Bump the dependencies group with 11 updates #693

dependabot · 2025-12-15T19:01:56Z

Bumps the dependencies group with 11 updates:

Package	From	To
io.avaje:avaje-jsonb	`3.8`	`3.9`
io.avaje:avaje-json-node	`3.8`	`3.9`
io.avaje:avaje-inject	`12.0`	`12.1`
io.avaje:avaje-inject-generator	`12.0`	`12.1`
io.avaje:avaje-inject-maven-plugin	`12.0`	`12.1`
io.avaje:avaje-validator	`2.14`	`2.15`
io.avaje:avaje-validator-constraints	`2.14`	`2.15`
io.avaje:avaje-validator-generator	`2.14`	`2.15`
io.rest-assured:rest-assured	`5.5.6`	`6.0.0`
io.avaje:avaje-jsonb-generator	`3.8`	`3.9`
ch.qos.logback:logback-classic	`1.5.21`	`1.5.22`

Updates io.avaje:avaje-jsonb from 3.8 to 3.9

Release notes

Sourced from io.avaje:avaje-jsonb's releases.

3.9

What's Changed

Fix Custom Adapter Priority by @SentryMan in avaje/avaje-jsonb#447

Fix JsonView JPMS lookup by @SentryMan in avaje/avaje-jsonb#451

Handle Deep Nested Generics by @SentryMan in avaje/avaje-jsonb#453

Null Safe Json Node Adapter by @SentryMan in avaje/avaje-jsonb#455

Fix Nested Pretty by @SentryMan in avaje/avaje-jsonb#459

Add proc error message by @SentryMan in avaje/avaje-jsonb#458

Generate Component Before The Last Round by @SentryMan in avaje/avaje-jsonb#463

[bug fix] #464 fix missing comma in toJson for nested arrays by @rbygrave in avaje/avaje-jsonb#465

Prisms 2.0 Module Validation by @SentryMan in avaje/avaje-jsonb#468

Support Default Package by @SentryMan in avaje/avaje-jsonb#469

Multi-Release Virtual Thread Methods by @SentryMan in avaje/avaje-jsonb#470

Dependencies

Bump the dependencies group with 3 updates by @dependabot[bot] in avaje/avaje-jsonb#446

Bump com.fasterxml.jackson.core:jackson-core from 2.20.0 to 2.20.1 in the dependencies group by @dependabot[bot] in avaje/avaje-jsonb#448

Bump io.helidon.webserver:helidon-webserver from 4.3.1 to 4.3.2 in the dependencies group by @dependabot[bot] in avaje/avaje-jsonb#450

Bump the dependencies group with 3 updates by @dependabot[bot] in avaje/avaje-jsonb#460

[workflow]: Bump actions/checkout from 5 to 6 by @dependabot[bot] in avaje/avaje-jsonb#461

Bump io.avaje:avaje-prisms from 1.44-RC4 to 1.44 in the dependencies group by @dependabot[bot] in avaje/avaje-jsonb#467

Full Changelog: avaje/avaje-jsonb@3.8...3.9

Commits

cdb0ec3 Version 3.9
b2983ed Bump dependencies for prisms and spi-service
21331e0 3.9-RC3 (#471)
9c08885 Multi-Release Virtual Thread Methods (#470)
d93ed1c Support Default Package (#469)
8779547 Prisms 2.0 Module Validation (#468)
7ae548d 3.9-RC2 (#466)
d181141 Merge pull request #467 from avaje/dependabot/maven/main/dependencies-036adb41de
cbf806c Bump io.avaje:avaje-prisms in the dependencies group
aa87a22 [bug fix] #464 fix missing comma in toJson for nested arrays (#465)
Additional commits viewable in compare view

Updates io.avaje:avaje-json-node from 3.8 to 3.9

Updates io.avaje:avaje-inject from 12.0 to 12.1

Release notes

Sourced from io.avaje:avaje-inject's releases.

12.1

What's Changed

fix valhalla workflow by @SentryMan in avaje/avaje-inject#907

Fix Valhalla worklow again by @SentryMan in avaje/avaje-inject#910

Fixes providesBeans not generating by @SentryMan in avaje/avaje-inject#911

[events] support custom executor for async, add ObserverManager.Builder by @rbygrave in avaje/avaje-inject#915

error when io.avaje.inject.spi.AvajeModule class not found by @andponlin in avaje/avaje-inject#916

Reformat Javadoc in .inject.spi.AvajeModule by @mechite in avaje/avaje-inject#919

Reformat Javadoc in .inject.spi.ConfigPropertyPlugin by @mechite in avaje/avaje-inject#918

Bump bytebuddy dependencies for Java 25 support by @rob-bygrave in avaje/avaje-inject#923

Add proc full error message by @SentryMan in avaje/avaje-inject#926

Throw compile error for nested factory by @SentryMan in avaje/avaje-inject#927

Fix cases where a package private nested public class causes a compile error by @SentryMan in avaje/avaje-inject#925

Only auto merge external services if on the module-path by @SentryMan in avaje/avaje-inject#928

Generate components before the last round by @SentryMan in avaje/avaje-inject#938

Fix Lazy Priority Generation by @SentryMan in avaje/avaje-inject#937

Replace Class.forName with Module Check and Direct Load by @SentryMan in avaje/avaje-inject#932

Support default package by @SentryMan in avaje/avaje-inject#942

Support Builder using name qualifier with List and Set by @rbygrave in avaje/avaje-inject#944

Prisms 2.0 Module Validation by @SentryMan in avaje/avaje-inject#947

Fix default package generating in modules by @SentryMan in avaje/avaje-inject#946

Avoid generating into default package if . is present in common package name by @SentryMan in avaje/avaje-inject#949

Dependencies

Bump the dependencies group with 7 updates by @dependabot[bot] in avaje/avaje-inject#908

Bump the dependencies group with 3 updates by @dependabot[bot] in avaje/avaje-inject#924

Bump the dependencies group with 2 updates by @dependabot[bot] in avaje/avaje-inject#930

Bump io.avaje:avaje-prisms from 1.44-RC3 to 1.44-RC4 in the dependencies group by @dependabot[bot] in avaje/avaje-inject#933

Bump the dependencies group with 2 updates by @dependabot[bot] in avaje/avaje-inject#943

Bump io.avaje:avaje-prisms from 2.0-RC1 to 2.0-RC2 in the dependencies group by @dependabot[bot] in avaje/avaje-inject#950

Bump dependency for prisms 2.0 and spi-service 2.14 by @rbygrave in avaje/avaje-inject#951

New Contributors

@andponlin made their first contribution in avaje/avaje-inject#916

Full Changelog: avaje/avaje-inject@12.0...12.1

Commits

4e307f7 Version 12.1
fa1ecac Bump dependency for prisms 2.0 and spi-service 2.14 (#951)
c367f83 Merge pull request #950 from avaje/dependabot/maven/master/dependencies-1797b...
daa7de0 Bump io.avaje:avaje-prisms in the dependencies group
efb5fbb 12.1-RC6 (#948)
47dcac7 Avoid generating into default package if . is present (#949)
e6d66cd fix default package generating in modules (#946)
7528131 prisms 2.0 (#947)
764bc2a 12.1-RC5 (#945)
c2bdaf9 Support Builder using name qualifier with List and Set (#944)
Additional commits viewable in compare view

Updates io.avaje:avaje-inject-generator from 12.0 to 12.1

Updates io.avaje:avaje-inject-maven-plugin from 12.0 to 12.1

Updates io.avaje:avaje-validator from 2.14 to 2.15

Release notes

Sourced from io.avaje:avaje-validator's releases.

2.15

What's Changed

Nesting Compile Error Test by @SentryMan in avaje/avaje-validator#331

Add proc error message by @SentryMan in avaje/avaje-validator#332

Compile Time Type Validation For Custom Constraints by @SentryMan in avaje/avaje-validator#342

Do not generate unused adapters by @SentryMan in avaje/avaje-validator#340

Warn on No Constraints by @SentryMan in avaje/avaje-validator#334

Replace Class.forName with Module Check and Direct Load by @SentryMan in avaje/avaje-validator#335

Fix Optional Cascades by @SentryMan in avaje/avaje-validator#343

Fix Optional Checktype by @SentryMan in avaje/avaje-validator#344

Generate Component Before the Last Round by @SentryMan in avaje/avaje-validator#345

