Skip to content

Bump the maven group across 1 directory with 8 updates#353

Merged
github-actions[bot] merged 4 commits into
mainfrom
dependabot/maven/maven-e6059112d9
Jul 9, 2026
Merged

Bump the maven group across 1 directory with 8 updates#353
github-actions[bot] merged 4 commits into
mainfrom
dependabot/maven/maven-e6059112d9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the maven group with 8 updates in the / directory:

Package From To
org.junit:junit-bom 6.1.0 6.1.1
com.diffplug.spotless:spotless-maven-plugin 3.7.0 3.8.0
ch.qos.logback:logback-classic 1.5.34 1.5.37
org.springframework.boot:spring-boot-dependencies 3.5.15 3.5.16
io.quarkus.platform:quarkus-bom 3.36.3 3.37.1
io.quarkus:quarkus-extension-processor 3.36.3 3.37.1
io.quarkus:quarkus-extension-maven-plugin 3.36.3 3.37.1
io.quarkus.platform:quarkus-maven-plugin 3.36.3 3.37.1

Updates org.junit:junit-bom from 6.1.0 to 6.1.1

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.1 = Platform 6.1.1 + Jupiter 6.1.1 + Vintage 6.1.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.0...r6.1.1

Commits
  • 0d85889 Release 6.1.1
  • 0363eee Finalize 6.1.1 release notes
  • a6d540a Move entry to 6.1.1 release notes
  • 69339d5 Only pass timeout when publishing to avoid failure in nmcp plugin
  • dec2eb9 Allow excluding engines from memory cleanup mode (#5786)
  • a5f4270 Publish sha256/sha512 checksums again but filter out signature ones (#5796)
  • 8213012 Update plugin nmcp-settings to v1.6.0 (#5787)
  • d1bf847 Generate Javadoc for aggregator modules
  • d721de5 Pass --no-fonts to javadoc convention
  • d289ec6 Restore original SetSystemProperty values in a ParameterizedTest (#5720)
  • Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 3.7.0 to 3.8.0

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.8.0

Added

  • Add support for custom string format for license header copyright year via yearStringFormat(). (#2965)

Fixed

  • <expandWildcardImports> no longer triggers a full transitive dependency resolution on every build. Dependency resolution is now deferred until the step actually runs, so projects that do not use <expandWildcardImports> (or that use version ranges) are no longer penalized. (#2983)
Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

spotless-lib and spotless-lib-extra releases

If you are a Spotless user (as opposed to developer), then you are probably looking for:

This document is intended for Spotless developers.

We adhere to the keepachangelog format (starting after version 1.27.0).

[Unreleased]

[4.8.0] - 2026-06-29

Added

  • Add support for custom string format for license header copyright year via yearStringFormat(). (#2965)

[4.7.0] - 2026-06-16

Added

  • Add support for AsciiDoc formatting via adocfmt. (#2960)
  • flexmark step now supports arbitrary formatter options via a formatterOptions map. (#2968)

Fixed

  • FenceStep.preserveWithin now forwards lints from nested steps while still suppressing lints inside preserved blocks. (#2962)
  • Support ktfmt 0.63 and use its new builder API for formatting options to better avoid future breaking changes.
  • Parse standard git year output in LicenseHeaderStep. (#2940)
  • Fix StringIndexOutOfBoundsException in scenarios where copyright year is surrounded by whitespace. (#2973)

Changes

  • Bump default greclipse version to latest 4.35 -> 4.39. (#2924)

[4.6.2] - 2026-05-27

Fixed

  • P2Provisioner now passes cache directory overrides directly to Solstice. (#2944)
  • forbidWildcardImports and forbidModuleImports now detect imports that have leading whitespace (indentation/tabs). (#2939)
  • versionCatalog step no longer splits long inline tables across multiple lines — Gradle's TOML 1.0 parser cannot read multi-line inline tables. The maxLineLength option has been removed. (#2948)

Changes

  • EclipseJdtFormtterStep now can conditionally set compiler source/compliance options. Allows for better parsing of AST Node for newer language features and more correct sorting; e.g. records or seal classes. (#2942)
  • Formatter no longer recomputes line-ending normalization (LineEnding.toUnix) a second time for every formatter step that changes content, removing redundant O(n) work from the core formatting loop. (#2934)
  • expandWildcardImports support pom type dependency. (#2839)

[4.6.1] - 2026-05-15

Fixed

  • LicenseHeaderStep in SET_FROM_GIT year mode no longer invokes git log through bash -c / cmd /c, eliminating a shell-injection vector when processing repositories that contain files whose names include shell metacharacters.

