954e44a [maven-release-plugin] prepare release maven-dependency-plugin-3.8.1
• 842075d Bump org.apache.maven.reporting:maven-reporting-impl
• 7e1aadc Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0
• 188531c Fix SCM tag
• 361058e Bump jettyVersion from 9.4.55.v20240627 to 9.4.56.v20240826
• 38ab100 Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1
• cbac4a7 Bump commons-io:commons-io from 2.16.1 to 2.17.0
• b19b7e0 [MDEP-930] Make test robust against platform default character sets (#448)
• e347ef7 Delete obsolete commented code for issue that was won't fixed 10 years ago (#...
• 7b137a1 [MDEP-946] Add analyze exclusions to list of goals
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.2

Release notes

Sourced from org.apache.maven.plugins:maven-jar-plugin's releases.

3.4.2

🐛 Bug Fixes

• [MJAR-310] - fixed toolchain version detection when toolchain paths contain white spaces (#86) @​jansohn

👻 Maintenance

• Build with Maven 4 (#88) @​slawekjaranowski

3.4.1

🐛 Bug Fixes

• [MJAR-307] - Wrong version of commons-io cause a ClassNotFound o.a.commons.io.file.attribute.FileTimes (#83) @​slawekjaranowski

📦 Dependency updates

• [MJAR-308] - Bump org.apache.maven.plugins:maven-plugins from 41 to 42 (#85) @​dependabot

3.4.0

🚀 New features and improvements

• [MJAR-296] - Allow including files excluded by default. (#67) @​redzi
• [MJAR-302] - Require Maven 3.6.3 (#77) @​slawekjaranowski
• [MJAR-292] - Detect MRJAR and add Multi-Release manifest entry (#57) @​jorsol

🐛 Bug Fixes

• [MJAR-62] - Set Build-Jdk according to used toolchain (#73) @​slawekjaranowski

📦 Dependency updates

• [MJAR-306] - Use properties for plugins versions in LifecycleMapping (#82) @​slawekjaranowski
• Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#74) @​dependabot
• [MJAR-298] - Update Maven-Archiver to 3.6.2 (#78) @​slawekjaranowski
• Bump apache/maven-gh-actions-shared from 2 to 4 (#72) @​dependabot
• Bump commons-io:commons-io from 2.14.0 to 2.15.1 (#68) @​dependabot
• [MJAR-297] - Update Parent to 40 (#64) @​jorsol
• [MJAR-298] - Update Maven-Archiver to 3.6.1 (#65) @​jorsol
• [MJAR-293] - Update Parent to 39 (#59) @​jorsol

👻 Maintenance

• [MJAR-304] - Refresh download page (#80) @​slawekjaranowski
• [MJAR-303] - Cleanup declared dependencies (#79) @​slawekjaranowski
• Remove dependency on plexus (#63) @​elharo

Commits

• 95007e8 [maven-release-plugin] prepare release maven-jar-plugin-3.4.2
• 99584ce Build with Maven 4
• e9c98a4 [MJAR-310] fixed toolchain version detection when toolchain paths contain whi...
• a5554bb [maven-release-plugin] prepare for next development iteration
• 8b29adc [maven-release-plugin] prepare release maven-jar-plugin-3.4.1
• 325b299 [MJAR-308] Bump org.apache.maven.plugins:maven-plugins from 41 to 42 (#85)
• 52111cc [MJAR-307] Wrong version of commons-io cause a ClassNotFound o.a.commons.io.f...
• 902d4c5 [maven-release-plugin] prepare for next development iteration
• 992f44a [maven-release-plugin] prepare release maven-jar-plugin-3.4.0
• 5e31b99 [MJAR-296] Allow including files excluded by default. (#67)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.5.2

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.2

🚀 New features and improvements

• [SUREFIRE-2278] - Don't say please. (#792) @​elharo

📦 Dependency updates

• [SUREFIRE-2281] - Doxia 2.0.0 ga (#794) @​michael-o
• Bump commons-io:commons-io from 2.2 to 2.14.0 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1 (#789) @​dependabot

👻 Maintenance

• [SUREFIRE-2282] - surefire-report-plugin: Update Introduction documenta… (#796) @​michael-o
• Reduce cyclomatic complexity (#793) @​elharo

Full Changelog: apache/maven-surefire@surefire-3.5.1...surefire-3.5.2

3.5.1

🚀 New features and improvements

• [SUREFIRE-2270] - Use JUnit5 in surefire-shadefire (#783) @​slawekjaranowski
• [SUREFIRE-2266] - Execute ITs in parallel (#781) @​slawekjaranowski
• [SUREFIRE-2264] - Limit usage of commons-io from surefire-shared-utils (#777) @​slawekjaranowski

🐛 Bug Fixes

• [SUREFIRE-2267] - Packages for commons-codec should be relocated in surefire-shared-utils (#782) @​slawekjaranowski
• [SUREFIRE-1737] - Fix disable in statelessTestsetReporter (#780) @​slawekjaranowski
• [SUREFIRE-2257] - [REGRESSION] NPEx: Cannot invoke "Object.toString()" … (#774) @​michael-o

📦 Dependency updates

• [SUREFIRE-2273] - Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#784) @​dependabot
• [SUREFIRE-2272] - Bump org.codehaus.plexus:plexus-java from 1.2.0 to 1.3.0 - JDK 23 support (#786) @​dependabot
• [SUREFIRE-2226] - Upgrade to Maven Verifier 2.0.0-M1 (#706) @​michael-o
• [SUREFIRE-2265] - Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#779) @​dependabot
• [SUREFIRE-2263] - Use the latest version of surefire for self build (#776) @​slawekjaranowski
• [SUREFIRE-2262] - Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (#775) @​dependabot

👻 Maintenance

• [SUREFIRE-2269] - Allow fail during clean in surefire-its (#785) @​slawekjaranowski

3.5.0

... (truncated)

Commits

• ea9f049 [maven-release-plugin] prepare release surefire-3.5.2
• e1f94a0 [SUREFIRE-2276] JUnit5's TestTemplate failures treated as flakes with retries
• d24adb4 [SUREFIRE-2277] RunResult#getFlakes() is lost during serialisation/deserialis...
• 4385e94 Remove links to non-existing report
• 8881971 Remove outdated FAQ
• 0121834 [SUREFIRE-2283] FAQ site contains broken link to failsafe-plugin
• 91d16c3 Fix formatting of XML schema files
• 6cb417a Add .xsd to .gitattributes
• 9ce5221 [SUREFIRE-2282] surefire-report-plugin: Update Introduction documentation page
• 620b983 [SUREFIRE-2281] Upgrade to Doxia 2.0.0 GA Stack
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.11.1

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

maven-javadoc-plugin-3.11.1

What's Changed

• [MJAVADOC-821] Align toolchain discovery code with Maven Compiler Plugin by @​michael-o in apache/maven-javadoc-plugin#334

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.0...maven-javadoc-plugin-3.11.1

maven-javadoc-plugin-3.10.1

What's Changed

• [MJAVADOC-810] [REGRESSION] MJAVADOC-791 causes forked Maven execution fail if any toolchains or settings file isn't present by @​cstamas in apache/maven-javadoc-plugin#313
• Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 by @​dependabot in apache/maven-javadoc-plugin#314
• Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1 by @​dependabot in apache/maven-javadoc-plugin#315
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @​dependabot in apache/maven-javadoc-plugin#319
• [MJAVADOC-812] [REGRESSION] maven-javadoc-plugin 3.10.0 creates empty… by @​michael-o in apache/maven-javadoc-plugin#320

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.10.0...maven-javadoc-plugin-3.10.1

maven-javadoc-plugin-3.10.0

❗ NOTICE

Due to Doxia 2.x stack maven-site-plugin 3.20+ is requred.

What's Changed

• Add test for custom FixJavadocMojo#defaultVersion by @​Marcono1234 in apache/maven-javadoc-plugin#305
• Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @​dependabot in apache/maven-javadoc-plugin#304
• Improve URL handling by @​michael-o in apache/maven-javadoc-plugin#310
• Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 by @​dependabot in apache/maven-javadoc-plugin#307
• Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by @​dependabot in apache/maven-javadoc-plugin#306
• Improve ITs by @​michael-o in apache/maven-javadoc-plugin#311
• Bump org.apache.maven.plugins:maven-plugins from 42 to 43 by @​dependabot in apache/maven-javadoc-plugin#294
• [MJAVADOC-809] Align Mojo class names by @​michael-o in apache/maven-javadoc-plugin#312
• [MJAVADOC-784] Upgrade to Doxia 2.0.0 Milestone Stack by @​michael-o in apache/maven-javadoc-plugin#204

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.8.0...maven-javadoc-plugin-3.10.0

maven-javadoc-plugin-3.8.0

What's Changed

• Bump org.springframework:spring-context from 4.3.29.RELEASE to 5.2.21.RELEASE in /src/it/projects/MJAVADOC-434_fixcompile by @​dependabot in apache/maven-javadoc-plugin#280
• Fix usage documentation mentioning nohelp default value by @​indyteo in apache/maven-javadoc-plugin#286
• [MJAVADOC-796] Do not follow links for Java 12+ by @​michael-o in apache/maven-javadoc-plugin#287
• [MJAVADOC-800] Bump org.codehaus.plexus:plexus-io from 3.4.2 to 3.5.0 by @​dependabot in apache/maven-javadoc-plugin#291
• Remove outdated invoker conditions by @​michael-o in apache/maven-javadoc-plugin#292
• Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @​dependabot in apache/maven-javadoc-plugin#293
• Bump org.apache.maven.shared:maven-common-artifact-filters from 3.2.0 to 3.4.0 by @​dependabot in apache/maven-javadoc-plugin#288
• [MJAVADOC-799] Remove inconsistent AbstractFixJavadocMojo#defaultVersion default value by @​Marcono1234 in apache/maven-javadoc-plugin#295
• [MJAVADOC-801] Upgrade to Clirr Maven Plugin 2.8 in fix goals by @​michael-o in apache/maven-javadoc-plugin#296
• [MJAVADOC-803] Add default parameter to force root locale by @​michael-o in apache/maven-javadoc-plugin#298
• [MJAVADOC-783] Invalid path when using TagletArtifact and TagletPath by @​michael-o in apache/maven-javadoc-plugin#300

... (truncated)

Commits

• 619650c [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.1
• e314da0 [MJAVADOC-821] Align toolchain discovery code with Maven Compiler Plugin
• 62a6861 [MJAVADOC-820] [REGRESSION] MJAVADOC-787 was merged incompletely
• d1090c5 [maven-release-plugin] prepare for next development iteration
• ee030f7 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.0
• 6c5fdc0 [MJAVADOC-819] Align archive generation code with Maven Source Plugin
• 3a90de5 [MJAVADOC-787] Automatic detection of release option for JDK < 9
• 373172d [MJAVADOC-817] Upgrade to Doxia 2.0.0 GA Stack
• ba266c0 Fix SCM tag
• 5775ce1 Fix typo
• Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 2.42.0 to 2.43.0

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

[2.43.0] - 2023-11-27

Added

• Support custom rule sets for Ktlint. (#1896)

Fixed

• Fix Eclipse JDT on some settings files. (#1864 fixes #1638)

Changed

• Bump default ktlint version to latest 1.0.0 -> 1.0.1. (#1855)
• Add a Step to remove semicolons from Groovy files. (#1881)

Commits

• 23972d3 Published lib/2.43.0
• c4511b6 SpotBugs plugin 5.2.3 (#1905)
• b9db264 Sign task is now CC compatible (#1906)
• c4f8a88 Polish GradleExtension tests (#1908)
• 2b05af1 Add a step to remove semicolons in Groovy files (#1900)
• f183b61 Bump Kotlin to 1.6.21 in integration tests
• 4775485 Polish GroovyGradleExtensionTest
• 53fe1e0 Polish KotlinGradleExtensionTest
• 1031d15 Defer Jar task configuration
• 997ae05 Sign task is now CC compatible
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1

Commits

• f80596e [maven-release-plugin] prepare release maven-source-plugin-3.3.1
• 7626998 Bump apache/maven-gh-actions-shared from 3 to 4
• 83c963c Bump org.apache.maven.plugins:maven-plugins from 39 to 41 (#18)
• 40ae495 Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.1 (#20)
• 073462b Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.1 (#21)
• 0b1c823 Fix typos in AbstractSourceJarMojo exception
• 099c65a [MSOURCES-142] Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to 4.8.0 (...
• 1edeea4 [MSOURCES-139] Fix typo in AbstractSourceJarMojo exception
• 436966e [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates org.cyclonedx:cyclonedx-maven-plugin from 2.7.11 to 2.9.1

Release notes

Sourced from org.cyclonedx:cyclonedx-maven-plugin's releases.

2.9.1

🚀 New features and improvements

• Make log output more easy to understand by sorting (#542) @​Bananeweizen
• simplify code (#577) @​hboutemy
• share isBlank(String) (#575) @​hboutemy
• don't generate invalid SBOM on blank license: ignore instead (#573) @​fupgang

🐛 Bug Fixes

• Fix incorrect component type in aggregated SBOM (Multi-module project) (#522) @​lonewalker0

📦 Dependency updates

• Bump actions/checkout from 4.2.0 to 4.2.1 (#565) @​dependabot

🔧 Build

• upgrade github-pages-deploy-action (#584) @​hboutemy
• Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.6.2 to 3.8.0 (#570) @​dependabot
• Bump actions/checkout from 4.2.1 to 4.2.2 (#571) @​dependabot
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.7 (#561) @​dependabot
• Bump org.junit:junit-bom from 5.10.3 to 5.11.2 (#563) @​dependabot

2.9.0

🎉 Major features and improvements

• Support 1.6 spec (#556) @​thesurlydev

🔧 Build

• run mvn verify in CI instead of package (#560) @​hboutemy
• Avoid resources filtering warning (#543) @​Bananeweizen
• fix site issues created by upgrades #553 and #552 (#559) @​hboutemy
• Bump org.apache.maven.plugins:maven-site-plugin from 3.12.1 to 3.20.0 (#553) @​dependabot
• Bump actions/checkout from 4.1.7 to 4.2.0 (#555) @​dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.10.1 (#558) @​dependabot

2.8.2

🐛 Bug Fixes

• display configured classifier from #506 (#550) @​hboutemy

📦 Dependency updates

• Bump plugin-tools.version from 3.13.1 to 3.15.0 (#551) @​dependabot
• Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.6.1 to 3.7.0 (#552) @​dependabot

... (truncated)

Commits

• f5ac98a [maven-release-plugin] prepare release cyclonedx-maven-plugin-2.9.1
• b8e2442 upgrade github-pages-deploy-action
• 2c95cf2 Bump org.apache.maven.plugins:maven-project-info-reports-plugin
• f988a79 Bump actions/checkout from 4.2.1 to 4.2.2
• db2a35b Make log output more easy to understand by sorting dependencies
• 6429094 simplify code
• 4450f3b Fix incorrect component type in aggregated SBOM
• c02b50f share isBlank(String)
• 0bef0d0 fixes CycloneDX/cyclonedx-maven-plugin#382
• cf7d300 Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #90.