Prisms 2.0 Module Validation by @SentryMan in avaje/avaje-validator#346

Support Default Package by @SentryMan in avaje/avaje-validator#347

Bump dependencies for prisms 2.0, spi 2.14, inject 12.1 by @rbygrave in avaje/avaje-validator#348

Full Changelog: avaje/avaje-validator@2.14...2.15

Commits

141855b Version 2.15
33b2742 Bump dependencies for prisms 2.0, spi 2.14, inject 12.1 (#348)
3be73a0 2.15-RC3
84009aa Support Default Package (#347)
38533a6 Use Throwable instead of NoClassDefFoundError
223a8ab prisms 2 (#346)
d2c5ebb 2.15-RC2
b6bb993 Generate Component Before the Last Round (#345)
1911d0f fix optional checktype (#344)
a09f5ef Fix Optional Cascades (#343)
Additional commits viewable in compare view

Updates io.avaje:avaje-validator-constraints from 2.14 to 2.15

Updates io.avaje:avaje-validator-generator from 2.14 to 2.15

Updates io.rest-assured:rest-assured from 5.5.6 to 6.0.0

Changelog

Sourced from io.rest-assured:rest-assured's changelog.

Changelog 6.0.0 (2025-12-12)

spring-mock-mvc module now supports Spring 7.x

spring-web-test-client now supports Spring 7.x

Upgraded commons-lang3 from 3.18.0 to 3.19.0

The spring modules now required Spring 5.3+ (previously 5.1 was required)

New minimum Java baseline is now 17

New minimum Groovy base is now 5.x

Support for Jackson 3 object mapping

Support for Yasson 3 object mapping

Support for jakarta JsonB/Johnzon 3 object mapping

Migrate json-path fully to Java, bypass GroovyShell for evaluation (#1844) (thanks to Michael Edgar for PR)

This fixed some nasty memory leaks when using JsonPath heavily in long running processes

Stop resetting ResponseParserRegistrar during build (#1759, #1505, #1207 & #978) (thanks to Marc Easen for PR)

Skip Null filters in FilterContextImpl (#1834) (thanks to Boyarshinov Alexander for PR)

Upgraded Kotlin extension module to use Kotlin 2.2.21

Commits

0b3a0d9 [maven-release-plugin] prepare release rest-assured-6.0.0
bd55281 [ci skip] Add exclusions for jackson3-example and spring7-mvc-webapp in pom.xml
eb141e2 [maven-release-plugin] prepare for next development iteration
4c1a241 [maven-release-plugin] prepare release rest-assured-6.0.0
2f11520 Using newer version of dokka and using stdlib for kotlin instead of jdk8
6d9362c Ability to exclude osgi-tests in release
24380db Revert osgi-tests back to JUnit 4
9c12601 Upgraded Kotlin extension module to use Kotlin 2.2.21
4b1ff78 [ci skip] Prepare and perform release in single step
931f421 [ci skip] Removed explicit javadoc path workaround for JDK 8
Additional commits viewable in compare view

Updates io.avaje:avaje-jsonb-generator from 3.8 to 3.9

Updates ch.qos.logback:logback-classic from 1.5.21 to 1.5.22

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.22

2025-12-11 Release of logback version 1.5.22

• In order to prevent involuntary information leakage, Logback will no longer output the value of a substituted variable, if the variable name contains any of the case-insensitive strings "password", "secret" or "confidential". This problem was reported by Chintan Rohila in issues/986.

• Logback now takes the overridden toString() method of Throwable subclasses into account when printing stack traces. This issue was reported in LOGBACK-543 by Alvin Chee, with a fix provided in PR 404 by Brett Kail.

• Instead of limit-counting guard, Logback now uses a tumbling-window guard to rate limit internal error messages.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 572379aabd2f672b49593e4020696c624541e5b0 associated with the tag v_1.5.22. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

572379a prepare release 1.5.22
39d17ea fix status printing of variable substitution when the variable name contains ...
75509a9 fix PR 404, LOGBACK-543
8eb9356 remove unused import
6131a3a use a slightly more sophisticated guard for printing status messages
9efca21 add no-args constructor to support various serialization frameworks
1bea580 minor comment edits
bd07fdd update angus, greenmail versions
aef993c start work on 1.5.22-SNAPSHOT
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 11 updates: | Package | From | To | | --- | --- | --- | | [io.avaje:avaje-jsonb](https://github.com/avaje/avaje-jsonb) | `3.8` | `3.9` | | io.avaje:avaje-json-node | `3.8` | `3.9` | | [io.avaje:avaje-inject](https://github.com/avaje/avaje-inject) | `12.0` | `12.1` | | io.avaje:avaje-inject-generator | `12.0` | `12.1` | | io.avaje:avaje-inject-maven-plugin | `12.0` | `12.1` | | [io.avaje:avaje-validator](https://github.com/avaje/avaje-validator) | `2.14` | `2.15` | | io.avaje:avaje-validator-constraints | `2.14` | `2.15` | | io.avaje:avaje-validator-generator | `2.14` | `2.15` | | [io.rest-assured:rest-assured](https://github.com/rest-assured/rest-assured) | `5.5.6` | `6.0.0` | | io.avaje:avaje-jsonb-generator | `3.8` | `3.9` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.21` | `1.5.22` | Updates `io.avaje:avaje-jsonb` from 3.8 to 3.9 - [Release notes](https://github.com/avaje/avaje-jsonb/releases) - [Commits](avaje/avaje-jsonb@3.8...3.9) Updates `io.avaje:avaje-json-node` from 3.8 to 3.9 Updates `io.avaje:avaje-inject` from 12.0 to 12.1 - [Release notes](https://github.com/avaje/avaje-inject/releases) - [Commits](avaje/avaje-inject@12.0...12.1) Updates `io.avaje:avaje-inject-generator` from 12.0 to 12.1 Updates `io.avaje:avaje-inject-generator` from 12.0 to 12.1 Updates `io.avaje:avaje-inject-maven-plugin` from 12.0 to 12.1 Updates `io.avaje:avaje-validator` from 2.14 to 2.15 - [Release notes](https://github.com/avaje/avaje-validator/releases) - [Commits](avaje/avaje-validator@2.14...2.15) Updates `io.avaje:avaje-validator-constraints` from 2.14 to 2.15 Updates `io.avaje:avaje-validator-generator` from 2.14 to 2.15 Updates `io.rest-assured:rest-assured` from 5.5.6 to 6.0.0 - [Changelog](https://github.com/rest-assured/rest-assured/blob/master/changelog.txt) - [Commits](rest-assured/rest-assured@rest-assured-5.5.6...rest-assured-6.0.0) Updates `io.avaje:avaje-jsonb-generator` from 3.8 to 3.9 Updates `ch.qos.logback:logback-classic` from 1.5.21 to 1.5.22 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.21...v_1.5.22) --- updated-dependencies: - dependency-name: io.avaje:avaje-jsonb dependency-version: '3.9' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-json-node dependency-version: '3.9' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-inject dependency-version: '12.1' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-inject-generator dependency-version: '12.1' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-inject-generator dependency-version: '12.1' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-inject-maven-plugin dependency-version: '12.1' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-validator dependency-version: '2.15' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-validator-constraints dependency-version: '2.15' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.avaje:avaje-validator-generator dependency-version: '2.15' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: io.rest-assured:rest-assured dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: io.avaje:avaje-jsonb-generator dependency-version: '3.9' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 15, 2025

github-actions bot approved these changes Dec 15, 2025

View reviewed changes

github-actions bot enabled auto-merge December 15, 2025 19:02

dependabot bot force-pushed the dependabot/maven/master/dependencies-72d6ee3e40 branch from 4b2577d to 777547d Compare December 15, 2025 19:44

github-actions bot approved these changes Dec 15, 2025

View reviewed changes

fix test

02404a4

github-actions bot merged commit 937d0b1 into master Dec 16, 2025
6 checks passed

dependabot bot deleted the dependabot/maven/master/dependencies-72d6ee3e40 branch December 16, 2025 03:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the dependencies group with 11 updates #693

Bump the dependencies group with 11 updates #693

Uh oh!

dependabot bot commented on behalf of github Dec 15, 2025 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump the dependencies group with 11 updates #693

Bump the dependencies group with 11 updates #693

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

3.9

What's Changed

Dependencies

12.1

What's Changed

Dependencies

New Contributors

2.15

What's Changed

Changelog 6.0.0 (2025-12-12)

Logback 1.5.22

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Dec 15, 2025 •

edited

Loading