Skip to content

chore(deps): bump the maven-deps group across 1 directory with 5 updates#418

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/MCP/maven-deps-6c93bbd975
Open

chore(deps): bump the maven-deps group across 1 directory with 5 updates#418
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/MCP/maven-deps-6c93bbd975

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the maven-deps group with 5 updates in the /MCP directory:

Package From To
org.json:json 20251224 20260522
io.undertow:undertow-core 2.4.0.Final 2.4.2.Final
org.junit.jupiter:junit-jupiter 6.0.3 6.1.1
org.apache.maven.plugins:maven-surefire-plugin 3.5.5 3.5.6
org.sonatype.central:central-publishing-maven-plugin 0.10.0 0.11.0

Updates org.json:json from 20251224 to 20260522

Release notes

Sourced from org.json:json's releases.

20260522

Pull Request Description
#1054 pre-release-20260522 prep for next release
#1053 update security.md with key data
#1046 Validate XML numeric character references before string construction
#1044 Ignore static fields in JSONObject.fromJson()
#1041 Enhance README with license clarification
#1039 Fix XML forceList parsing issue
#1038 Fix input validation in XMLTokener.unescapeEntity()
#1037 Fix ClassCastException in JSONML.toJSONArray and toJSONObject
#1029 add badge to external hosted javadoc
#1028 Refactoring: Fix sonarqube reliability issues
#1027 Save/restore default locale in test
Changelog

Sourced from org.json:json's changelog.

20260522 Publish key data, recent commits for minor fixes

Commits
  • 968a592 Merge pull request #1054 from stleary/pre-release-20260522
  • 3665aad pre-release-20260522 doc and build updates for release
  • d749ee1 Merge pull request #1053 from stleary/update-security-md-with-key
  • 6495983 update-security-md-with-key new security.md file, also fixed 1000 level jsona...
  • 896ce0f Merge pull request #1046 from yuki-matsuhashi/master
  • 1877069 Validate XML numeric character references before string construction
  • b959027 Merge pull request #1044 from yuki-matsuhashi/1043-ignore-static
  • 039f331 Add comment for empty test constructor
  • 94e3400 Ignore static fields in JSONObject.fromJson()
  • 6230128 Merge pull request #1041 from stleary/license-clarification
  • Additional commits viewable in compare view

Updates io.undertow:undertow-core from 2.4.0.Final to 2.4.2.Final

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.4.1.Final

Release 2.4.1.Final Full list of Jiras: view in Jira

    # Release notes - Undertow - 2.4.1.Final

Bug

UNDERTOW-2763 As per RFC9112 reason-phrase is optional in HTTP 1.1 responses

Enhancement

UNDERTOW-2759 Enable testing in JDK25

UNDERTOW-2767 [2.4.x] UndertowMessages at core uses the wrong message id for fixes in new parser

Commits
  • 92850b2 Prepare 2.4.2.Final
  • 8643d98 Merge pull request #1976 from ropalka/2026-06-23-backports-2.4.x
  • 5700856 [UNDERTOW-2709] UndertowOptions.ALLOWED_REQUEST_ATTRIBUTES_PATTERN is ignored...
  • f5f85e7 [UNDERTOW-2771] Revisited delimiters and unescaped characters
  • 7afc4df [UNDERTOW-2771] Decode query and path parameters if and only if parser is con...
  • 464418e [UNDERTOW-1918] ComplexSSLTestCase fails sporadically with ConnectionClosedEx...
  • 88734e1 Merge pull request #1973 from fl4via/backport-fixes_2.4.x
  • 665ff7f [UNDERTOW-2761] return 413 status instead of 500 in case of RequestTooBigExce...
  • e1daa7f [UNDERTOW-2759] Excluding new concurrency rules - they need further investiga...
  • 41c665f [UNDERTOW-2759] Excluding false positive - it is safe to have unread field no...
  • Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 6.0.3 to 6.1.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 6.1.1 = Platform 6.1.1 + Jupiter 6.1.1 + Vintage 6.1.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.0...r6.1.1

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits
  • 0d85889 Release 6.1.1
  • 0363eee Finalize 6.1.1 release notes
  • a6d540a Move entry to 6.1.1 release notes
  • 69339d5 Only pass timeout when publishing to avoid failure in nmcp plugin
  • dec2eb9 Allow excluding engines from memory cleanup mode (#5786)
  • a5f4270 Publish sha256/sha512 checksums again but filter out signature ones (#5796)
  • 8213012 Update plugin nmcp-settings to v1.6.0 (#5787)
  • d1bf847 Generate Javadoc for aggregator modules
  • d721de5 Pass --no-fonts to javadoc convention
  • d289ec6 Restore original SetSystemProperty values in a ParameterizedTest (#5720)
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.6

🚀 New features and improvements

  • Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

Commits
  • 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
  • e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
  • dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
  • 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
  • 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
  • 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
  • 04ad9a2 Use surefire 3.5.5 by project itself for testing
  • 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
  • a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
  • e838393 deploy 3.5.x branch to nexus
  • Additional commits viewable in compare view

Updates org.sonatype.central:central-publishing-maven-plugin from 0.10.0 to 0.11.0

Commits

@dependabot @github

dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: module:MCP. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 1, 2026
@dependabot dependabot Bot requested a review from julienmerconsulting as a code owner July 1, 2026 07:37
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 1, 2026
Bumps the maven-deps group with 5 updates in the /MCP directory:

| Package | From | To |
| --- | --- | --- |
| [org.json:json](https://github.com/douglascrockford/JSON-java) | `20251224` | `20260522` |
| [io.undertow:undertow-core](https://github.com/undertow-io/undertow) | `2.4.0.Final` | `2.4.2.Final` |
| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.1` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.5` | `3.5.6` |
| [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin) | `0.10.0` | `0.11.0` |



Updates `org.json:json` from 20251224 to 20260522
- [Release notes](https://github.com/douglascrockford/JSON-java/releases)
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md)
- [Commits](stleary/JSON-java@2025122...2026052)

Updates `io.undertow:undertow-core` from 2.4.0.Final to 2.4.2.Final
- [Release notes](https://github.com/undertow-io/undertow/releases)
- [Commits](undertow-io/undertow@2.4.0.Final...2.4.2.Final)

Updates `org.junit.jupiter:junit-jupiter` from 6.0.3 to 6.1.1
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.1)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.5 to 3.5.6
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.5...surefire-3.5.6)

Updates `org.sonatype.central:central-publishing-maven-plugin` from 0.10.0 to 0.11.0
- [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: io.undertow:undertow-core
  dependency-version: 2.4.2.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-deps
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-deps
- dependency-name: org.json:json
  dependency-version: '20260522'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-deps
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 6.1.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-deps
- dependency-name: org.sonatype.central:central-publishing-maven-plugin
  dependency-version: 0.11.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/maven/MCP/maven-deps-6c93bbd975 branch from 2cad6c3 to a075ae9 Compare July 2, 2026 14:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants