Skip to content

[12.1.x EE9] Bump the dev-dependencies group across 1 directory with 26 updates#15286

Open
dependabot[bot] wants to merge 1 commit into
jetty-12.1.xfrom
dependabot/maven/jetty-ee9/jetty-12.1.x/dev-dependencies-7a1494700e
Open

[12.1.x EE9] Bump the dev-dependencies group across 1 directory with 26 updates#15286
dependabot[bot] wants to merge 1 commit into
jetty-12.1.xfrom
dependabot/maven/jetty-ee9/jetty-12.1.x/dev-dependencies-7a1494700e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the dev-dependencies group with 25 updates in the /jetty-ee9 directory:

Package From To
com.sun.mail:jakarta.mail 2.0.1 2.0.2
org.glassfish.jersey.containers:jersey-container-servlet 3.0.17 3.1.0
org.glassfish.jersey.inject:jersey-hk2 3.0.17 3.1.0
org.glassfish.jersey.media:jersey-media-json-binding 3.0.17 3.1.0
org.ow2.asm:asm 9.10 9.10.1
org.ow2.asm:asm-commons 9.10 9.10.1
org.ow2.asm:asm-bom 9.10 9.10.1
net.java.dev.jna:jna 5.18.1 5.19.0
net.java.dev.jna:jna-jpms 5.18.1 5.19.0
org.apache.openwebbeans:openwebbeans-jetty9 2.0.27 2.0.28
org.apache.openwebbeans:openwebbeans-web 2.0.27 2.0.28
com.fasterxml.jackson:jackson-bom 2.21.3 2.22.0
io.netty:netty-bom 4.2.13.Final 4.2.15.Final
org.hibernate.search:hibernate-search-bom 8.3.1.Final 8.4.0.Final
org.junit:junit-bom 6.0.3 6.1.0
ch.qos.logback:logback-core 1.5.32 1.5.34
io.grpc:grpc-core 1.81.0 1.82.0
io.grpc:grpc-netty-shaded 1.81.0 1.82.0
io.smallrye.common:smallrye-common-annotation 2.18.1 2.19.0
io.smallrye.common:smallrye-common-cpu 2.18.1 2.19.0
org.codehaus.plexus:plexus-classworlds 2.11.0 2.12.0
org.eclipse.jdt:ecj 3.45.0 3.46.0
eu.maveniverse.maven.njord:extension3 0.9.6 0.9.7
eu.maveniverse.maven.plugins:njord 0.9.6 0.9.7
org.apache.maven.extensions:maven-build-cache-extension 1.2.2 1.2.3

Updates com.sun.mail:jakarta.mail from 2.0.1 to 2.0.2

Updates org.glassfish.jersey.containers:jersey-container-servlet from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.inject:jersey-hk2 from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.media:jersey-media-json-binding from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.inject:jersey-hk2 from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.media:jersey-media-json-binding from 3.0.17 to 3.1.0

Updates org.ow2.asm:asm from 9.10 to 9.10.1

Updates org.ow2.asm:asm-commons from 9.10 to 9.10.1

Updates org.ow2.asm:asm-bom from 9.10 to 9.10.1

Updates org.ow2.asm:asm-commons from 9.10 to 9.10.1

Updates net.java.dev.jna:jna from 5.18.1 to 5.19.0

Changelog

Sourced from net.java.dev.jna:jna's changelog.

Release 5.19.0

Features

  • #1696: Add LARGE_INTEGER.ByValue to LARGE_INTEGER in WinNT.java - @​baier233.
  • #1697: Add WlanApi module - @​eranl.
  • #1718: Add Cups to c.s.j.p.unix providing CUPS printing system bindings for destinations, jobs, options, and server configuration - @​dbwiddis.
  • #1720: Add groupCount and groupMasks fields to CACHE_RELATIONSHIP in c.s.j.p.win32.WinNT, matching the updated Windows struct layout - @​dbwiddis.
  • #1719: Add CoreGraphics to c.s.j.p.mac with Quartz Window Services and Display Services bindings; implement getAllWindows() in MacWindowUtils - @​dbwiddis.
  • #1723: Add ProcFdInfo, InSockInfo, TcpSockInfo, proc_pidfdinfo, statfs64, and vm_deallocate to c.s.j.p.mac.SystemB - @​dbwiddis.
  • #1725: Add BluetoothApis to c.s.j.p.win32 providing Bluetooth device and radio enumeration via BluetoothFindFirstRadio, BluetoothFindFirstDevice, and related functions - @​dbwiddis.

Bug Fixes

  • #1644: Fix bug in VARDESC and TYPEDESC causing an illegal memory access - @​lwahonen
  • #1715: Fix UdevDevice.getSysname() calling udev_device_get_syspath instead of udev_device_get_sysname - @​dbwiddis.
  • #1721: Fix switched serverName/domainName arguments in Netapi32Util#getDCName - @​dbwiddis.
  • #1722: Fix Advapi32#RegisterServiceCtrlHandler using wrong Handler type - @​dbwiddis.
  • #1636: Drop hard dependency on java.lang.SecurityManager/java.security.AccessController - @​matthiasblaesing.
  • #1724: Fix host_page_size in c.s.j.p.mac.SystemB and getxattr/setxattr/listxattr in c.s.j.p.mac.XAttr using long instead of pointer-sized types for size_t/ssize_t parameters - @​dbwiddis.
  • #1727: Include DragonFlyBSD in NativeLibrary versioned library resolution, libc special-case loading, and 64-bit search paths - @​dbwiddis.
  • #1709: Rebuild native library for OpenBSD 7.9 x86-64, drop OpenBSD x86 - @​matthiasblaesing.
Commits
  • 9ff1381 Release 5.19.0
  • 2d038ef Merge pull request #1726 from matthiasblaesing/openbsd
  • eecab35 Update native built for OpenBSD 7.9 (x86-64 only)
  • f670868 Merge pull request #1727 from dbwiddis/fix/dragonflybsd-library-loading
  • 08628c0 Include DragonFlyBSD in library loading fallback paths
  • 0e29d6f Add BluetoothApis to c.s.j.p.win32
  • 2771c1a Address review: use HANDLEByReference and UNICODE_OPTIONS
  • da652b6 Add BluetoothApis to c.s.j.p.win32
  • 5c421d7 Merge pull request #1723 from dbwiddis/add-resource-usage-and-proc-info
  • abfd400 Add proc_info structs and methods to mac SystemB
  • Additional commits viewable in compare view

Updates net.java.dev.jna:jna-jpms from 5.18.1 to 5.19.0

Changelog

Sourced from net.java.dev.jna:jna-jpms's changelog.

Release 5.19.0

Features

  • #1696: Add LARGE_INTEGER.ByValue to LARGE_INTEGER in WinNT.java - @​baier233.
  • #1697: Add WlanApi module - @​eranl.
  • #1718: Add Cups to c.s.j.p.unix providing CUPS printing system bindings for destinations, jobs, options, and server configuration - @​dbwiddis.
  • #1720: Add groupCount and groupMasks fields to CACHE_RELATIONSHIP in c.s.j.p.win32.WinNT, matching the updated Windows struct layout - @​dbwiddis.
  • #1719: Add CoreGraphics to c.s.j.p.mac with Quartz Window Services and Display Services bindings; implement getAllWindows() in MacWindowUtils - @​dbwiddis.
  • #1723: Add ProcFdInfo, InSockInfo, TcpSockInfo, proc_pidfdinfo, statfs64, and vm_deallocate to c.s.j.p.mac.SystemB - @​dbwiddis.
  • #1725: Add BluetoothApis to c.s.j.p.win32 providing Bluetooth device and radio enumeration via BluetoothFindFirstRadio, BluetoothFindFirstDevice, and related functions - @​dbwiddis.

Bug Fixes

  • #1644: Fix bug in VARDESC and TYPEDESC causing an illegal memory access - @​lwahonen
  • #1715: Fix UdevDevice.getSysname() calling udev_device_get_syspath instead of udev_device_get_sysname - @​dbwiddis.
  • #1721: Fix switched serverName/domainName arguments in Netapi32Util#getDCName - @​dbwiddis.
  • #1722: Fix Advapi32#RegisterServiceCtrlHandler using wrong Handler type - @​dbwiddis.
  • #1636: Drop hard dependency on java.lang.SecurityManager/java.security.AccessController - @​matthiasblaesing.
  • #1724: Fix host_page_size in c.s.j.p.mac.SystemB and getxattr/setxattr/listxattr in c.s.j.p.mac.XAttr using long instead of pointer-sized types for size_t/ssize_t parameters - @​dbwiddis.
  • #1727: Include DragonFlyBSD in NativeLibrary versioned library resolution, libc special-case loading, and 64-bit search paths - @​dbwiddis.
  • #1709: Rebuild native library for OpenBSD 7.9 x86-64, drop OpenBSD x86 - @​matthiasblaesing.
Commits
  • 9ff1381 Release 5.19.0
  • 2d038ef Merge pull request #1726 from matthiasblaesing/openbsd
  • eecab35 Update native built for OpenBSD 7.9 (x86-64 only)
  • f670868 Merge pull request #1727 from dbwiddis/fix/dragonflybsd-library-loading
  • 08628c0 Include DragonFlyBSD in library loading fallback paths
  • 0e29d6f Add BluetoothApis to c.s.j.p.win32
  • 2771c1a Address review: use HANDLEByReference and UNICODE_OPTIONS
  • da652b6 Add BluetoothApis to c.s.j.p.win32
  • 5c421d7 Merge pull request #1723 from dbwiddis/add-resource-usage-and-proc-info
  • abfd400 Add proc_info structs and methods to mac SystemB
  • Additional commits viewable in compare view

Updates org.apache.openwebbeans:openwebbeans-jetty9 from 2.0.27 to 2.0.28

Commits
  • 09181d5 [maven-release-plugin] prepare release openwebbeans-2.0.28
  • ab45ce6 fix(#OWB-1450): Interceptor proxy memory leak. Add caching at an higher level
  • f93bfea fix(#OWB-1450): remove non working cache on proxies per AT
  • cdc9a57 fix: maven dependency to Gradle not found and NPE in previous plugin version
  • 3feacc6 Merge pull request #127 from jgallimore/owb_2.0.x-owb-cdi-junit
  • 129a538 OWB-1448 remove wildcard import
  • 9bbd3f7 OWB-1448 rework following feedback
  • eb4b4c6 OWB-1448 removing left over e.printStackTrace()
  • 41a5596 OWB-1448 Fix Issue with Cdi annotation and alternatives
  • 0376bd7 upgrade to apache-parent 29
  • Additional commits viewable in compare view

Updates org.apache.openwebbeans:openwebbeans-web from 2.0.27 to 2.0.28

Commits
  • 09181d5 [maven-release-plugin] prepare release openwebbeans-2.0.28
  • ab45ce6 fix(#OWB-1450): Interceptor proxy memory leak. Add caching at an higher level
  • f93bfea fix(#OWB-1450): remove non working cache on proxies per AT
  • cdc9a57 fix: maven dependency to Gradle not found and NPE in previous plugin version
  • 3feacc6 Merge pull request #127 from jgallimore/owb_2.0.x-owb-cdi-junit
  • 129a538 OWB-1448 remove wildcard import
  • 9bbd3f7 OWB-1448 rework following feedback
  • eb4b4c6 OWB-1448 removing left over e.printStackTrace()
  • 41a5596 OWB-1448 Fix Issue with Cdi annotation and alternatives
  • 0376bd7 upgrade to apache-parent 29
  • Additional commits viewable in compare view

Updates org.apache.openwebbeans:openwebbeans-web from 2.0.27 to 2.0.28

Commits
  • 09181d5 [maven-release-plugin] prepare release openwebbeans-2.0.28
  • ab45ce6 fix(#OWB-1450): Interceptor proxy memory leak. Add caching at an higher level
  • f93bfea fix(#OWB-1450): remove non working cache on proxies per AT
  • cdc9a57 fix: maven dependency to Gradle not found and NPE in previous plugin version
  • 3feacc6 Merge pull request #127 from jgallimore/owb_2.0.x-owb-cdi-junit
  • 129a538 OWB-1448 remove wildcard import
  • 9bbd3f7 OWB-1448 rework following feedback
  • eb4b4c6 OWB-1448 removing left over e.printStackTrace()
  • 41a5596 OWB-1448 Fix Issue with Cdi annotation and alternatives
  • 0376bd7 upgrade to apache-parent 29
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0

Commits
  • 112e859 [maven-release-plugin] prepare release jackson-bom-2.22.0
  • 2cae2ce Prep for 2.22.0 release
  • 7955d21 Merge branch '2.21' into 2.x
  • 8922a05 Post-release dep version bump
  • 1fa9943 [maven-release-plugin] prepare for next development iteration
  • d1abd31 [maven-release-plugin] prepare release jackson-bom-2.21.4
  • 2aaea43 Prep for 2.21.4 release
  • 902ec69 Update Woodstox/stax2-api (to 7.2.0/4.3.0)
  • 2570647 Merge branch '2.21' into 2.x
  • 9d3a9d5 Post-release dep version bump
  • Additional commits viewable in compare view

Updates io.netty:netty-bom from 4.2.13.Final to 4.2.15.Final

Release notes

Sourced from io.netty:netty-bom's releases.

netty-4.2.15.Final

Security fixes

  • CVE-2026-48059: memory exhaustion in io.netty:netty-codec-haproxy (high).
  • CVE-2026-47691: DNS cache poisoning in io.netty:netty-resolver-dns (high).
  • CVE-2026-50560: DDoS in io.netty:netty-codec-http2.
  • CVE-2026-50011: memory exhaustion in io.netty:netty-codec-redis (high).
  • CVE-2026-44250: memory exhaustion in io.netty:netty-codec-redis (high).
  • CVE-2026-44890: memory exhaustion in io.netty:netty-codec-redis (high).
  • CVE-2026-50009: information disclosure and denial of service in io.netty:netty-codec-classes-quic.
  • CVE-2026-44249: IPv6 subnet filter bypass in io.netty:netty-handler (high).
  • CVE-2026-50020: request smuggling in io.netty:netty-codec-http.
  • CVE-2026-44892: memory exhaustion in io.netty:netty-codec-http3 (high).
  • CVE-2026-44893: memory leak in io.netty:netty-codec-haproxy (high).
  • CVE-2026-44894: traffic amplification in io.netty:netty-codec-classes-quic (high).
  • CVE-2026-50010: TLS hostname verification accidentally disabled in io.netty:netty-handler (high).
  • CVE-2026-45673: DNS cache poisoning in io.netty:netty-resolver-dns.
  • CVE-2026-45416: excessive memory usage from SNIHandler in io.netty:netty-handler (high).
  • CVE-2026-45536: file descriptor leak in io.netty:netty-transport-native-epoll and io.netty:netty-transport-native-kqueue.
  • CVE-2026-45674: DNS cache poisoning in io.netty:netty-resolver-dns (high).
  • CVE-2026-46340: memory exhaustion in io.netty:netty-transport-sctp (high).
  • CVE-2026-47244: denial of service in io.netty:netty-codec-http2.
  • CVE-2026-48006: memory exhaustion in io.netty:netty-codec-redis (high).
  • CVE-2026-48748: memory exhaustion in io.netty:netty-codec-http3 (high).
  • CVE-2026-48043: memory exhaustion in io.netty:netty-codec-http2.

What's Changed

New Contributors

Full Changelog: netty/netty@netty-4.2.14.Final...netty-4.2.15.Final

netty-4.2.14.Final

What's Changed

... (truncated)

Commits
  • a41f7b2 [maven-release-plugin] prepare release netty-4.2.15.Final
  • 2394530 Auto-port 4.2: MQTT: Reject malformed no-payload packets with non-zero Remain...
  • 0bd1657 Add maxWindowLog parameter to ZstdDecoder to bound memory allocation (#16850)
  • 76291f5 Fix SCTP and Redis tests (#16893)
  • e067b6e Fix revapi warnings (#16885)
  • 5a52600 Pass maxAllocation to Brotli and Zstd decoders (#16844)
  • 541add0 Merge commit from fork
  • 270800e Merge commit from fork
  • 3d45a1e Merge commit from fork
  • 75127ca Merge commit from fork
  • Additional commits viewable in compare view

Updates org.hibernate.search:hibernate-search-bom from 8.3.1.Final to 8.4.0.Final

Release notes

Sourced from org.hibernate.search:hibernate-search-bom's releases.

Release 8.4.0.Final

Hibernate Search 8.4.0.Final released

We are pleased to announce the release of Hibernate Search 8.4: 8.4.0.Final.

You can find the full list of 8.4.0.Final changes here.

What's new

  • See the website for requirements and compatibilities.
  • See the What's New guide for details about new features and capabilities.

Conclusion

For additional details, see:

Visit the website for details on getting in touch with us.

Release 8.4.0.CR1

Hibernate Search 8.4.0.CR1 released

We are pleased to announce the release of Hibernate Search 8.4: 8.4.0.CR1.

You can find the full list of 8.4.0.CR1 changes here.

What's new

  • See the website for requirements and compatibilities.
  • See the What's New guide for details about new features and capabilities.

Conclusion

For additional details, see:

... (truncated)

Changelog

Sourced from org.hibernate.search:hibernate-search-bom's changelog.

8.4.0.Final (2026-05-27)

https://hibernate.atlassian.net/projects/HSEARCH/versions/39072

** Improvement * HSEARCH-5630 Update to Hibernate ORM 7.4.0.Final * HSEARCH-5629 Use Maven 3.9.16 as a required minimum version for the build * HSEARCH-5627 Switch from the Search session holder to a Hibernate ORM session extension * HSEARCH-5626 Update Elasticsearch client (elasticsearch-rest-client) to 9.4.1 * HSEARCH-5625 Test against latest Elasticsearch 9.4.1 * HSEARCH-5624 Update Elasticsearch client (elasticsearch-rest5-client) to 9.4.1

8.4.0.CR1 (2026-05-11)

https://hibernate.atlassian.net/projects/HSEARCH/versions/37437

** Bug * HSEARCH-5595 checkstyle:check is not build cache relocatable due to project resources including the workspace root

** Improvement * HSEARCH-5623 Update to Hibernate ORM 7.4.0.CR1 * HSEARCH-5622 Update Elasticsearch client (elasticsearch-rest5-client) to 9.4.0 * HSEARCH-5621 Update Elasticsearch client (elasticsearch-rest-client) to 9.4.0 * HSEARCH-5620 Add compatibility with Elasticsearch 9.4 * HSEARCH-5619 Upgrade to GSON 2.14.0 * HSEARCH-5618 Update Jackson to 2.21.3 * HSEARCH-5617 Update to AWS SDK 2.44.1 * HSEARCH-5616 Update Elasticsearch client (elasticsearch-rest-client) to 9.3.4 * HSEARCH-5613 Use Maven 3.9.15 as a required minimum version for the build * HSEARCH-5612 Upgrade to commons-codec 1.22.0 * HSEARCH-5611 Update Apache HTTP Client components to 5.6.1 * HSEARCH-5609 Update Elasticsearch client (elasticsearch-rest-client) to 9.3.3 * HSEARCH-5608 Update Elasticsearch client (elasticsearch-rest5-client) to 9.3.4 * HSEARCH-5607 Update Elasticsearch rest client (opensearch-rest-client) to 3.6.0 * HSEARCH-5606 Add compatibility with OpenSearch 3.6 * HSEARCH-5601 Update to commons-logging to 1.3.6 * HSEARCH-5600 Update Jackson to 2.21.2 * HSEARCH-5599 Update Apache HTTP Core client components to 5.4.2 * HSEARCH-5598 Update Elasticsearch client (elasticsearch-rest-client) to 9.3.2 * HSEARCH-5597 Update Elasticsearch client (elasticsearch-rest5-client) to 9.3.3

** Task * HSEARCH-5596 Use changeDetection config option instead of the deprecated overwrite in maven-resources-plugin * HSEARCH-5280 Look into OutboxPollingAutomaticIndexingDynamicShardingRebalancingIT#agentJoined test * HSEARCH-5242 Investigate why building hibernate-search-integrationtest-performance-backend-lucene fails on some envs

... (truncated)

Commits
  • 7369a18 [Jenkins release job] Preparing release 8.4.0.Final
  • 4e26c08 [Jenkins release job] changelog.txt updated by release build 8.4.0.Final
  • fe410d2 HSEARCH-5630 Add a few migration notes
  • 87335b6 HSEARCH-5630 Update to Hibernate ORM 7.4.0.Final
  • 58d6af1 HSEARCH-5624 Update Elasticsearch client (elasticsearch-rest5-client) to 9.4.1
  • 9efe369 Bump the build-dependencies group with 4 updates
  • bc1c185 Use the ssh URL for updating the website during the release
  • 311adb0 HSEARCH-5627 Mention limitations of a StatelessSession
  • d429b05 HSEARCH-5627 Better error message for "incompatible" session types
  • 2eaeb28 HSEARCH-5627 Add a simple StatelessSession test
  • Additional commits viewable in compare view

Updates org.junit:junit-bom from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

Updates org.ow2.asm:asm-bom from 9.10 to 9.10.1

Updates ch.qos.logback:logback-core from 1.5.32 to 1.5.34

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.34

2026-06-01 Release of logback version 1.5.34

• In case certain StackTraceElement values returned by the Throwable.getStackTrace method are null, StackTraceElementProxy substitutes a dummy instance instead of throwing an IllegalArgumentException. This resolves [issues #1040](qos-ch/logback#1040), reported by Naotsugu Kobayashi.

• HardenedObjectInputStream will now throw an InvalidClassException during deserialization attempts of Proxy classes. This change addresses potential deserialization whitelist bypass vulnerability reported by York Shen and registered as CVE-2026-10532.

• A bitwise identical binary of this version can be reproduced by building from source code at commit e62272ac152469aec1ede056c3c7d0d7314e7bfe associated with the tag v_1.5.34. This release was built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.33

2026-05-27 Release of logback version 1.5.33

PropertiesConfiguratorModelHandler now registers properties file URLs to the ConfigurationWatchList when scan is enabled (via local scan="true" attribute or top-level configuration scan), ensuring changes are detected and reconfiguration occurs. This problem was reported in issues/1034.

• When processing <conversionRule> elements and both class and converterClass attributes are specified, silently use the class attribute without issuing a warning. However, if the attribute values differ, a warning will be issued. This change was requested in issues/1031.

HardenedModelInputStream will no longer accept to deserialize all classes located under the "java.lang" and "java.util" packages but a limited number of explicitly authorized classes in those packages. This potential deserialization whitelist bypass vulnerability was reported by York Shen and registered as CVE-2026-9828.

• SSL parameters for SSLSocketAppender now enable hostname verification by default. Moreover, the default protocol is now "TLSv1.2". This potential vulnerability was reported by York Shen.

• When printing the status message field, ViewStatusMessagesServletBase now escapes special characters such as "&" as character entities. This potential vulnerability was reported by York Shen.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 124e8b49b55ac34d08743a0646bd463410192647 associated with the tag v_1.5.33. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits
  • e62272a prepare release 1.5.34
  • 1e9e926 add resolveProxyClassRejectsDynamicProxies unit test
  • 2de5cbe added StackTraceElementProxyTest, minor edits to AGENTS.md
  • 0e9b927 in case StackTraceElement is null use a substitute, fixing issues/1040
  • f7a0654 prevent resolveProxyClass bypass
  • 249b81f docs are no longer distributed
  • 1c3b26a start work on 1.5.34-SNAPSHOT
  • 124e8b4 prepare release 1.5.33
  • d8fd6f2 escapeTags in message field when printing status messages
  • 95edbeb hostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...
  • Additional commits viewable in compare view

Updates io.grpc:grpc-core from 1.81.0 to 1.82.0

Commits
  • 78fb519 Bump version to 1.82.0
  • b62b0fc Update README etc to reference 1.82.0
  • 8802dc3 build: downgrade multiarch to Ubuntu 20.04 and consolidate images (#12830)
  • be300bd kokoro: Avoid brew on Mac OS
  • 4111f6f core: throw IOException when ProxySelector returns null or empty list (#12793)
  • 9410caf Revert "xds: CEL implementation (#12770)" (#12823)
  • a6916c9 core: Fix pick_first NPE when accepting resolved addresses and in `CONNECTING...
  • 52f2cd5 Revert "okhttp: Optimize HPACK to index :path" (#12820)
  • cc0d1a8 xds: Reduce per-endpoint memory from CDS
  • 17be0d3 Add Bazel 9.1.0 to our CI matrix
  • Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.81.0 to 1.82.0

Commits
  • 78fb519 Bump version to 1.82.0
  • b62b0fc Update README etc to reference 1.82.0
  • 8802dc3 build: downgrade multiarch to Ubuntu 20.04 and consolidate images (#12830)
  • be300bd kokoro: Avoid brew on Mac OS
  • 4111f6f core: throw IOException when ProxySelector returns null or empty list (#12793)
  • 9410caf Revert "xds: CEL implementation (#12770)" (#12823)
  • a6916c9 core: Fix pick_first NPE when accepting resolved addresses and in `CONNECTING...
  • 52f2cd5 Revert "okhttp: Optimize HPACK to index :path" (#12820)
  • cc0d1a8 xds: Reduce per-endpoint memory from CDS
  • 17be0d3 Add Bazel 9.1.0 to our CI matrix
  • Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.81.0 to 1.82.0

Commits
  • 78fb519 Bump version to 1.82.0
  • b62b0fc Update README etc to reference 1.82.0
  • 8802dc3 build: downgrade multiarch to Ubuntu 20.04 and consolidate images (#12830)
  • be300bd kokoro: Avoid brew on Mac OS
  • 4111f6f core: throw IOException when ProxySelector returns null or empty list (#12793)
  • 9410caf Revert "xds: CEL implementation (#12770)" (#12823)
  • a6916c9 core: Fix pick_first NPE when accepting resolved addresses and in `CONNECTING...
  • 52f2cd5 Revert "okhttp: Optimize HPACK to index :path" (#12820)
  • cc0d1a8 xds: Reduce per-endpoint memory from CDS
  • 17be0d3 Add Bazel 9.1.0 to our CI matrix
  • Additional commits viewable in compare view

Updates io.smallrye.common:smallrye-common-annotation from 2.18.1 to 2.19.0

Commits
  • ad03931 [maven-release-plugin] prepare release 2.19.0

@dependabot
[12.1.x EE9] Bump the dev-dependencies group across 1 directory with …
bbb338e 
…26 updates

Bumps the dev-dependencies group with 25 updates in the /jetty-ee9 directory:

| Package | From | To |
| --- | --- | --- |
| com.sun.mail:jakarta.mail | `2.0.1` | `2.0.2` |
| org.glassfish.jersey.containers:jersey-container-servlet | `3.0.17` | `3.1.0` |
| org.glassfish.jersey.inject:jersey-hk2 | `3.0.17` | `3.1.0` |
| org.glassfish.jersey.media:jersey-media-json-binding | `3.0.17` | `3.1.0` |
| org.ow2.asm:asm | `9.10` | `9.10.1` |
| org.ow2.asm:asm-commons | `9.10` | `9.10.1` |
| org.ow2.asm:asm-bom | `9.10` | `9.10.1` |
| [net.java.dev.jna:jna](https://github.com/java-native-access/jna) | `5.18.1` | `5.19.0` |
| [net.java.dev.jna:jna-jpms](https://github.com/java-native-access/jna) | `5.18.1` | `5.19.0` |
| [org.apache.openwebbeans:openwebbeans-jetty9](https://github.com/apache/openwebbeans) | `2.0.27` | `2.0.28` |
| [org.apache.openwebbeans:openwebbeans-web](https://github.com/apache/openwebbeans) | `2.0.27` | `2.0.28` |
| [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.21.3` | `2.22.0` |
| [io.netty:netty-bom](https://github.com/netty/netty) | `4.2.13.Final` | `4.2.15.Final` |
| [org.hibernate.search:hibernate-search-bom](https://github.com/hibernate/hibernate-search) | `8.3.1.Final` | `8.4.0.Final` |
| [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.32` | `1.5.34` |
| [io.grpc:grpc-core](https://github.com/grpc/grpc-java) | `1.81.0` | `1.82.0` |
| [io.grpc:grpc-netty-shaded](https://github.com/grpc/grpc-java) | `1.81.0` | `1.82.0` |
| [io.smallrye.common:smallrye-common-annotation](https://github.com/smallrye/smallrye-common) | `2.18.1` | `2.19.0` |
| [io.smallrye.common:smallrye-common-cpu](https://github.com/smallrye/smallrye-common) | `2.18.1` | `2.19.0` |
| [org.codehaus.plexus:plexus-classworlds](https://github.com/codehaus-plexus/plexus-classworlds) | `2.11.0` | `2.12.0` |
| [org.eclipse.jdt:ecj](https://github.com/eclipse-jdt/eclipse.jdt.core) | `3.45.0` | `3.46.0` |
| [eu.maveniverse.maven.njord:extension3](https://github.com/maveniverse/njord) | `0.9.6` | `0.9.7` |
| [eu.maveniverse.maven.plugins:njord](https://github.com/maveniverse/njord) | `0.9.6` | `0.9.7` |
| [org.apache.maven.extensions:maven-build-cache-extension](https://github.com/apache/maven-build-cache-extension) | `1.2.2` | `1.2.3` |



Updates `com.sun.mail:jakarta.mail` from 2.0.1 to 2.0.2

Updates `org.glassfish.jersey.containers:jersey-container-servlet` from 3.0.17 to 3.1.0

Updates `org.glassfish.jersey.inject:jersey-hk2` from 3.0.17 to 3.1.0

Updates `org.glassfish.jersey.media:jersey-media-json-binding` from 3.0.17 to 3.1.0

Updates `org.glassfish.jersey.inject:jersey-hk2` from 3.0.17 to 3.1.0

Updates `org.glassfish.jersey.media:jersey-media-json-binding` from 3.0.17 to 3.1.0

Updates `org.ow2.asm:asm` from 9.10 to 9.10.1

Updates `org.ow2.asm:asm-commons` from 9.10 to 9.10.1

Updates `org.ow2.asm:asm-bom` from 9.10 to 9.10.1

Updates `org.ow2.asm:asm-commons` from 9.10 to 9.10.1

Updates `net.java.dev.jna:jna` from 5.18.1 to 5.19.0
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](java-native-access/jna@5.18.1...5.19.0)

Updates `net.java.dev.jna:jna-jpms` from 5.18.1 to 5.19.0
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](java-native-access/jna@5.18.1...5.19.0)

Updates `org.apache.openwebbeans:openwebbeans-jetty9` from 2.0.27 to 2.0.28
- [Commits](apache/openwebbeans@openwebbeans-2.0.27...openwebbeans-2.0.28)

Updates `org.apache.openwebbeans:openwebbeans-web` from 2.0.27 to 2.0.28
- [Commits](apache/openwebbeans@openwebbeans-2.0.27...openwebbeans-2.0.28)

Updates `org.apache.openwebbeans:openwebbeans-web` from 2.0.27 to 2.0.28
- [Commits](apache/openwebbeans@openwebbeans-2.0.27...openwebbeans-2.0.28)

Updates `com.fasterxml.jackson:jackson-bom` from 2.21.3 to 2.22.0
- [Commits](FasterXML/jackson-bom@jackson-bom-2.21.3...jackson-bom-2.22.0)

Updates `io.netty:netty-bom` from 4.2.13.Final to 4.2.15.Final
- [Release notes](https://github.com/netty/netty/releases)
- [Commits](netty/netty@netty-4.2.13.Final...netty-4.2.15.Final)

Updates `org.hibernate.search:hibernate-search-bom` from 8.3.1.Final to 8.4.0.Final
- [Release notes](https://github.com/hibernate/hibernate-search/releases)
- [Changelog](https://github.com/hibernate/hibernate-search/blob/main/changelog.txt)
- [Commits](hibernate/hibernate-search@8.3.1.Final...8.4.0.Final)

Updates `org.junit:junit-bom` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.ow2.asm:asm-bom` from 9.10 to 9.10.1

Updates `ch.qos.logback:logback-core` from 1.5.32 to 1.5.34
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.32...v_1.5.34)

Updates `io.grpc:grpc-core` from 1.81.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.81.0...v1.82.0)

Updates `io.grpc:grpc-netty-shaded` from 1.81.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.81.0...v1.82.0)

Updates `io.grpc:grpc-netty-shaded` from 1.81.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.81.0...v1.82.0)

Updates `io.smallrye.common:smallrye-common-annotation` from 2.18.1 to 2.19.0
- [Release notes](https://github.com/smallrye/smallrye-common/releases)
- [Commits](smallrye/smallrye-common@2.18.1...2.19.0)

Updates `io.smallrye.common:smallrye-common-cpu` from 2.18.1 to 2.19.0
- [Release notes](https://github.com/smallrye/smallrye-common/releases)
- [Commits](smallrye/smallrye-common@2.18.1...2.19.0)

Updates `net.java.dev.jna:jna-jpms` from 5.18.1 to 5.19.0
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](java-native-access/jna@5.18.1...5.19.0)

Updates `org.codehaus.plexus:plexus-classworlds` from 2.11.0 to 2.12.0
- [Release notes](https://github.com/codehaus-plexus/plexus-classworlds/releases)
- [Commits](codehaus-plexus/plexus-classworlds@plexus-classworlds-2.11.0...plexus-classworlds-2.12.0)

Updates `org.eclipse.jdt:ecj` from 3.45.0 to 3.46.0
- [Commits](https://github.com/eclipse-jdt/eclipse.jdt.core/commits)

Updates `org.junit.platform:junit-platform-engine` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `eu.maveniverse.maven.njord:extension3` from 0.9.6 to 0.9.7
- [Release notes](https://github.com/maveniverse/njord/releases)
- [Commits](maveniverse/njord@release-0.9.6...release-0.9.7)

Updates `eu.maveniverse.maven.plugins:njord` from 0.9.6 to 0.9.7
- [Release notes](https://github.com/maveniverse/njord/releases)
- [Commits](maveniverse/njord@release-0.9.6...release-0.9.7)

Updates `org.apache.maven.extensions:maven-build-cache-extension` from 1.2.2 to 1.2.3
- [Release notes](https://github.com/apache/maven-build-cache-extension/releases)
- [Commits](apache/maven-build-cache-extension@maven-build-cache-extension-1.2.2...maven-build-cache-extension-1.2.3)

Updates `eu.maveniverse.maven.plugins:njord` from 0.9.6 to 0.9.7
- [Release notes](https://github.com/maveniverse/njord/releases)
- [Commits](maveniverse/njord@release-0.9.6...release-0.9.7)

---
updated-dependencies:
- dependency-name: com.sun.mail:jakarta.mail
  dependency-version: 2.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.glassfish.jersey.containers:jersey-container-servlet
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.glassfish.jersey.inject:jersey-hk2
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.glassfish.jersey.media:jersey-media-json-binding
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.glassfish.jersey.inject:jersey-hk2
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.glassfish.jersey.media:jersey-media-json-binding
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.ow2.asm:asm
  dependency-version: 9.10.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.ow2.asm:asm-commons
  dependency-version: 9.10.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.ow2.asm:asm-bom
  dependency-version: 9.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.ow2.asm:asm-commons
  dependency-version: 9.10.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: net.java.dev.jna:jna
  dependency-version: 5.19.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: net.java.dev.jna:jna-jpms
  dependency-version: 5.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.apache.openwebbeans:openwebbeans-jetty9
  dependency-version: 2.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.apache.openwebbeans:openwebbeans-web
  dependency-version: 2.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.apache.openwebbeans:openwebbeans-web
  dependency-version: 2.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: io.netty:netty-bom
  dependency-version: 4.2.15.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.hibernate.search:hibernate-search-bom
  dependency-version: 8.4.0.Final
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.junit:junit-bom
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.ow2.asm:asm-bom
  dependency-version: 9.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: ch.qos.logback:logback-core
  dependency-version: 1.5.34
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: io.grpc:grpc-core
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: io.grpc:grpc-netty-shaded
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: io.grpc:grpc-netty-shaded
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: io.smallrye.common:smallrye-common-annotation
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: io.smallrye.common:smallrye-common-cpu
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: net.java.dev.jna:jna-jpms
  dependency-version: 5.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.codehaus.plexus:plexus-classworlds
  dependency-version: 2.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.eclipse.jdt:ecj
  dependency-version: 3.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: org.junit.platform:junit-platform-engine
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: eu.maveniverse.maven.njord:extension3
  dependency-version: 0.9.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: eu.maveniverse.maven.plugins:njord
  dependency-version: 0.9.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: org.apache.maven.extensions:maven-build-cache-extension
  dependency-version: 1.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: eu.maveniverse.maven.plugins:njord
  dependency-version: 0.9.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants