Bump the dependencies group with 17 updates

[dependabot]

Bumps the dependencies group with 17 updates:

Package	From	To
com.fasterxml.jackson.core:jackson-annotations	2.16.0	2.16.1
com.fasterxml.jackson.core:jackson-core	2.16.0	2.16.1
com.fasterxml.jackson.dataformat:jackson-dataformat-xml	2.16.0	2.16.1
com.google.guava:guava	32.1.3-jre	33.0.0-jre
org.eclipse.jetty:jetty-servlet	10.0.18	10.0.19
org.jooq:jooq	3.18.7	3.19.1
org.jooq:jooq-codegen	3.18.7	3.19.1
org.jooq:jooq-meta	3.18.7	3.19.1
org.keycloak:keycloak-servlet-filter-adapter	23.0.1	23.0.3
org.liquibase:liquibase-core	4.25.0	4.25.1
org.postgresql:postgresql	42.7.0	42.7.1
com.googlecode.maven-download-plugin:download-maven-plugin	1.7.1	1.8.0
org.apache.maven.plugins:maven-compiler-plugin	3.11.0	3.12.1
com.diffplug.spotless:spotless-maven-plugin	2.41.0	2.41.1
org.owasp:dependency-check-maven	9.0.2	9.0.7
org.apache.maven.plugins:maven-surefire-plugin	3.2.2	3.2.3
org.apache.maven.plugins:maven-javadoc-plugin	3.6.2	3.6.3

Updates com.fasterxml.jackson.core:jackson-annotations from 2.16.0 to 2.16.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.16.0 to 2.16.1

Commits

• 249716c [maven-release-plugin] prepare release jackson-core-2.16.1
• 125f5b2 Prepare for 2.16.1 release
• 1928b07 Minor test improvements
• aa5c887 Minor tweaking post-merge wrt #1175
• 9fb3f21 Add failing tests for #1173: parse error location (#1175)
• 4eb4539 Backport #1168 in 2.16(.1)
• 571d4ae Merge branch '2.15' into 2.16
• 8f37646 Update release notes wrt #1161 backport
• 8f2f04e fastdoubleparser 1.0.0 (#1163) (#1166)
• 7f1c619 Update release notes wrt #1161
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.16.0 to 2.16.1

Commits

• 7101dc8 [maven-release-plugin] prepare release jackson-dataformat-xml-2.16.1
• a69f477 Prepare for 2.16.1 release
• 7293648 Update release notes wrt backported fix #616
• b7e70d0 Fix mismatch in setNextIsUnwrapped(true/false) in XmlBeanSerializerBase#seria...
• 3d2ec75 ...
• d07a816 Back to snapshot dep
• 655c076 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.google.guava:guava from 32.1.3-jre to 33.0.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.0.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.0.0-jre</version>
  <!-- or, for Android: -->
  <version>33.0.0-android</version>
</dependency>

Jar files

• 33.0.0-jre.jar
• 33.0.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.0.0-jre
• 33.0.0-android

JDiff

• 33.0.0-jre vs. 32.1.3-jre
• 33.0.0-android vs. 32.1.3-android
• 33.0.0-android vs. 33.0.0-jre

Changelog

• This version of guava-android contains some package-private methods whose signature includes the Java 8 Collector API. This is a test to identify any problems before we expose those methods publicly to users. Please report any problems that you encounter. (73dbf7ef26)
• Changed various classes to catch Exception instead of RuntimeException even when only RuntimeException is theoretically possible. This can help code that throws undeclared exceptions, as some bytecode rewriters (e.g., Robolectric) and languages (e.g., Kotlin) do. (c294c23760, 747924e, b2baf48)
• Added an Automatic-Module-Name to failureaccess, Guava's one strong runtime dependency. (280b5d2f60)
• reflect: In guava-android only, removed Invokable.getAnnotatedReturnType() and Parameter.getAnnotatedType(). These methods never worked in an Android VM, and to reflect that, they were born @Deprecated, @Beta, and @DoNotCall. They're now preventing us from rolling out some new Android compatibility testing. This is the only binary-incompatible change in this release, and it should have no effect in practice. Still, we bump the major version number to follow Semantic Versioning. (045cd8428f)
• util.concurrent: Changed our implementations to avoid eagerly initializing loggers during class loading. This can help performance, especially under Android. (4fe1df56bd)

Commits

• See full diff in compare view

Updates org.eclipse.jetty:jetty-servlet from 10.0.18 to 10.0.19

Release notes

Sourced from org.eclipse.jetty:jetty-servlet's releases.

10.0.19

Special Thanks to the following Eclipse Jetty community members

• @​garydgregory (Gary Gregory)
• @​chadlwilson (Chad Wilson)

Changelog

• #11039 - Memory leak and multiple (Http|Servlet)*Listener invokations after restart
• #11031 - HttpClient should expose Connection/EndPoint used by HTTP requests
• #11014 - RedirectRegexRule and RewritePatternRule should consider relativeRedirectAllowed
• #10938 - Use String#isEmpty() (@​garydgregory)
• #10876 - use correct scm coordinates
• #10812 - jetty-deploy has unnecessary dependency on awaitility/hamcrest pulled in at runtime (@​chadlwilson)

Commits

• 8492d1c Updating to version 10.0.19
• d49f298 jasper jsp 9.0.83.1 (#11060)
• efda646 Fixes #11031 - HttpClient should expose Connection/EndPoint used by H… (#11033)
• fcf50ff Issue #11043 Update to Apache Jasper 9.0.83 (#11048)
• 4df28eb Issue #11039 duplicate durable listeners on maven restart (#11042)
• 90244c3 Removed forgotten Thread.sleep() in test.
• 8057cb3 Fixed test that was spin looping causing lots of allocations and GC pressure.
• f620f99 Added clarifying comment to KeyStore content.
• 832f19e Merge branch 'fix-flaky' of https://github.com/wang3820/jetty.project into wa...
• 7f2859a Issue #11014 - Improve Relative Redirect Handling in Jetty 10/11 (#11018)
• Additional commits viewable in compare view

Updates org.jooq:jooq from 3.18.7 to 3.19.1

Updates org.jooq:jooq-codegen from 3.18.7 to 3.19.1

Updates org.jooq:jooq-meta from 3.18.7 to 3.19.1

Updates org.keycloak:keycloak-servlet-filter-adapter from 23.0.1 to 23.0.3

Updates org.liquibase:liquibase-core from 4.25.0 to 4.25.1

Release notes

Sourced from org.liquibase:liquibase-core's releases.

Liquibase v4.25.1

Liquibase 4.25.1 is a patch release

[!NOTE] See the Liquibase 4.25.1 Release Notes for the complete set of release information.

Notable Changes

[PRO]

Observability: Update Reports

• These reports give you insights into the status of your database and enable you to quickly find and resolve errors in your automation pipeline. These reports can also help you detect patterns of failures that you can catch with Quality Checks or use to inform internal training and education for your teams.
• Learn more about Update Reports

Observability: Drift Report extended to diffchangelog command

• With our new HTML format, you can quickly see the differences between databases, including detailed object differences. This easy-to-read and shareable report makes it faster than ever to detect and fix database drift.
• Learn more Drift Reports

Observability: Structured Logging Enhancement

Thanks to your feedback, we’ve added a new set of keys that improves data analysis capabilities surrounding exceptions and Quality Checks. Learn more at Structured Logging

Convenience: new liquibase connect command

• A new command to test your database's url, username, and password are all configured correctly and that Liquibase can reach your database -- and no changelog required.
• Learn more liquibase connect command

Convenience: Global endDelimiters

• Global endDelimiters decrease the friction of incorporating work from different teams and save you time from the manual process of updating existing code.
• Learn more Global endDelimiters

[PRO]

Changes and Bug Fixes

• (#1417) DAT-16405: make report arguments visible on update-family commands by StevenMassaro
• (#1361) DAT-16064: Added test for exception details by wwillard7800
• (#1420) DAT-16429: Handle no license key in checks run command by wwillard7800
• (#1411) DAT-16063: include changeset identifier in log message for failing comment removal by StevenMassaro
• (#1408) DAT-15379: Updated pattern matching for 'USE DATABASE' statements by filipelautert
• (#1404) DAT-16157: do not upgrade checks file if autoUpdate is off by StevenMassaro
• (#1390) DAT-14570: add checks run results to MDC by StevenMassaro
• (#1401) DAT-16322: add liquibase connect command by StevenMassaro
• (#1398) DAT-16318: Handle rollback changes during modifyChangeSets logic by wwillard7800
• (#1389) DAT-16207: Styled update reports by abrackx
• (#1383) DAT-16136: expand TableMustHaveAComment check to check changelogs by StevenMassaro
• (#1366) DAT-15394: Generate report for diff-changelog by abrackx
• (#1387) Init checksSettingsFiles list to avoid NPE by wwillard7800
• (#1364) DAT-15404: Tweak endDelimiter name and remove hidden flag by wwillard7800

... (truncated)

Changelog

Sourced from org.liquibase:liquibase-core's changelog.

Liquibase 4.25.1 is a patch release

Notable Changes

[PRO]

Observability: Update Reports

• These reports give you insights into the status of your database and enable you to quickly find and resolve errors in your automation pipeline. These reports can also help you detect patterns of failures that you can catch with Quality Checks or use to inform internal training and education for your teams.
• Learn more about Update Reports

Observability: Drift Report extended to diffchangelog command

• With our new HTML format, you can quickly see the differences between databases, including detailed object differences. This easy-to-read and shareable report makes it faster than ever to detect and fix database drift.
• Learn more Drift Reports

Convenience: new liquibase connect command

• A new command to test your database's url, username, and password are all configured correctly and that Liquibase can reach your database -- and no changelog required.
• Learn more liquibase connect command

Convenience: Global endDelimiters

• Global endDelimiters decrease the friction of incorporating work from different teams and save you time from the manual process of updating existing code.
• Learn more Global endDelimiters

[PRO]

Changes and Bug Fixes

• (#1417) DAT-16405: make report arguments visible on update-family commands by StevenMassaro
• (#1361) DAT-16064: Added test for exception details by wwillard7800
• (#1420) DAT-16429: Handle no license key in checks run command by wwillard7800
• (#1411) DAT-16063: include changeset identifier in log message for failing comment removal by StevenMassaro
• (#1408) DAT-15379: Updated pattern matching for 'USE DATABASE' statements by filipelautert
• (#1404) DAT-16157: do not upgrade checks file if autoUpdate is off by StevenMassaro
• (#1390) DAT-14570: add checks run results to MDC by StevenMassaro
• (#1401) DAT-16322: add liquibase connect command by StevenMassaro
• (#1398) DAT-16318: Handle rollback changes during modifyChangeSets logic by wwillard7800
• (#1389) DAT-16207: Styled update reports by abrackx
• (#1383) DAT-16136: expand TableMustHaveAComment check to check changelogs by StevenMassaro
• (#1366) DAT-15394: Generate report for diff-changelog by abrackx
• (#1387) Init checksSettingsFiles list to avoid NPE by wwillard7800
• (#1364) DAT-15404: Tweak endDelimiter name and remove hidden flag by wwillard7800
• (#1351) DAT-15640: Report for updateToTag by wwillard7800
• (#5366) add duplicatedChangesets to MDC (DAT-16452) @​StevenMassaro
• (#1400) DAT-16268: Fix unexpected objects verbiage by abrackx
• (#1342) Fixes problematic V8 checksums for pro CreateFunctionChange by filipelautert

[OSS]

New Features

• (#5186) Adding exception details key and implementation DAT-16064 @​wwillard7800
• (#5323) Updated PrimaryKeyExistsPrecondition to require table name for H2 databases @​filipelautert
• (#5268) Rework update summary to support reporting, add new update report fields (DAT-16207) @​abrackx
• (#5130) Update MySQL boolean behaviour from TinyInt(1) to TinyInt @​MalloD12

... (truncated)

Commits

• d208bf9 Release notes 4.25.1 (#5399)
• 73cb2e1 DAT-16494 Revert "Implemented ability for formatted SQL changelog to have rol...
• e605cee Update create-release.yml: set draft to true (#5388)
• 13df781 fix: use full commit-sha (#5387)
• 196a97c DAT-16471 DevOps: Attach artifatcs job fail (#5370)
• 15bf699 Downgrade ubuntu tests version (#5386)
• 87cf995 Downgrade ubuntu runner images version as current one are failing (#5384)
• 4136260 use first 7 digits of commit-sha (#5379)
• 8fb86c7 DAT-13175 Full automation of OSS extension release (#5383)
• 1408747 Merge pull request #5305 from liquibase/DAT-16354
• Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.7.0 to 42.7.1

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.1

Fixed regressions since 42.7.0

• Revert "Use canonical DateStyle name (#2925)" @​vlsi (#3035)
• Revert "feat: support SET statements combining with other queries with semicolon in PreparedStatement" @​vlsi (#3010)
• chore: use java.release=8 when building pgjdbc from the generated source distribution @​vlsi (#3038), the driver uses Java 8 methods only

Changes

• Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken @​davecramer (#3040)
• perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing @​vlsi (#3044)
• fix: avoid timezone conversions when sending LocalDateTime to the database @​vlsi (#2852)
• fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc @​chrullrich (#2720)

🧰 Maintenance

• chore: bump Gradle to 8.5 @​vlsi (#3045)
• chore: use Java 17 for building pgjdbc, and use --release 8 to target Java 8, add tests with Java 21 and 22 @​vlsi (#3026)
• fedora/rpm: move source build to java-17-openjdk-devel @​praiskup (#3036)
• Update site 42 7 0 @​davecramer (#3004)
• prepared for release 42.7.1 update changelogs @​davecramer (#3037)

⬆️ Dependencies

• fix(deps): update dependency org.checkerframework:org.checkerframework.gradle.plugin to v0.6.36 @​renovate-bot (#3060)
• chore(deps): update plugin biz.aqute.bnd.builder to v7 @​renovate-bot (#3034)
• fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6 @​renovate-bot (#3056)
• fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v5.2.5 @​renovate-bot (#3032)
• chore(deps): update codecov/codecov-action digest to b0466b4 @​renovate-bot (#3059)
• fix(deps): update checkerframework to v3.41.0 @​renovate-bot (#3058)
• fix(deps): update logback to v1.2.13 @​renovate-bot (#3053)
• chore(deps): update codecov/codecov-action digest to 438fa9e @​renovate-bot (#3051)
• fix(deps): update dependency spotbugs to v4.8.2 @​renovate-bot (#3052)
• chore: bump Gradle to 8.5 @​vlsi (#3045)
• fix(deps): update dependency org.ops4j.pax.url:pax-url-aether to v2.6.14 @​renovate-bot (#3030)
• chore(deps): update plugin org.nosphere.gradle.github.actions to v1.4.0 @​renovate-bot (#3031)
• chore(deps): update dependency ubuntu to v22 @​renovate-bot (#3033)
• fix(deps): update checkerframework @​renovate-bot (#3027)
• fix(deps): update dependency spotbugs to v4.8.1 @​renovate-bot (#3023)
• fix(deps): update dependency uk.org.webcompere:system-stubs-jupiter to v2.1.5 @​renovate-bot (#3024)
• fix(deps): update jmh to v1.37 @​renovate-bot (#3025)
• fix(deps): update dependency com.google.errorprone:error_prone_core to v2.23.0 @​renovate-bot (#3022)
• fix(deps): update junit5 monorepo to v5.10.1 @​renovate-bot (#3015)
• chore(deps): update plugin com.github.burrunan.s3-build-cache to v1.7 @​renovate-bot (#3016)
• chore(deps): update dependency com.typesafe.play:sbt-plugin to v2.9.0 @​renovate-bot (#3021)
• fix(deps): update dependency checkstyle to v10.12.5 @​renovate-bot (#3020)
• chore(deps): update codecov/codecov-action digest to 920a494 @​renovate-bot (#3019)
• chore(deps): update actions/github-script action to v7 @​renovate-bot (#3018)

... (truncated)

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.1] (2023-12-06 08:34:00 -0500)

Changed

• perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing [PR #3044](pgjdbc/pgjdbc#3044)

Fixed

• fix: Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken [PR #3040](pgjdbc/pgjdbc#3040)
• fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc [PR #2720](pgjdbc/pgjdbc#2720) Fixes [Issue #2690](pgjdbc/pgjdbc#2720).
• fix: NoSuchMethodError on ByteBuffer#position When Running on Java 8 when accessing arrays, fixes [Issue #3014](pgjdbc/pgjdbc#3014)
• Revert "[PR #2925](pgjdbc/pgjdbc#2925) Use canonical DateStyle name" [PR #3035](pgjdbc/pgjdbc#3035) Fixes [Issue #3008](pgjdbc/pgjdbc#3008)
• Revert "[PR ##2973](pgjdbc/pgjdbc#2973) feat: support SET statements combining with other queries with semicolon in PreparedStatement" [PR #3010](pgjdbc/pgjdbc#3010) Fixes [Issue #3007](pgjdbc/pgjdbc#3007)
• fix: avoid timezone conversions when sending LocalDateTime to the database #2852 Fixes [Issue #1390](pgjdbc/pgjdbc#1390) ,[Issue #2850](pgjdbc/pgjdbc#2850) Closes [Issue #1391(https://redirect.github.com/Fix #1390 LocalDateTime string serialization pgjdbc/pgjdbc#1391)

Commits

• 27bbccf fix attribution
• bb577e0 prepared for release 42.7.1 update changelogs (#3037)
• c1a851c fix: avoid timezone conversions when sending LocalDateTime to the database
• 25fdfc3 fix(deps): update dependency org.checkerframework:org.checkerframework.gradle...
• 244f4c0 test: use a fixed 1.0.0-dev-master-SNAPSHOT driver version when testing with ...
• 1492c98 chore: exclude postgresql 1.0.0-dev-master-SNAPSHOT from Renovate as we use t...
• 8cfd00c chore: use allowedVersions to limit Renovate updates
• 9e22ac0 chore(deps): update plugin biz.aqute.bnd.builder to v7
• 9244c0d fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.p...
• 5f48b07 chore: try using different syntax for Renovate from upgrading system-stubs 1....
• Additional commits viewable in compare view

Updates com.googlecode.maven-download-plugin:download-maven-plugin from 1.7.1 to 1.8.0

Release notes

Sourced from com.googlecode.maven-download-plugin:download-maven-plugin's releases.

Restore the old cache implementation

What's Changed

• Allow wget without POM by @​culmat in maven-download-plugin/maven-download-plugin#263
• Resolves #260: Restore the old cache implementation by @​ajarmoniuk in maven-download-plugin/maven-download-plugin#261

New Contributors

• @​culmat made their first contribution in maven-download-plugin/maven-download-plugin#263

Full Changelog: maven-download-plugin/maven-download-plugin@1.7.1...1.8.0

Commits

• 96c276f Release 1.8.0
• e96de15 Resolves #260: Restore the old cache implementation (#261)
• 0f0eceb Allow wget without POM (#263)
• 0154d2f bump to 1.7.2-SNAPSHOT
• See full diff in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.1

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.12.1

🐛 Bug Fixes

• [MCOMPILER-567] - Fail to compile if the generated-sources/annotation… (#218) @​jorsol

📦 Dependency updates

• [MCOMPILER-568] - Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220) @​dependabot

3.12.0

🚀 New features and improvements

• [MCOMPILER-562] - Add property maven.compiler.outputDirectory to CompilerMojo (#213) @​jGauravGupta
• [MCOMPILER-381] - Refactor incremental detection (#181) @​jorsol
• [MCOMPILER-542] - Clean JDK patch version in module-info.class (#208) @​jorsol
• [MCOMPILER-558] - compileSourceRoots in testCompile should be writable (#209) @​lorenzsimon
• [MCOMPILER-559] - Warn if overwriting the project's artifact's file to a different value (#211) @​gnodet
• [MCOMPILER-550] - make outputDirectory writable (#202) @​bmarwell
• [MCOMPILER-549] - Improve log message in case of recompilation - fix jenkins build (#203) @​slawekjaranowski
• [MCOMPILER-549] - Improve log message in case of recompilation (#201) @​BrowneMonke
• [MCOMPILER-391] - Use dep mgmt when resolving annotation processors and their deps (#180) @​psiroky
• [MCOMPILER-531] - Prepare for Java 20(-ea) (#184) @​slachiewicz

🐛 Bug Fixes

• [MCOMPILER-333] - Cleanup generated source files (#214) @​jorsol
• [MCOMPILER-544] - don't add items to classpath that are not used for that (#198) @​laeubi
• [MCOMPILER-547] - : Initialize pathElements to empty (#199) @​rovarga

📦 Dependency updates

• [MCOMPILER-564] - Bump plexusCompilerVersion from 2.13.0 to 2.14.1 (#216) @​dependabot
• [MCOMPILER-557] - Upgrade maven-plugin parent to 41 - fix build (#210) @​slawekjaranowski
• [MCOMPILER-554] - Update plexus-java to 1.2.0 (#207) @​jorsol
• [MCOMPILER-551] - Upgrade Parent to 40 (#205) @​slawekjaranowski
• [MCOMPILER-541] - update maven-shared-utils to 3.4.2 (#195) @​elharo
• Bump apache/maven-gh-actions-shared from 2 to 3 (#182) @​dependabot
• Bump maven-invoker-plugin from 3.4.0 to 3.5.0 (#179) @​dependabot

👻 Maintenance

• [MCOMPILER-565] - Allow project build by Maven 4 (#217) @​slawekjaranowski
• [MCOMPILER-552] - Refresh download page (#204) @​slawekjaranowski
• Remove references to old Maven versions. (#194) @​elharo
• (doc) Drop unused and vulnerable dependency to log4j (#190) @​slachiewicz
• [MNG-6829] - Replace StringUtils#isEmpty(String) & #isNotEmpty(String) (#189) @​timtebeek
• Update plexus-utils to 3.0.24 - in its (#183) @​slachiewicz

Commits

• 736da68 [maven-release-plugin] prepare release maven-compiler-plugin-3.12.1
• ef93f3d [MCOMPILER-568] Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220)
• eb7840c [MCOMPILER-567] - Fail to compile if the "generated-sources/annotations" does...
• 2a7a73b [maven-release-plugin] prepare for next development iteration
• c08b0fd [maven-release-plugin] prepare release maven-compiler-plugin-3.12.0
• a1c5b13 [MCOMPILER-565] Allow project build by Maven 4
• 4855773 Bump plexusCompilerVersion from 2.13.0 to 2.14.1
• 1d05342 [MCOMPILER-562] Add property maven.compiler.outputDirectory to CompilerMojo (...
• ea74978 [MCOMPILER-381] - Refactor incremental detection (#181)
• fd37f09 [MCOMPILER-333] Cleanup generated source files (#214)
• Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 2.41.0 to 2.41.1

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

spotless-lib and spotless-lib-extra releases

If you are a Spotless user (as opposed to developer), then you are probably looking for:

• https://github.com/diffplug/spotless/blob/main/plugin-gradle/CHANGES.md
• https://github.com/diffplug/spotless/blob/main/plugin-maven/CHANGES.md

This document is intended for Spotless developers.

We adhere to the keepachangelog format (starting after version 1.27.0).

[Unreleased]

Added

• New static method to DiffMessageFormatter which allows to retrieve diffs with their line numbers (#1960)

Changes

• Use palantir-java-format 2.39.0 on Java 21. (#1948)

[2.43.1] - 2023-12-04

Fixed

• Eclipse-based steps which contained any jars with a + in their path were broken, now fixed. (#1860)

Changes

• Bump default palantir-java-format version to latest 2.28.0 -> 2.38.0 on Java 21. (#1920)
• Bump default googleJavaFormat version to latest 1.17.0 -> 1.18.1. (#1920)
• Bump default ktfmt version to latest 0.44 -> 0.46. (#1927)
• Bump default eclipse version to latest 4.27 -> 4.29. (#1939)
• Bump default greclipse version to latest 4.28 -> 4.29. (#1939)
• Bump default cdt version to latest 11.1 -> 11.3. (#1939)

[2.43.0] - 2023-11-27

Added

• Support custom rule sets for Ktlint. (#1896)

Fixed

• Fix Eclipse JDT on some settings files. (#1864 fixes #1638)

Changes

• Bump default ktlint version to latest 1.0.0 -> 1.0.1. (#1855)
• Add a Step to remove semicolons from Groovy files. (#1881)

[2.42.0] - 2023-09-28

Added

• Support for biome. The Rome project was renamed to Biome. The configuration is still the same, but you should switch to the new biome tag / function and adjust the version accordingly. (#1804).
• Support for google-java-format's skip-javadoc-formatting option. (#1793)
• Support configuration of mirrors for P2 repositories in Maven DSL (#1697).
• New line endings mode GIT_ATTRIBUTES_FAST_ALLSAME. (#1838)

Fixed

• Fix support for plugins when using Prettier version 3.0.0 and newer. (#1802)
• Fix configuration cache issue around external process started '/usr/bin/git --version'. (#1806)

Changes

• Bump default flexmark version to latest 0.64.0 -> 0.64.8. (#1801)

... (truncated)

Commits

• 6de369e Published maven/2.41.1
• 29bb75c Published gradle/6.23.3
• 053c7ae Published lib/2.43.1
• ed88d33 Update Equo steps (#1939)
• c4da6c4 Update changelogs.
• ee77877 Keep eclipseWtp step, remove the long-dormant _ext/eclipse-wtp project (#...
• 7468ace Update actions/setup-java action to v4 (#1937)
• e655ef2 Bump CDT to latest.
• cde60a5 Bump GrEclipse to latest.
• 38021bf Bump JDT to latest.
• Additional commits viewable in compare view

Updates org.owasp:dependency-check-maven from 9.0.2 to 9.0.7

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 9.0.7

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.6

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.5

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.4

• fix: utilize maven proxy if present (#6255)
• fix: allow api key in cli to be quoted (#6253)
• fix: use correct maven plugin reporting plugin (#6244)
• fix: correct trailing comma in JSON report (#6245)

See the full listing of changes.

Version 9.0.3

• fix: use Java properties for proxy configuration (#6238)
• docs: update proxy configuration documentation (#6237)
• docs: add documentation on caching (#6204)
• docs: Clarify H2 database caching strategy (