Bump the prod-deps group across 1 directory with 6 updates

[dependabot]

Bumps the prod-deps group with 6 updates in the / directory:

Package	From	To
com.fasterxml.jackson:jackson-bom	2.17.2	2.18.1
org.junit:junit-bom	5.11.1	5.11.3
org.apache.maven.plugins:maven-surefire-plugin	3.5.0	3.5.2
org.apache.maven.plugins:maven-failsafe-plugin	3.5.0	3.5.2
io.smallrye:jandex-maven-plugin	3.2.2	3.2.3
org.sonarsource.scanner.maven:sonar-maven-plugin	4.0.0.4121	5.0.0.4389

Updates com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.18.1

Commits

• ef33ac7 [maven-release-plugin] prepare release jackson-bom-2.18.1
• f43bf9f Prepare for 2.18.1 release
• 6f5259d Change to snapshot version of jackson-parent
• 3f21ec5 Back to snapshot dep
• bb45933 [maven-release-plugin] prepare for next development iteration
• 7236550 [maven-release-plugin] prepare release jackson-bom-2.18.0
• 58c2791 Prepare for 2.18.0 release
• 3775318 Merge pull request #73 from FasterXML/dependabot/github_actions/github-action...
• 540b7e7 Bump actions/setup-java from 4.2.1 to 4.2.2 in the github-actions group
• 6cc8c64 Back to snapshot deps
• Additional commits viewable in compare view

Updates org.junit:junit-bom from 5.11.1 to 5.11.3

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 5.11.3 = Platform 1.11.3 + Jupiter 5.11.3 + Vintage 5.11.3

See Release Notes.

Full Changelog: junit-team/junit5@r5.11.2...r5.11.3

JUnit 5.11.2 = Platform 1.11.2 + Jupiter 5.11.2 + Vintage 5.11.2

See Release Notes.

Full Changelog: junit-team/junit5@r5.11.1...r5.11.2

Commits

• b20991e Release 5.11.3
• e57b508 Finalize 5.11.3 release notes
• fb1254c Allow repeating ExtendWith annotation on fields and parameters
• a3192bd Fix package name comparison on Java 8 (#4077)
• fcb7b01 Remove useless Order annotation
• 57dfcb5 Allow repeating @…Source annotations when used as meta annotations
• 09cd8b3 Add ArchUnit test for consistency of repeatable annotations
• fa46a92 Hard-wrap at 90 characters
• 8f45eea Find repeatable @⁠ExtendWith meta-annotations on fields again
• b451122 Introduce release notes for 5.11.3
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.0 to 3.5.2

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.2

🚀 New features and improvements

• [SUREFIRE-2278] - Don't say please. (#792) @​elharo

📦 Dependency updates

• [SUREFIRE-2281] - Doxia 2.0.0 ga (#794) @​michael-o
• Bump commons-io:commons-io from 2.2 to 2.14.0 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1 (#789) @​dependabot

👻 Maintenance

• [SUREFIRE-2282] - surefire-report-plugin: Update Introduction documenta… (#796) @​michael-o
• Reduce cyclomatic complexity (#793) @​elharo

Full Changelog: apache/maven-surefire@surefire-3.5.1...surefire-3.5.2

3.5.1

🚀 New features and improvements

• [SUREFIRE-2270] - Use JUnit5 in surefire-shadefire (#783) @​slawekjaranowski
• [SUREFIRE-2266] - Execute ITs in parallel (#781) @​slawekjaranowski
• [SUREFIRE-2264] - Limit usage of commons-io from surefire-shared-utils (#777) @​slawekjaranowski

🐛 Bug Fixes

• [SUREFIRE-2267] - Packages for commons-codec should be relocated in surefire-shared-utils (#782) @​slawekjaranowski
• [SUREFIRE-1737] - Fix disable in statelessTestsetReporter (#780) @​slawekjaranowski
• [SUREFIRE-2257] - [REGRESSION] NPEx: Cannot invoke "Object.toString()" … (#774) @​michael-o

📦 Dependency updates

• [SUREFIRE-2273] - Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#784) @​dependabot
• [SUREFIRE-2272] - Bump org.codehaus.plexus:plexus-java from 1.2.0 to 1.3.0 - JDK 23 support (#786) @​dependabot
• [SUREFIRE-2226] - Upgrade to Maven Verifier 2.0.0-M1 (#706) @​michael-o
• [SUREFIRE-2265] - Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#779) @​dependabot
• [SUREFIRE-2263] - Use the latest version of surefire for self build (#776) @​slawekjaranowski
• [SUREFIRE-2262] - Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (#775) @​dependabot

👻 Maintenance

• [SUREFIRE-2269] - Allow fail during clean in surefire-its (#785) @​slawekjaranowski

Commits

• ea9f049 [maven-release-plugin] prepare release surefire-3.5.2
• e1f94a0 [SUREFIRE-2276] JUnit5's TestTemplate failures treated as flakes with retries
• d24adb4 [SUREFIRE-2277] RunResult#getFlakes() is lost during serialisation/deserialis...
• 4385e94 Remove links to non-existing report
• 8881971 Remove outdated FAQ
• 0121834 [SUREFIRE-2283] FAQ site contains broken link to failsafe-plugin
• 91d16c3 Fix formatting of XML schema files
• 6cb417a Add .xsd to .gitattributes
• 9ce5221 [SUREFIRE-2282] surefire-report-plugin: Update Introduction documentation page
• 620b983 [SUREFIRE-2281] Upgrade to Doxia 2.0.0 GA Stack
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.0 to 3.5.2

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.2

🚀 New features and improvements

• [SUREFIRE-2278] - Don't say please. (#792) @​elharo

📦 Dependency updates

• [SUREFIRE-2281] - Doxia 2.0.0 ga (#794) @​michael-o
• Bump commons-io:commons-io from 2.2 to 2.14.0 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1 (#789) @​dependabot

👻 Maintenance

• [SUREFIRE-2282] - surefire-report-plugin: Update Introduction documenta… (#796) @​michael-o
• Reduce cyclomatic complexity (#793) @​elharo

Full Changelog: apache/maven-surefire@surefire-3.5.1...surefire-3.5.2

3.5.1

🚀 New features and improvements

• [SUREFIRE-2270] - Use JUnit5 in surefire-shadefire (#783) @​slawekjaranowski
• [SUREFIRE-2266] - Execute ITs in parallel (#781) @​slawekjaranowski
• [SUREFIRE-2264] - Limit usage of commons-io from surefire-shared-utils (#777) @​slawekjaranowski

🐛 Bug Fixes

• [SUREFIRE-2267] - Packages for commons-codec should be relocated in surefire-shared-utils (#782) @​slawekjaranowski
• [SUREFIRE-1737] - Fix disable in statelessTestsetReporter (#780) @​slawekjaranowski
• [SUREFIRE-2257] - [REGRESSION] NPEx: Cannot invoke "Object.toString()" … (#774) @​michael-o

📦 Dependency updates

• [SUREFIRE-2273] - Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#784) @​dependabot
• [SUREFIRE-2272] - Bump org.codehaus.plexus:plexus-java from 1.2.0 to 1.3.0 - JDK 23 support (#786) @​dependabot
• [SUREFIRE-2226] - Upgrade to Maven Verifier 2.0.0-M1 (#706) @​michael-o
• [SUREFIRE-2265] - Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#779) @​dependabot
• [SUREFIRE-2263] - Use the latest version of surefire for self build (#776) @​slawekjaranowski
• [SUREFIRE-2262] - Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (#775) @​dependabot

👻 Maintenance

• [SUREFIRE-2269] - Allow fail during clean in surefire-its (#785) @​slawekjaranowski

Commits

• ea9f049 [maven-release-plugin] prepare release surefire-3.5.2
• e1f94a0 [SUREFIRE-2276] JUnit5's TestTemplate failures treated as flakes with retries
• d24adb4 [SUREFIRE-2277] RunResult#getFlakes() is lost during serialisation/deserialis...
• 4385e94 Remove links to non-existing report
• 8881971 Remove outdated FAQ
• 0121834 [SUREFIRE-2283] FAQ site contains broken link to failsafe-plugin
• 91d16c3 Fix formatting of XML schema files
• 6cb417a Add .xsd to .gitattributes
• 9ce5221 [SUREFIRE-2282] surefire-report-plugin: Update Introduction documentation page
• 620b983 [SUREFIRE-2281] Upgrade to Doxia 2.0.0 GA Stack
• Additional commits viewable in compare view

Updates io.smallrye:jandex-maven-plugin from 3.2.2 to 3.2.3

Release notes

Sourced from io.smallrye:jandex-maven-plugin's releases.

3.2.3

• #475 release 3.2.3
• #474 Allow pages.yml to be called by other workflows
• #473 release 3.2.3-RC1, tenth attempt
• #472 Fix invalid HTML in Type.parse() javadoc
• #471 Bump net.bytebuddy:byte-buddy from 1.15.5 to 1.15.7
• #470 release 3.2.3-RC1, ninth attempt
• #469 Use the proper prepare-release.yml workflow again
• #468 release 3.2.3-RC1, eighth attempt
• #467 release 3.2.3-RC1, seventh attempt
• #466 release 3.2.3-RC1, sixth attempt
• #465 Use my fork of the prepare-release.yml workflow to verify the checkout-git-ref input
• #464 release 3.2.3-RC1, fifth attempt
• #463 Comment out configuration that does not exist yet
• #462 release 3.2.3-RC1, fourth attempt
• #461 Various improvements to the release process
• #460 release 3.2.3-RC1, third attempt
• #459 Read project metadata in before/after release actions
• #458 release 3.2.3-RC1, second attempt
• #457 Checkout in before/after release actions
• #456 release 3.2.3-RC1
• #455 Use new release workflow with common SmallRye release actions
• #454 Bump org.codehaus.mojo:exec-maven-plugin from 3.4.1 to 3.5.0
• #453 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.8.1
• #452 Bump org.junit.jupiter:junit-jupiter from 5.11.2 to 5.11.3
• #451 Bump net.bytebuddy:byte-buddy from 1.15.4 to 1.15.5
• #450 Bump net.bytebuddy:byte-buddy from 1.15.3 to 1.15.4
• #449 Bump org.junit.jupiter:junit-jupiter from 5.11.1 to 5.11.2
• #448 Use Java 23 instead of 22 in CI
• #447 Bump net.bytebuddy:byte-buddy from 1.15.2 to 1.15.3
• #446 Add Release Procedure
• #445 Bump net.bytebuddy:byte-buddy from 1.15.1 to 1.15.2
• #444 Bump org.junit.jupiter:junit-jupiter from 5.11.0 to 5.11.1
• #443 Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2
• #442 Add Type.parse()
• #441 Bump io.smallrye:smallrye-build-parent from 45 to 46
• #440 Bump version.groovy from 4.0.22 to 4.0.23
• #438 Bump com.igormaznitsa:mvn-jlink-wrapper from 1.2.3 to 1.2.4
• #437 Fix Index.singleClass() when the passed class file is in fact a module descriptor
• #436 Exception in Index.singleClass() when applied to module-info.class
• #435 Bump net.bytebuddy:byte-buddy from 1.14.18 to 1.15.1
• #434 Bump org.apache.ant:ant from 1.10.14 to 1.10.15
• #433 Bump version.maven-plugin-tools from 3.13.1 to 3.15.0
• #431 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0
• #430 Bump version.maven from 3.9.8 to 3.9.9
• #428 Bump burrunan/gradle-cache-action from 1.22 to 2
• #426 Bump org.junit.jupiter:junit-jupiter from 5.10.3 to 5.11.0
• #425 Bump org.codehaus.mojo:exec-maven-plugin from 3.4.0 to 3.4.1

Commits

• 23a8081 [maven-release-plugin] prepare release 3.2.3
• 80a7fe4 Amendments before release
• 9aa8b7c Merge pull request #475 from smallrye/release-3.2.3
• 121454a release 3.2.3
• d19e342 Merge pull request #474 from Ladicek/allow-workflow-call-for-pages
• 58f86d2 Allow pages.yml to be called by other workflows
• 7f23605 Amendments after release
• 3fddd96 [maven-release-plugin] prepare for next development iteration
• 0723c53 [maven-release-plugin] prepare release 3.2.3-RC1
• 8cba3fc Amendments before release
• Additional commits viewable in compare view

Updates org.sonarsource.scanner.maven:sonar-maven-plugin from 4.0.0.4121 to 5.0.0.4389

Release notes

Sourced from org.sonarsource.scanner.maven:sonar-maven-plugin's releases.

5.0.0.4389

Release notes - Sonar Scanner for Maven - 5.0

Documentation

SCANMAVEN-231 Gather details for a community post about the new scanner JRE provisioning

SCANMAVEN-234 Document env variable `SONAR_SCANNER_JAVA_OPTS` and property `sonar.scanner.javaOpts` as options to tweak analysis runtime

SCANMAVEN-235 Update JRE auto-provisioning section to add the SonarScanner for Maven

SCANMAVEN-239 Update develop.md file for the new dump-plugin

SCANMAVEN-240 Remove outdated URL from pom.xml

Task

SCANMAVEN-229 Add Jira integration

SCANMAVEN-230 Update scanner library to support new bootstrapper

SCANMAVEN-236 Remove obsolete site folder

SCANMAVEN-237 Test sensor context config, system properties, and environment variables passed to the bootstrapped JRE

SCANMAVEN-238 Remove unauthenticated REST API call to SonarQube during IT

SCANMAVEN-246 Bump to version 5.0

SCANMAVEN-248 Add static documentation of the scanner

Improvement

SCANMAVEN-233 The SonarScanner for Maven provides a sane default value for `sonar.java.jdkHome`

SCANMAVEN-243 The SonarScanner for Maven does not try to contact the server when the project is skipped

Commits

• 21bbb41 SCANMAVEN-248 Add static documentation of the scanner (#254)
• 9e77fff SCANMAVEN-239 Update the integration Tests documentation to include the prope...
• b14de4a SCANMAVEN-246 Bump to version 5.0 (#253)
• e6f1ad1 SCANMAVEN-240 Remove outdated URL from pom.xml (#251)
• e4c63dd SCANMAVEN-243 The SonarScanner for Maven does not try to contact the server w...
• 69c0e1a SCANMAVEN-233 check that sonar.java.jdkHome has default value even without ...
• 993000d SCANMAVEN-237 Test sensor context config, system properties, and environment ...
• 52c4e6d SCANMAVEN-238 Remove unauthenticated REST API calls to SonarQube during IT (#...
• 9172a40 SCANMAVEN-236 Remove obsolete site folder (#245)
• 9250838 SCANMAVEN-230 Update scanner library to support new bootstrapper and run 'its...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions