Skip to content

fix(deps): update all minor dependencies (v2-main)#333

Open
renovate[bot] wants to merge 1 commit into
v2-mainfrom
renovate/v2-main-all-minor-patch
Open

fix(deps): update all minor dependencies (v2-main)#333
renovate[bot] wants to merge 1 commit into
v2-mainfrom
renovate/v2-main-all-minor-patch

Conversation

@renovate

@renovate renovate Bot commented Apr 24, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
org.apache.maven.plugins:maven-surefire-plugin (source) 3.5.53.5.6 age confidence
org.junit.jupiter:junit-jupiter (source) 5.14.35.14.4 age confidence
org.apache.logging.log4j:log4j-slf4j-impl (source) 2.25.42.26.1 age confidence
org.xmlunit:xmlunit-assertj3 (source) 2.11.02.12.0 age confidence
org.slf4j:slf4j-api (source, changelog) 2.0.172.0.18 age confidence
commons-io:commons-io (source) 2.21.02.22.0 age confidence

Release Notes

xmlunit/xmlunit (org.xmlunit:xmlunit-assertj3)

v2.12.0

Compare Source

  • bumped xmlunit-assertj3's dependency on assert to 3.27.7.

    This is to make people aware of
    GHSA-rqfh-9r24-8c9r

    XMLUnit itself does not use the affected code in AssertJ so the upgrade is not strictly necessary - and this is why
    the xmlunit-assertj module is not updated. In fact the assertions provided by xmlunit-assertj3 are the recommended
    upgrade path for users of AssertJ 3.x+.

    PRs #​320 and
    #​321

  • actually made withDTDParsingDisabled do what it says.

    This is a bugfix and in a way it is backwards incompatible as it changes default behavior in a way that I intended to
    do with XMLUnit 2.6.0 eight years ago. DocumentBuilderFactoryConfigurer.DefaultWithDTDParsing provides the
    behavior of XMLUnit 2.6.0 to 2.11.0.

    PRs #​326 by @​jmestwa-coder
    and #​328


Configuration

📅 Schedule: (in timezone Europe/Paris)

  • Branch creation
    • "every weekend"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Pull requests that update a dependency file label Apr 24, 2026
@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 06e935b to 2ee03cc Compare April 26, 2026 14:31
@renovate renovate Bot changed the title fix(deps): update dependency commons-io:commons-io to v2.22.0 (v2-main) fix(deps): update all minor dependencies (v2-main) Apr 26, 2026
@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch 2 times, most recently from 7fa6fda to 5ff6c06 Compare May 12, 2026 20:43
@sonarqubecloud

Copy link
Copy Markdown

@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 5ff6c06 to 330fc4c Compare May 27, 2026 22:04
@sonarqubecloud

Copy link
Copy Markdown

@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 330fc4c to ca00b6f Compare May 31, 2026 13:44
@sonarqubecloud

Copy link
Copy Markdown

@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from ca00b6f to 849f335 Compare July 2, 2026 15:33
@sonarqubecloud

sonarqubecloud Bot commented Jul 2, 2026

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants