Skip to content

Bump the dependencies group across 1 directory with 5 updates#321

Open
dependabot[bot] wants to merge 1 commit intov2from
dependabot/maven/dependencies-3a1ae5634d
Open

Bump the dependencies group across 1 directory with 5 updates#321
dependabot[bot] wants to merge 1 commit intov2from
dependabot/maven/dependencies-3a1ae5634d

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps the dependencies group with 5 updates in the / directory:

Package From To
com.amazonaws.secretsmanager:aws-secretsmanager-caching-java 2.1.1 2.2.0
software.amazon.awssdk:secretsmanager 2.41.3 2.42.18
org.projectlombok:lombok 1.18.42 1.18.44
com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.2
com.github.spotbugs:spotbugs-annotations 4.9.6 4.9.8

Updates com.amazonaws.secretsmanager:aws-secretsmanager-caching-java from 2.1.1 to 2.2.0

Release notes

Sourced from com.amazonaws.secretsmanager:aws-secretsmanager-caching-java's releases.

2.2.0

What's Changed

New Contributors

Full Changelog: aws/aws-secretsmanager-caching-java@2.1.1...2.2.0

Commits

Updates software.amazon.awssdk:secretsmanager from 2.41.3 to 2.42.18

Updates org.projectlombok:lombok from 1.18.42 to 1.18.44

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.44 (March 11th, 2026)

  • FEATURE: @Jacksonized now supports both Jackson2 and Jackson3; you'll get a warning until you configure which one (or even both!) you want lombok to generate. #3950.
  • BUGFIX: On JDK25, val and @ExtensionMethod could sometimes cause erroneous errors (in that you see errors but compilation succeeds anyway) using javac. #3947.
  • BUGFIX: @Jacksonized + fields marked transient would result in those transient fields being serialised which is surprising (and thus undesired) behaviour. #3936.
Commits
  • 17c78fe [version] pre-release version bump
  • 1edca70 [test][@Jacksonized] Test emission of warning when not choosing jackson ver...
  • e789e82 [test] Update the generation of eclipse test targets from JDK14 to JDK25.
  • a54cecd [trivial][changelog]
  • 3db0a6c [bugfix][@Jacksonized] javac handler of jacksonized checked for existing ja...
  • 12572fc [test] Adjusted tests to the new 'jackson version is a list' config key setup.
  • 0e9699c [changelog] Document implementation of Jackson3 support: #3950.
  • d441be1 [jacksonized] infrastructure for previous merge resolution: Changed to the co...
  • d62b2d5 Merge branch 'master' into cachescrubber-gh-3950
  • f49f0fe [test] Remove tests for deprecated @Logger(access = MODULE). They're deprec...
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.21.1 to 2.21.2

Commits

Updates com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

4.9.8

SpotBugs 4.9.8

CHANGELOG

Fixed

  • Maven plugin reporting issue if -adjustPriority is not set (#3774)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.8-javadoc.jar 06fb742e3170087983c5855d7d8d846d7cdab9badfdf4b3564b424deb1dc0b28
spotbugs-4.9.8-sources.jar cbee8358dd239e81fdcf37c32d1e6bedf148d25638b0c8d1b687d97c3061ecd9
spotbugs-4.9.8.tgz 2eb8e0f2b223c22ffa2ce0c1cf1be4127dde19d240b8f7ce69a5fd3ad5c36ff3
spotbugs-4.9.8.zip e13d476403cf69074f415e35ebcc2f865f7a1ea444c1e659516bc0260e74dfa5
spotbugs-annotations-4.9.8-javadoc.jar aecf15bb27a4d067e9b5a1c85b5d3aeefc5026a66e93040995804662e285d679
spotbugs-annotations-4.9.8-sources.jar 075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44
spotbugs-annotations.jar 6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
spotbugs-ant-4.9.8-javadoc.jar 025b2fb90e089dab1875068397736003bbf9e66bcac287ecb9e512dd0d387748
spotbugs-ant-4.9.8-sources.jar 91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6
spotbugs-ant.jar 22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784
spotbugs.jar 4469bc080afe7cd2290a20bf63e28392b80abcc7c7ace33c8f55da52a17c7ca5
test-harness-4.9.8-javadoc.jar 81677f77441af941613c99a4f04b3cb2f6b1950be589afdec03905d8e2917824
test-harness-4.9.8-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.9.8.jar 0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189
test-harness-core-4.9.8-javadoc.jar e3e64a5fd96be16eec8b832e87da703e5eae910b3abd7bda9ff81a10363e5c7f
test-harness-core-4.9.8-sources.jar 043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532
test-harness-core-4.9.8.jar 4e439df3b499660d91a659d7c523fcdc4945c932dfc7fee68e796193f9dff6bb
test-harness-jupiter-4.9.8-javadoc.jar ae8ddee06796757be0526af1adf5969fbc149c0cf83542e6641405e69a044496
test-harness-jupiter-4.9.8-sources.jar 17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced
test-harness-jupiter-4.9.8.jar 9e1bc39da08c6c80091f34f1fd92ec092109d0cdfd8009910bc22772df06eea7

4.9.7

SpotBugs 4.9.7

CHANGELOG

Fixed

  • Fix Eclipse not always using latest preferences file state (#3740)
  • Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
  • Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
  • Documentation of -adjustPriority parameter
  • Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
  • Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

  • Support for fully qualified class names for detectors in -adjustPriority parameter
  • Support for numerical and absolute priority adjustments
  • Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

  • Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.9.8 - 2025-10-18

Fixed

  • Maven plugin reporting issue if -adjustPriority is not set (#3774)

4.9.7 - 2025-10-14

Fixed

  • Fix Eclipse not always using latest preferences file state (#3740)
  • Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
  • Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
  • Documentation of -adjustPriority parameter
  • Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
  • Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

  • Support for fully qualified class names for detectors in -adjustPriority parameter
  • Support for numerical and absolute priority adjustments
  • Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

  • Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

Build

  • Allow our GA builds to work with JDK 25 (and drop support for JDK 24) (#3564)
Commits
  • c1fa7f2 release v4.9.8
  • 023f8dd fix(deps): update dependency org.apache.groovy:groovy-all to v5.0.2 (#3782)
  • 423f1d1 Unconditional while loops no raising IL_INFINITE_LOOP (#3537)
  • 9125bee Fix priority adjustment code
  • 183da6c fix(deps): update dependency org.springframework:spring-core to v6.2.12 (#3779)
  • a499f2e chore(deps): update dependency com.diffplug.gradle:goomph to v4.4.1 (#3776)
  • b339bc1 Unconditionally initialize PriorityAdjuster for AbstractBugReporter
  • 96891fe chore(deps): update plugin com.github.spotbugs to v6.4.3 (#3773)
  • a3667d7 chore(docs): Updated supported versions
  • 333a96a prepare for next release
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group across 1 directory with 5 updates
e9bdc8a 
Bumps the dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [com.amazonaws.secretsmanager:aws-secretsmanager-caching-java](https://github.com/aws/aws-secretsmanager-caching-java) | `2.1.1` | `2.2.0` |
| software.amazon.awssdk:secretsmanager | `2.41.3` | `2.42.18` |
| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.42` | `1.18.44` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.21.1` | `2.21.2` |
| [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) | `4.9.6` | `4.9.8` |



Updates `com.amazonaws.secretsmanager:aws-secretsmanager-caching-java` from 2.1.1 to 2.2.0
- [Release notes](https://github.com/aws/aws-secretsmanager-caching-java/releases)
- [Commits](aws/aws-secretsmanager-caching-java@2.1.1...2.2.0)

Updates `software.amazon.awssdk:secretsmanager` from 2.41.3 to 2.42.18

Updates `org.projectlombok:lombok` from 1.18.42 to 1.18.44
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](projectlombok/lombok@v1.18.42...v1.18.44)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.21.1 to 2.21.2
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.github.spotbugs:spotbugs-annotations` from 4.9.6 to 4.9.8
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.9.6...4.9.8)

---
updated-dependencies:
- dependency-name: com.amazonaws.secretsmanager:aws-secretsmanager-caching-java
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: software.amazon.awssdk:secretsmanager
  dependency-version: 2.42.18
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: org.projectlombok:lombok
  dependency-version: 1.18.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.9.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 23, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 23, 2026 21:43
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 23, 2026
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 23, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.24%. Comparing base (16539a8) to head (e9bdc8a).

Additional details and impacted files 
@@            Coverage Diff            @@
##                 v2     #321   +/-   ##
=========================================
  Coverage     82.24%   82.24%           
  Complexity      143      143           
=========================================
  Files            12       12           
  Lines           366      366           
  Branches         45       45           
=========================================
  Hits            301      301           
  Misses           58       58           
  Partials          7        7

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants