Skip to content

Bump the minor-and-patch group across 1 directory with 6 updates#138

Merged
ato merged 1 commit intomasterfrom
dependabot/maven/minor-and-patch-335d95794a
Mar 2, 2026
Merged

Bump the minor-and-patch group across 1 directory with 6 updates#138
ato merged 1 commit intomasterfrom
dependabot/maven/minor-and-patch-335d95794a

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps the minor-and-patch group with 6 updates in the / directory:

Package From To
commons-codec:commons-codec 1.20.0 1.21.0
io.undertow:undertow-core 2.3.22.Final 2.3.23.Final
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor 2.21.0 2.21.1
org.netpreserve:jwarc 0.34.0 0.35.0
com.nimbusds:nimbus-jose-jwt 10.7 10.8
org.apache.maven.plugins:maven-release-plugin 3.2.0 3.3.1

Updates commons-codec:commons-codec from 1.20.0 to 1.21.0

Changelog

Sourced from commons-codec:commons-codec's changelog.

Apache Commons Codec 1.21.0 Release Notes

The Apache Commons Codec team is pleased to announce the release of Apache Commons Codec 1.21.0.

The Apache Commons Codec component contains encoders and decoders for formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.

This is a feature and maintenance release. Java 8 or later is required.

New features

  • CODEC-333: Add distinct Base64 decoding for standard and URL-safe formats. Thanks to Aleksandr Beliakov, Gary Gregory.

Fixed Bugs

  •         Fix oak leaf icon references in overview.html when running `mvn clean javadoc:javadoc`. Thanks to Gary Gregory.

  •         Fix Apache RAT plugin console warnings. Thanks to Gary Gregory.

  •         Fix malformed Javadoc comments. Thanks to Gary Gregory.

Changes

  •         Bump org.apache.commons:commons-parent from 91 to 96 [#415](https://github.com/apache/commons-codec/issues/415), [#418](https://github.com/apache/commons-codec/issues/418). Thanks to Gary Gregory, Dependabot.

  •         Bump commons-io:commons-io from 2.20.0 to 2.21.0. Thanks to Gary Gregory.

  •         Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0. Thanks to Gary Gregory, Dependabot.

For complete information on Apache Commons Codec, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Codec website:

https://commons.apache.org/proper/commons-codec/

Download page: https://commons.apache.org/proper/commons-codec/download_codec.cgi

Commits
  • 91c4404 Prepare for the release candidate 1.21.0 RC1
  • 21fe1d7 Prepare for the next release candidate
  • d4ea4d0 Bump actions/checkout from 6.0.1 to 6.0.2
  • e30b1f6 Bump actions/setup-java from 5.1.0 to 5.2.0
  • 2e4891c Bump org.apache.commons:commons-parent from 95 to 96
  • d02c003 Use a URL to a prettier page: https://www.ietf.org/rfc/rfc2045
  • 3c961b8 Checkstyle
  • 99cf6b7 Javadoc and exception messages: "base 32" -> "Base32".
  • 2df7b9a Javadoc and exception messages: "base 64" -> "Base64".
  • 0643fdd Javadoc 8 doesn't know how to find this link
  • Additional commits viewable in compare view

Updates io.undertow:undertow-core from 2.3.22.Final to 2.3.23.Final

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.3.23.Final

Release 2.3.23.Final Full list of Jiras: view in Jira

    Release Notes - Undertow - Version 2.3.23.Final
Commits
  • 1571dd7 Prepare 2.3.23.Final
  • f7aed07 Merge pull request #1889 from fl4via/backport-fixes_2.3.x
  • 8f86d85 [UNDERTOW-2677] Update the Javadoc for MULTIPART_MAX_ENTITY_SIZE to reflect t...
  • ee50afa [UNDERTOW-2690] Fix: Correct documentation post CVE-2024-3884 CVE-2024-4027 f...
  • 36e27a5 [UNDERTOW-2694] Remove build.metada file
  • e8cb858 UNDERTOW-2663 - Unclear Error Message When Max Session Limit is Exceeded
  • fee8adf Merge pull request #1865 from aogburn/04351015
  • 8caf70b Next is 2.3.23.Final
  • ef0005a [UNDERTOW-2677] do not override existing entity limit in MultipartParserDefin...
  • See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 2.21.0 to 2.21.1

Commits
  • a49cc02 [maven-release-plugin] prepare release jackson-dataformats-binary-2.21.1
  • 92df35d Prep for 2.21.1 release
  • d6301f7 Merge branch '2.20' into 2.21
  • 973460e Merge branch '2.19' into 2.20
  • 9197379 Merge branch '2.18' into 2.19
  • 4e26666 Post-release dep version bump
  • bed3edd [maven-release-plugin] prepare for next development iteration
  • 9b4532d [maven-release-plugin] prepare release jackson-dataformats-binary-2.18.6
  • 0cc4902 ...
  • 2a40050 Prep for 2.18.6 release
  • Additional commits viewable in compare view

Updates org.netpreserve:jwarc from 0.34.0 to 0.35.0

Changelog

Sourced from org.netpreserve:jwarc's changelog.

0.35.0 (2026-02-26)

New features

  • CdxWriter: additional record types (e.g. conversion) can now be included by setting an appropriate filter #105
  • CdxTool: --record-type option #105

Fixed

  • Added command-line help to all tools #103
Commits
  • cbf3a74 [maven-release-plugin] prepare release v0.35.0
  • 28f4a3e Update CHANGELOG for 0.35.0
  • b763a0b Merge pull request #105 from lfoppiano/feature/filter-type
  • bedc50b feat: add test
  • e01549a fix: filter record type to be case-insensitive
  • aa64681 fix: correct parameters convention to use a single letter
  • 8caf621 fix: correct parameters convention to use a single letter
  • 54b3553 feat: add unit tests on request/response
  • dd67c99 feat: add hamcrest matching library
  • 3c9d805 feat: add an optional filtering by record type
  • Additional commits viewable in compare view

Updates com.nimbusds:nimbus-jose-jwt from 10.7 to 10.8

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

10.7 (2026-01-08) * Adds MaxCompressedCipherTextLength that implements JWEDecrypterOption, to to configure the maximum allowed length of compressed cipher text. * Adds JWEObject.decrypt(JWEDecrypter, Set) method to support the MaxCompressedCipherTextLength option.

10.8 (2026-02-19) * Adds a PasswordBasedDecrypter(byte[], Set) constructor to specify names of the critical header parameters that are deferred to the application for processing. Aligns with other JWEDecrypter and CriticalHeaderParamsAware implementations (iss #610). * Fixes getDeferredCriticalHeaderParams() in AESDecrypter, DirectDecrypter, RSADecrypter, ECDHDecrypter, X25519Decrypter, ECDH1PUDecrypter, ECDH1PUX25519Decrypter, MultiDecrypter, MACVerifier, ECDSAVerifier and Ed25519Verifier. Must internally call critPolicy.getDeferredCriticalHeaderParams(), not critPolicy.getProcessedCriticalHeaderParams() (iss #612).

11.0 (2026-03-01) * Compile source and target bumped from Java 7 to Java 8.

Commits
  • 9509dc5 [maven-release-plugin] prepare for next development iteration
  • 0e27c9c Adds a PasswordBasedDecrypter(byte[], Set<String>) constructor to specify nam...
  • decee47 Fixes getDeferredCriticalHeaderParams() in AESDecrypter, DirectDecrypter, RSA...
  • b8d40c9 [maven-release-plugin] prepare release 10.8
  • See full diff in compare view

Updates org.apache.maven.plugins:maven-release-plugin from 3.2.0 to 3.3.1

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.3.1

💥 Breaking changes

🐛 Bug Fixes

📦 Dependency updates

3.3.0

💥 Breaking changes

  • Include "[ci skip]" by default in scmReleaseCommitComment (#1423) @​kwin

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

... (truncated)

Commits
  • 7e8ebac [maven-release-plugin] prepare release maven-release-3.3.1
  • f0f28e5 Revert inclusion of ci skip in release commit msg
  • 2a82901 Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1444)
  • c8613d2 [maven-release-plugin] prepare for next development iteration
  • 2b8adaa [maven-release-plugin] prepare release maven-release-3.3.0
  • 88630f9 Fixed #1426 : Replace archived org.semver:api with custom SemVer implemen...
  • 7af8ace Fix license header in xml files
  • 8914b84 Make implementation of new SemVer policies private for project
  • 7e861f0 Resolve todo that led to pointless asserts (#1442)
  • 422f895 Prefer JDK join method (#1434)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the minor-and-patch group across 1 directory with 6 updates
c83f8d2 
Bumps the minor-and-patch group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.20.0` | `1.21.0` |
| [io.undertow:undertow-core](https://github.com/undertow-io/undertow) | `2.3.22.Final` | `2.3.23.Final` |
| [com.fasterxml.jackson.dataformat:jackson-dataformat-cbor](https://github.com/FasterXML/jackson-dataformats-binary) | `2.21.0` | `2.21.1` |
| [org.netpreserve:jwarc](https://github.com/iipc/jwarc) | `0.34.0` | `0.35.0` |
| [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) | `10.7` | `10.8` |
| [org.apache.maven.plugins:maven-release-plugin](https://github.com/apache/maven-release) | `3.2.0` | `3.3.1` |



Updates `commons-codec:commons-codec` from 1.20.0 to 1.21.0
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-codec@rel/commons-codec-1.20.0...rel/commons-codec-1.21.0)

Updates `io.undertow:undertow-core` from 2.3.22.Final to 2.3.23.Final
- [Release notes](https://github.com/undertow-io/undertow/releases)
- [Commits](undertow-io/undertow@2.3.22.Final...2.3.23.Final)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-cbor` from 2.21.0 to 2.21.1
- [Commits](FasterXML/jackson-dataformats-binary@jackson-dataformats-binary-2.21.0...jackson-dataformats-binary-2.21.1)

Updates `org.netpreserve:jwarc` from 0.34.0 to 0.35.0
- [Release notes](https://github.com/iipc/jwarc/releases)
- [Changelog](https://github.com/iipc/jwarc/blob/master/CHANGELOG.md)
- [Commits](iipc/jwarc@v0.34.0...v0.35.0)

Updates `com.nimbusds:nimbus-jose-jwt` from 10.7 to 10.8
- [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/10.8..10.7)

Updates `org.apache.maven.plugins:maven-release-plugin` from 3.2.0 to 3.3.1
- [Release notes](https://github.com/apache/maven-release/releases)
- [Commits](apache/maven-release@maven-release-3.2.0...maven-release-3.3.1)

---
updated-dependencies:
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.undertow:undertow-core
  dependency-version: 2.3.23.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
  dependency-version: 2.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.netpreserve:jwarc
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.nimbusds:nimbus-jose-jwt
  dependency-version: '10.8'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.apache.maven.plugins:maven-release-plugin
  dependency-version: 3.3.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Mar 1, 2026
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 1, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@ato ato merged commit fd44206 into master Mar 2, 2026
6 checks passed
@dependabot dependabot bot deleted the dependabot/maven/minor-and-patch-335d95794a branch March 2, 2026 02:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ato