[4.6.0] - 2026-05-14

Added

  • scalafmt() now reads the version from the version field in the scalafmt config file when no version is explicitly set in the plugin config, falling back to the built-in default only if neither is available. (#2922)
  • Add versionCatalog step for formatting and sorting Gradle version catalog (.toml) files. (#2916)
  • Add javaparserVersion option to the Cleanthat step, allowing callers to override the JavaParser version pulled in transitively by Cleanthat. (#2903)

Fixed

... (truncated)

Commits
  • 03d43ba Published maven/3.8.0
  • 8b80c13 Published gradle/8.8.0
  • 8ee6cf9 Published lib/4.8.0
  • 6c02c0b Add missing changelog entry.
  • 264f4cc Add regression test for forbidWildcardImports inside toggleOffOn (#2982)
  • 6abb064 fix #2983, expandWildcardImports triggers a full transitive reso… (#2984)
  • f4536d4 Update plugin spotbugs to v6.5.8 (#2987)
  • 873454a Update plugin spotbugs to v6.5.8
  • 000b8a8 Update dependency org.junit.jupiter:junit-jupiter to v6.1.1 (#2985)
  • 84ebcab Update dependency org.junit.jupiter:junit-jupiter to v6.1.1
  • Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.34 to 1.5.37

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.37

2026-06-26 Release of logback version 1.5.37

  1. • Given the numerous vulnerabilities related to conditional configuration processing based on the evaluation of Java expressions using the Janino library, support for such expressions has been removed. Users are offered the an online migration service or the <condition> element introduced in version 1.5.20. See the relevant documentation for more details.

• A bitwise identical binary of this version can be reproduced by building from source code at commit c1df7f522e648eec7b4ef6a12c8758fec0f00048 associated with the tag v_1.5.37. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.36

2026-06-25 Release of logback version 1.5.36

• The 'condition' attribute in <if> elements now reject certain references that are associated with ACE attacks. This issue was reported by "yulate" (yulate531@gmail.com.com) and registered as CVE-2026-13006. Please note that version 1.5.37 provides the full fix to this vulnerability.

• A bitwise identical binary of this version can be reproduced by building from source code at commit 9b94c37562bf25a6a944146701d42ee6c4eee888 associated with the tag v_1.5.36. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.35

026-06-23 Release of logback version 1.5.35

• The 'condition' attribute in <if> elements now rejects unicode escape sequences (\u and \U). This closes a bypass of the existing prohibition on the new operator in Janino-evaluated conditions. This issue was reported by IcySun (icysun@qq.com) and registered as CVE-2026-13006. Please note that version 1.5.37 provides the full fix to this vulnerability.

• Added ConfiguratorRank.AUTHENTICATING (rank 100), the highest configurator rank, for certified/authenticating configurators discovered via the ServiceLoader mechanism. ContextInitializer now requires that at most one such configurator exist on the classpath; if more than one is found, initialization aborts with an error.

ConsoleCharsetPropertyDefiner is no longer shipped. The Java 21 multi-release compilation of logback-core has been disabled, which removes this class from the published artifact. Configurations that referenced ch.qos.logback.core.property.ConsoleCharsetPropertyDefiner will need an alternative approach for console charset detection.

• The logback-examples module is now included in artifacts published to Maven Central.

JoranConfigurator.makeAnotherInstance() and DefaultJoranConfigurator.performMultiStepConfigurationFileSearch() are now protected, allowing derived configurators to override these methods.

• A bitwise identical binary of this version can be reproduced by building from source code at commit 08bd1598d565d83444f72983935e7da4746783b7 associated with the tag v_1.5.35. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

Updates org.springframework.boot:spring-boot-dependencies from 3.5.15 to 3.5.16

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.16

🔨 Dependency Upgrades

Commits
  • 0566f69 Release v3.5.16
  • 93edd16 Next development version (v3.5.16-SNAPSHOT)
  • 5bafd0a Upgrade to Spring Integration 6.5.10
  • baf3290 Upgrade to Spring AMQP 3.2.12
  • 2c5964a Upgrade to Spring Data Bom 2025.0.13
  • dbb08aa Upgrade Antora dependencies
  • 9b281d5 Upgrade to actions/checkout 7.0.0
  • a854058 Upgrade to jfrog/setup-jfrog-cli 5.1.0
  • fc236ae Start building against Spring Integration 6.5.10 snapshots
  • 5271da7 Start building against Spring Data Bom 2025.0.13 snapshots
  • Additional commits viewable in compare view

Updates io.quarkus.platform:quarkus-bom from 3.36.3 to 3.37.1

Commits
  • 2d51155 [maven-release-plugin] prepare release 3.37.1
  • 9da81fa Merge pull request #2042 from quarkusio/quarkus-3.37.1
  • c3da25d Merge pull request #2038 from quarkusio/update-automation/3.37-quarkus-flow-0...
  • 481bc22 Upgrade to Quarkus 3.37.1
  • fba84a5 Update Quarkus Flow to 0.11.0
  • f648c1f [maven-release-plugin] prepare for next development iteration
  • acd4665 [maven-release-plugin] prepare release 3.37.0
  • ee4cd81 Merge pull request #2035 from ppalaga/qcxf-3.37.0
  • 4fa57b0 Update CXF to 3.37.0
  • f269932 Merge pull request #2032 from quarkusio/dependabot/github_actions/actions/che...
  • Additional commits viewable in compare view

Updates io.quarkus:quarkus-extension-processor from 3.36.3 to 3.37.1

Updates io.quarkus:quarkus-extension-maven-plugin from 3.36.3 to 3.37.1

Release notes

Sourced from io.quarkus:quarkus-extension-maven-plugin's releases.

3.37.1

Complete changelog

  • #49919 - Prevent invocation of Task.project at execution time in Gradle plugin
  • #54854 - OIDC DPoP Nonce response uses from status code and message
  • #54855 - For missing and invalid nonces, return 401/use_dpop_nonce
  • #54889 - Response not handled in ContainerResponseFilter for dropped HTTP requests
  • #54903 - Allow the use of @Cancellable on ContainerResponseFilter
  • #54909 - Change log level of some OIDC log messages from debug to warn
  • #54919 - Improve the update-quarkus.adoc guide a bit
  • #54924 - Fix status in update-quarkus.adoc
  • #54942 - Include additional args in AOTMode=create" command
  • #54949 - Infinispan - Add missing service implementations for native
  • #54950 - JAXB - Register a new service implementation for native
  • #54955 - Significant CPU regression
  • #54958 - Prevent invocation of Task.project at execution time in Gradle plugin
  • #54975 - Infinispan - Register services properly and enforce basic client intelligence in ITs
  • #54997 - Bump org.hibernate.validator:hibernate-validator from 9.1.0.Final to 9.1.1.Final
  • #55008 - Quarkus REST sub-resources return 500 for malformed content type unlike 415 from top-level resource
  • #55009 - Quarkus REST: fix response status for sub-resource requests with a malformed content type
  • #55010 - Fix TransactionalInterceptorBase to handle reaper-cancelled transactions
  • #55018 - Enforce no duplicate POM dependencies via maven-enforcer-plugin
  • #55022 - infinispan-client and infinispan-cache IT tests fail with GraalVM CE 25.2.4-dev
  • #55028 - Switch from org.fusesource.jansi to org.jline:jansi
  • #55030 - Reduce allocation in HTTP instrumentation
  • #55046 - CycloneDX SBOM fixes
  • #55048 - Add Literal helper to NamedOidcClient qualifier
  • #55053 - Register for reflection all constructors of service providers
  • #55057 - Qute should handle properties that are not found more gracefully than throwing ClassCastException
  • #55066 - Qute: handle not-found params in JsonObject and Plus value resolvers
  • #55068 - Bump io.quarkus.develocity:quarkus-project-develocity-extension from 1.3.0 to 1.3.1
  • #55080 - Generated quarkusjacksonserializer fails for JSON property names containing ‘-’ and ‘.’
  • #55081 - Sanitize json property names while generating reflection-free Jackson serializers
  • #55095 - Bump eu.maveniverse.maven.nisse:extension3 from 0.9.2 to 0.9.3
  • #55096 - Bump eu.maveniverse.maven.njord:extension3 from 0.9.8 to 0.9.9
  • #55099 - Update to MicroProfile API 3.1.1
  • #55105 - Bump Agroal to 3.2.1
  • #55107 - Signals: clarify SignalMetadataEnricher threading
  • #55121 - Bump com.ibm.db2:jcc from 12.1.0.0 to 12.1.5.0
  • #55128 - @JsonFormat on java.util.Date ignored by reflection-free Jackson serializers
  • #55140 - Fix support for @JsonFormat on java.util.Date in reflection-free Jackson serializers
  • #55143 - quarkus-rest-jackson: reflection-free serializer drops JsonNullable contained type (3.37.0 regression)
  • #55146 - Generalize handing of any single-type-parameter parameterized type
  • #55158 - OIDC: Multiple AuthenticationCompletionAction beans silently ignored
  • #55159 - Bump org.junit:junit-bom from 6.1.0 to 6.1.1 in /devtools/gradle
  • #55165 - Bump the hibernate group across 1 directory with 11 updates
  • #55168 - Bump org.junit:junit-bom from 6.1.0 to 6.1.1
  • #55173 - quarkus-rest-jackson ignores @JsonIgnoreProperties in combination with @JsonUnwrapped
  • #55176 - Fix performance regression in AotQuarkusEntryPoint

... (truncated)

Commits
  • 2fd50a7 [RELEASE] - Bump version to 3.37.1
  • b46ba0d Merge pull request #55210 from gsmet/3.37.1-backports-1
  • b20d158 Use maven.compiler.testRelease for Signals Java 21 tests
  • e2e6579 Switch from org.fusesource.jansi to org.jline:jansi
  • e74ece3 Bump org.hibernate.validator:hibernate-validator
  • d1b9ece Add maven.compiler.release and testRelease to independent-projects parent POM
  • 0f1bafd Make sure tree-shaken classes are recorded in pedigree for native build SBOMs
  • d142ff0 Fix performance regression in AotQuarkusEntryPoint
  • d03ab29 Generalize handing of any single-type-parameter parameterized type
  • 237ebf9 Update to MicroProfile API 3.1.1
  • Additional commits viewable in compare view

Updates io.quarkus.platform:quarkus-maven-plugin from 3.36.3 to 3.37.1

Commits
  • 2d51155 [maven-release-plugin] prepare release 3.37.1
  • 9da81fa Merge pull request #2042 from quarkusio/quarkus-3.37.1
  • c3da25d Merge pull request #2038 from quarkusio/update-automation/3.37-quarkus-flow-0...
  • 481bc22 Upgrade to Quarkus 3.37.1
  • fba84a5 Update Quarkus Flow to 0.11.0
  • f648c1f [maven-release-plugin] prepare for next development iteration
  • acd4665 [maven-release-plugin] prepare release 3.37.0
  • ee4cd81 Merge pull request #2035 from ppalaga/qcxf-3.37.0
  • 4fa57b0 Update CXF to 3.37.0
  • f269932 Merge pull request #2032 from quarkusio/dependabot/github_actions/actions/che...
  • Additional commits viewable in compare view

Updates io.quarkus:quarkus-extension-processor from 3.36.3 to 3.37.1

Updates io.quarkus:quarkus-extension-maven-plugin from 3.36.3 to 3.37.1

Release notes

Sourced from io.quarkus:quarkus-extension-maven-plugin's releases.

3.37.1

Complete changelog

  • #49919 - Prevent invocation of Task.project at execution time in Gradle plugin
  • #54854 - OIDC DPoP Nonce response uses from status code and message
  • #54855 - For missing and invalid nonces, return 401/use_dpop_nonce
  • #54889 - Response not handled in ContainerResponseFilter for dropped HTTP requests
  • #54903 - Allow the use of @Cancellable on ContainerResponseFilter
  • #54909 - Change log level of some OIDC log messages from debug to warn
  • #54919 - Improve the update-quarkus.adoc guide a bit
  • #54924 - Fix status in update-quarkus.adoc
  • #54942 - Include additional args in AOTMode=create" command
  • #54949 - Infinispan - Add missing service implementations for native
  • #54950 - JAXB - Register a new service implementation for native
  • #54955 - Significant CPU regression
  • #54958 - Prevent invocation of Task.project at execution time in Gradle plugin
  • #54975 - Infinispan - Register services properly and enforce basic client intelligence in ITs
  • #54997 - Bump org.hibernate.validator:hibernate-validator from 9.1.0.Final to 9.1.1.Final
  • #55008 - Quarkus REST sub-resources return 500 for malformed content type unlike 415 from top-level resource
  • #55009 - Quarkus REST: fix response status for sub-resource requests with a malformed content type
  • #55010 - Fix TransactionalInterceptorBase to handle reaper-cancelled transactions
  • #55018 - Enforce no duplicate POM dependencies via maven-enforcer-plugin
  • #55022 - infinispan-client and infinispan-cache IT tests fail with GraalVM CE 25.2.4-dev
  • #55028 - Switch from org.fusesource.jansi to org.jline:jansi
  • #55030 - Reduce allocation in HTTP instrumentation
  • #55046 - CycloneDX SBOM fixes
  • #55048 - Add Literal helper to NamedOidcClient qualifier
  • #55053 - Register for reflection all constructors of service providers
  • #55057 - Qute should handle properties that are not found more gracefully than throwing ClassCastException
  • #55066 - Qute: handle not-found params in JsonObject and Plus value resolvers
  • #55068 - Bump io.quarkus.develocity:quarkus-project-develocity-extension from 1.3.0 to 1.3.1
  • #55080 - Generated quarkusjacksonserializer fails for JSON property names containing ‘-’ and ‘.’
  • #55081 - Sanitize json property names while generating reflection-free Jackson serializers
  • #55095 - Bump eu.maveniverse.maven.nisse:extension3 from 0.9.2 to 0.9.3
  • #55096 - Bump eu.maveniverse.maven.njord:extension3 from 0.9.8 to 0.9.9
  • #55099 - Update to MicroProfile API 3.1.1
  • #55105 - Bump Agroal to 3.2.1
  • #55107 - Signals: clarify SignalMetadataEnricher threading
  • #55121 - Bump com.ibm.db2:jcc from 12.1.0.0 to 12.1.5.0
  • #55128 - @JsonFormat on java.util.Date ignored by reflection-free Jackson serializers
  • #55140 - Fix support for @JsonFormat on java.util.Date in reflection-free Jackson serializers
  • #55143 - quarkus-rest-jackson: reflection-free serializer drops JsonNullable contained type (3.37.0 regression)
  • #55146 - Generalize handing of any single-type-parameter parameterized type
  • #55158 - OIDC: Multiple AuthenticationCompletionAction beans silently ignored
  • #55159 - Bump org.junit:junit-bom from 6.1.0 to 6.1.1 in /devtools/gradle
  • #55165 - Bump the hibernate group across 1 directory with 11 updates
  • #55168 - Bump org.junit:junit-bom from 6.1.0 to 6.1.1
  • #55173 - quarkus-rest-jackson ignores @JsonIgnoreProperties in combination with @JsonUnwrapped
  • #55176 - Fix performance regression in AotQuarkusEntryPoint

... (truncated)

Commits
  • 2fd50a7 [RELEASE] - Bump version to 3.37.1
  • b46ba0d Merge pull request #55210 from gsmet/3.37.1-backports-1
  • b20d158 Use maven.compiler.testRelease for Signals Java 21 tests
  • e2e6579 Switch from org.fusesource.jansi to org.jline:jansi
  • e74ece3 Bump org.hibernate.validator:hibernate-validator
  • d1b9ece Add maven.compiler.release and testRelease to independent-projects parent POM
  • 0f1bafd Make sure tree-shaken classes are recorded in pedigree for native build SBOMs
  • d142ff0 Fix performance regression in AotQuarkusEntryPoint
  • d03ab29 Generalize handing of any single-type-parameter parameterized type
  • 237ebf9 Update to MicroProfile API 3.1.1
  • Additional commits viewable in compare view

Updates io.quarkus.platform:quarkus-maven-plugin from 3.36.3 to 3.37.1

Commits
  • 2d51155 [maven-release-plugin] prepare release 3.37.1
  • 9da81fa Merge pull request #2042 from quarkusio/quarkus-3.37.1
  • c3da25d Merge pull request #2038 from quarkusio/update-automation/3.37-quarkus-flow-0...
  • 481bc22 Upgrade to Quarkus 3.37.1
  • fba84a5 Update Quarkus Flow to 0.11.0
  • f648c1f [maven-release-plugin] prepare for next development iteration
  • acd4665 [maven-release-plugin] prepare release 3.37.0
  • ee4cd81 Merge pull request #2035 from ppalaga/qcxf-3.37.0
  • 4fa57b0 Update CXF to 3.37.0
  • f269932 Merge pull request #2032 from quarkusio/dependabot/github_actions/actions/che...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the maven group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.1.0` | `6.1.1` |
| [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) | `3.7.0` | `3.8.0` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.34` | `1.5.37` |
| [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) | `3.5.15` | `3.5.16` |
| [io.quarkus.platform:quarkus-bom](https://github.com/quarkusio/quarkus-platform) | `3.36.3` | `3.37.1` |
| io.quarkus:quarkus-extension-processor | `3.36.3` | `3.37.1` |
| [io.quarkus:quarkus-extension-maven-plugin](https://github.com/quarkusio/quarkus) | `3.36.3` | `3.37.1` |
| [io.quarkus.platform:quarkus-maven-plugin](https://github.com/quarkusio/quarkus-platform) | `3.36.3` | `3.37.1` |



Updates `org.junit:junit-bom` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.1.0...r6.1.1)

Updates `com.diffplug.spotless:spotless-maven-plugin` from 3.7.0 to 3.8.0
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@maven/3.7.0...maven/3.8.0)

Updates `ch.qos.logback:logback-classic` from 1.5.34 to 1.5.37
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.34...v_1.5.37)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.15 to 3.5.16
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.15...v3.5.16)

Updates `io.quarkus.platform:quarkus-bom` from 3.36.3 to 3.37.1
- [Commits](quarkusio/quarkus-platform@3.36.3...3.37.1)

Updates `io.quarkus:quarkus-extension-processor` from 3.36.3 to 3.37.1

Updates `io.quarkus:quarkus-extension-maven-plugin` from 3.36.3 to 3.37.1
- [Release notes](https://github.com/quarkusio/quarkus/releases)
- [Commits](quarkusio/quarkus@3.36.3...3.37.1)

Updates `io.quarkus.platform:quarkus-maven-plugin` from 3.36.3 to 3.37.1
- [Commits](quarkusio/quarkus-platform@3.36.3...3.37.1)

Updates `io.quarkus:quarkus-extension-processor` from 3.36.3 to 3.37.1

Updates `io.quarkus:quarkus-extension-maven-plugin` from 3.36.3 to 3.37.1
- [Release notes](https://github.com/quarkusio/quarkus/releases)
- [Commits](quarkusio/quarkus@3.36.3...3.37.1)

Updates `io.quarkus.platform:quarkus-maven-plugin` from 3.36.3 to 3.37.1
- [Commits](quarkusio/quarkus-platform@3.36.3...3.37.1)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.37
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: io.quarkus.platform:quarkus-bom
  dependency-version: 3.37.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: io.quarkus:quarkus-extension-processor
  dependency-version: 3.37.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: io.quarkus:quarkus-extension-maven-plugin
  dependency-version: 3.37.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: io.quarkus.platform:quarkus-maven-plugin
  dependency-version: 3.37.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: io.quarkus:quarkus-extension-processor
  dependency-version: 3.37.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: io.quarkus:quarkus-extension-maven-plugin
  dependency-version: 3.37.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: io.quarkus.platform:quarkus-maven-plugin
  dependency-version: 3.37.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 6, 2026
@github-actions
github-actions Bot enabled auto-merge (squash) July 6, 2026 16:44
@sonarqubecloud

sonarqubecloud Bot commented Jul 9, 2026

Copy link
Copy Markdown

@github-actions
github-actions Bot merged commit ecfeca1 into main Jul 9, 2026
3 checks passed
@github-actions
github-actions Bot deleted the dependabot/maven/maven-e6059112d9 branch July 9, 2026 08:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant