Skip to content

Bump the minor-and-patch group across 1 directory with 8 updates#233

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/minor-and-patch-6aa801a5c0
Open

Bump the minor-and-patch group across 1 directory with 8 updates#233
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/minor-and-patch-6aa801a5c0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026

Bumps the minor-and-patch group with 8 updates in the / directory:

Package From To
com.puppycrawl.tools:checkstyle 13.3.0 13.4.0
com.fasterxml.jackson:jackson-bom 2.21.1 2.21.2
com.google.guava:guava 33.5.0-jre 33.6.0-jre
org.apache.logging.log4j:log4j-api 2.25.3 2.25.4
org.apache.logging.log4j:log4j-core 2.25.3 2.25.4
org.apache.logging.log4j:log4j-slf4j2-impl 2.25.3 2.25.4
org.codehaus.woodstox:stax2-api 4.2.2 4.3.0
com.google.protobuf:protobuf-java 4.34.0 4.34.1

Updates com.puppycrawl.tools:checkstyle from 13.3.0 to 13.4.0

Release notes

Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-13.4.0

Checkstyle 13.4.0 - https://checkstyle.org/releasenotes.html#Release_13.4.0

Breaking backward compatibility:

#8315 - Improve violation message of ImportOrder

New:

#17565 - Line break must be present after { of non-empty block in switch rule #18065 - New Check: IllegalSymbol to forbit emoj in code

Bug fixes:

#18228 - False-positive: Suppress indentation check when quotes start at the left margin #17137 - UnnecessaryNullCheckWithInstanceOf ignores redundant null check for complex cases. #17842 - False-negative: Member names with underscores

... (truncated)

Commits
  • ad2d2d2 [maven-release-plugin] prepare release checkstyle-13.4.0
  • ac969f5 doc: release notes for 13.4.0
  • b96d1c3 Issue #15456: Define violation messages for JavadocTagContinuationIndentation
  • d47cde5 Issue #11163: Enforce file size on InputNeedBracesTestSwitchExpression
  • bbb00f9 Issue #16361: add comment on testAddException
  • 601213d Issue #12721: add Buildkite CI with mvn verify
  • 95cecf8 dependency: bump org.openrewrite.recipe:rewrite-migrate-java
  • 92dcd3d dependency: bump pmd.version from 7.22.0 to 7.23.0
  • ab7a33c Issue #16361: Refactor testNewCtor
  • 70cab66 Issue #16361: Add explanatory comment for testReadResourceWithInvalidName
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson:jackson-bom from 2.21.1 to 2.21.2

Commits
  • 10e12a5 [maven-release-plugin] prepare release jackson-bom-2.21.2
  • d754903 Prep for 2.21.2 release
  • 63e1b3b Post-release dep version bump
  • 716ab0d [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Updates com.google.guava:guava from 33.5.0-jre to 33.6.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.6.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.6.0-jre</version>
  <!-- or, for Android: -->
  <version>33.6.0-android</version>
</dependency>

Jar files

Guava requires one runtime dependency, which you can download here:

Javadoc

JDiff

Changelog

  • Migrated some classes from finalize() to PhantomReference in preparation for the removal of finalization. (786b619dd6, 7c6b17c, aeef90988d)
  • cache: Deprecated CacheBuilder APIs that use TimeUnit in favor of those that use Duration. (73f8b0bb84)
  • collect: Added toImmutableSortedMap collectors that use the natural comparator. (64d70b9f94)
  • collect: Changed ConcurrentHashMultiset, ImmutableMap and TreeMultiset deserialization to avoid mutating final fields. In extremely unlikely scenarios in which an instance of that type contains an object that refers back to that instance, this could lead to a broken instance that throws NullPointerException when used. (8240c7e596, 046468055f)
  • graph: Removed @Beta from all APIs in the package. (dae9566b73)
  • graph: Added support to Graphs.transitiveClosure() for different strategies for adding self-loops. (2e13df25b2)
  • graph: Added an asNetwork() view to Graph and ValueGraph. (909c593c61)
  • hash: Added BloomFilter.serializedSize(). (df9bcc251a)
  • net: Added HttpHeaders.CDN_CACHE_CONTROL. (75331b5030)
Commits

Updates org.apache.logging.log4j:log4j-api from 2.25.3 to 2.25.4

Updates org.apache.logging.log4j:log4j-core from 2.25.3 to 2.25.4

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.25.3 to 2.25.4

Updates org.apache.logging.log4j:log4j-core from 2.25.3 to 2.25.4

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.25.3 to 2.25.4

Updates org.codehaus.woodstox:stax2-api from 4.2.2 to 4.3.0

Commits
  • 92c7525 [maven-release-plugin] prepare release stax2-api-4.3.0
  • 7b962fc Merge pull request #35 from FasterXML/tatu/4.3/34-java8-baseline
  • e14a205 Fix #34: increase Java baseline to Java 8 (from 6)
  • edd4992 Fix CI deprecation warning
  • 97fd521 Update Maven wrapper
  • 3280734 Update to 4.3.0-SNAPSHOT
  • 35ccd37 Merge pull request #33 from winfriedgerlach/fix-expand-bug-in-Array-decoders
  • 84b2fc8 Update release notes
  • 6e4752d fix indentation
  • 1082731 fix: ArrayDecoders can run into ArrayIndexOutOfBoundsException when start != 0
  • Additional commits viewable in compare view

Updates com.google.protobuf:protobuf-java from 4.34.0 to 4.34.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the minor-and-patch group across 1 directory with 8 updates
c4530e5 
Bumps the minor-and-patch group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) | `13.3.0` | `13.4.0` |
| [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.21.1` | `2.21.2` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.5.0-jre` | `33.6.0-jre` |
| org.apache.logging.log4j:log4j-api | `2.25.3` | `2.25.4` |
| org.apache.logging.log4j:log4j-core | `2.25.3` | `2.25.4` |
| org.apache.logging.log4j:log4j-slf4j2-impl | `2.25.3` | `2.25.4` |
| [org.codehaus.woodstox:stax2-api](https://github.com/FasterXML/stax2-api) | `4.2.2` | `4.3.0` |
| [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) | `4.34.0` | `4.34.1` |



Updates `com.puppycrawl.tools:checkstyle` from 13.3.0 to 13.4.0
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- [Commits](checkstyle/checkstyle@checkstyle-13.3.0...checkstyle-13.4.0)

Updates `com.fasterxml.jackson:jackson-bom` from 2.21.1 to 2.21.2
- [Commits](FasterXML/jackson-bom@jackson-bom-2.21.1...jackson-bom-2.21.2)

Updates `com.google.guava:guava` from 33.5.0-jre to 33.6.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.apache.logging.log4j:log4j-api` from 2.25.3 to 2.25.4

Updates `org.apache.logging.log4j:log4j-core` from 2.25.3 to 2.25.4

Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.3 to 2.25.4

Updates `org.apache.logging.log4j:log4j-core` from 2.25.3 to 2.25.4

Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.3 to 2.25.4

Updates `org.codehaus.woodstox:stax2-api` from 4.2.2 to 4.3.0
- [Commits](FasterXML/stax2-api@stax2-api-4.2.2...stax2-api-4.3.0)

Updates `com.google.protobuf:protobuf-java` from 4.34.0 to 4.34.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-version: 13.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: com.google.guava:guava
  dependency-version: 33.6.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.apache.logging.log4j:log4j-api
  dependency-version: 2.25.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-version: 2.25.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl
  dependency-version: 2.25.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-version: 2.25.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl
  dependency-version: 2.25.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.codehaus.woodstox:stax2-api
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.google.protobuf:protobuf-java
  dependency-version: 4.34.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Apr 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants