Skip to content

fix(deps): update all minor dependencies (v2-main)#333

Open
renovate[bot] wants to merge 1 commit into
v2-mainfrom
renovate/v2-main-all-minor-patch
Open

fix(deps): update all minor dependencies (v2-main)#333
renovate[bot] wants to merge 1 commit into
v2-mainfrom
renovate/v2-main-all-minor-patch

Conversation

@renovate

@renovate renovate Bot commented Apr 24, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
org.apache.maven.plugins:maven-surefire-plugin (source) 3.5.53.5.6 age confidence
org.junit.jupiter:junit-jupiter (source) 5.14.35.14.4 age confidence
org.apache.logging.log4j:log4j-slf4j-impl (source) 2.25.42.26.1 age confidence
org.xmlunit:xmlunit-assertj3 (source) 2.11.02.12.0 age confidence
org.slf4j:slf4j-api (source, changelog) 2.0.172.0.18 age confidence
commons-io:commons-io (source) 2.21.02.22.0 age confidence
net.sf.saxon:Saxon-HE (source) 12.912.10 age confidence

Release Notes

xmlunit/xmlunit (org.xmlunit:xmlunit-assertj3)

v2.12.0

Compare Source

  • bumped xmlunit-assertj3's dependency on assert to 3.27.7.

    This is to make people aware of
    GHSA-rqfh-9r24-8c9r

    XMLUnit itself does not use the affected code in AssertJ so the upgrade is not strictly necessary - and this is why
    the xmlunit-assertj module is not updated. In fact the assertions provided by xmlunit-assertj3 are the recommended
    upgrade path for users of AssertJ 3.x+.

    PRs #​320 and
    #​321

  • actually made withDTDParsingDisabled do what it says.

    This is a bugfix and in a way it is backwards incompatible as it changes default behavior in a way that I intended to
    do with XMLUnit 2.6.0 eight years ago. DocumentBuilderFactoryConfigurer.DefaultWithDTDParsing provides the
    behavior of XMLUnit 2.6.0 to 2.11.0.

    PRs #​326 by @​jmestwa-coder
    and #​328


Configuration

📅 Schedule: (in timezone Europe/Paris)

  • Branch creation
    • "every weekend"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Pull requests that update a dependency file label Apr 24, 2026
@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 06e935b to 2ee03cc Compare April 26, 2026 14:31
@renovate renovate Bot changed the title fix(deps): update dependency commons-io:commons-io to v2.22.0 (v2-main) fix(deps): update all minor dependencies (v2-main) Apr 26, 2026
@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch 2 times, most recently from 7fa6fda to 5ff6c06 Compare May 12, 2026 20:43
@sonarqubecloud

Copy link
Copy Markdown

@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 5ff6c06 to 330fc4c Compare May 27, 2026 22:04
@sonarqubecloud

Copy link
Copy Markdown

@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 330fc4c to ca00b6f Compare May 31, 2026 13:44
@sonarqubecloud

Copy link
Copy Markdown

@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from ca00b6f to 849f335 Compare July 2, 2026 15:33
@renovate renovate Bot force-pushed the renovate/v2-main-all-minor-patch branch from 849f335 to 179e34f Compare July 10, 2026 09:09
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants