From 0e5279cb0cc536112b96447c1fe5bffa6f10d120 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 7 Jan 2026 10:12:04 +0800
Subject: [PATCH 01/10] chore(deps): bump org.junit:junit-bom from 5.14.1 to
 5.14.2 (#429)

Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 5.14.1 to 5.14.2.
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.1...r5.14.2)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 5.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 1485b55f..7a7e5651 100644
--- a/pom.xml
+++ b/pom.xml
@@ -90,7 +90,7 @@
 		<guava.version>33.5.0-jre</guava.version>
 
 		<!-- testing dependencies versions -->
-		<junit5.version>5.14.1</junit5.version>
+		<junit5.version>5.14.2</junit5.version>
 		<kotest.version>5.9.1</kotest.version>
 	</properties>
 

From d20bc4ee12f2405589071c161dd1a478429fcba5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 7 Jan 2026 10:12:20 +0800
Subject: [PATCH 02/10] chore(deps): bump org.junit:junit-bom from 5.14.1 to
 5.14.2 in /demos (#430)

Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 5.14.1 to 5.14.2.
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.1...r5.14.2)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 5.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 demos/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/demos/pom.xml b/demos/pom.xml
index adf0a4be..0888483a 100644
--- a/demos/pom.xml
+++ b/demos/pom.xml
@@ -22,7 +22,7 @@
 		<demo.module.name/>
 
 		<!-- testing dependencies versions -->
-		<junit5.version>5.14.1</junit5.version>
+		<junit5.version>5.14.2</junit5.version>
 	</properties>
 
 	<modules>

From 4e85195b7f1a6b980f542a91b005f282a8abacd6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 9 Jan 2026 10:06:12 +0800
Subject: [PATCH 03/10] chore(deps): bump
 org.sonatype.central:central-publishing-maven-plugin (#431)

Bumps [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: org.sonatype.central:central-publishing-maven-plugin
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 cffu-bom/pom.xml | 2 +-
 pom.xml          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cffu-bom/pom.xml b/cffu-bom/pom.xml
index cd9e4b4d..151e165d 100644
--- a/cffu-bom/pom.xml
+++ b/cffu-bom/pom.xml
@@ -154,7 +154,7 @@
 						<!-- https://central.sonatype.org/publish/publish-portal-maven/#publishing -->
 						<groupId>org.sonatype.central</groupId>
 						<artifactId>central-publishing-maven-plugin</artifactId>
-						<version>0.9.0</version>
+						<version>0.10.0</version>
 						<extensions>true</extensions>
 						<configuration>
 							<publishingServerId>central</publishingServerId>
diff --git a/pom.xml b/pom.xml
index 7a7e5651..39d28e44 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1090,7 +1090,7 @@
 						<!-- https://central.sonatype.org/publish/publish-portal-maven/#publishing -->
 						<groupId>org.sonatype.central</groupId>
 						<artifactId>central-publishing-maven-plugin</artifactId>
-						<version>0.9.0</version>
+						<version>0.10.0</version>
 						<extensions>true</extensions>
 						<configuration>
 							<publishingServerId>central</publishingServerId>

From e2991dc51a91229fb1a21406ef79df0c0f84e7ee Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 27 Jan 2026 02:06:07 +0800
Subject: [PATCH 04/10] chore(deps): bump org.assertj:assertj-bom from 3.27.6
 to 3.27.7 (#433)

Bumps [org.assertj:assertj-bom](https://github.com/assertj/assertj) from 3.27.6 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.6...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-bom
  dependency-version: 3.27.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 39d28e44..517940df 100644
--- a/pom.xml
+++ b/pom.xml
@@ -148,7 +148,7 @@
 			<dependency>
 				<groupId>org.assertj</groupId>
 				<artifactId>assertj-bom</artifactId>
-				<version>3.27.6</version>
+				<version>3.27.7</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>

From 90d04c3d4bb541b8ba1db54d17a185d34b92dea8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Feb 2026 08:35:50 +0800
Subject: [PATCH 05/10] chore(deps): bump
 org.apache.maven.plugins:maven-compiler-plugin (#434)

Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.14.1 to 3.15.0.
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.14.1...maven-compiler-plugin-3.15.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 517940df..7acfca94 100644
--- a/pom.xml
+++ b/pom.xml
@@ -392,7 +392,7 @@
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-compiler-plugin</artifactId>
-					<version>3.14.1</version>
+					<version>3.15.0</version>
 					<configuration>
 						<!-- https://maven.apache.org/plugins/maven-compiler-plugin/compile-mojo.html#compilerArgs -->
 						<compilerArgs>

From c80598b90f32f2a8987c308ba826557a34488f55 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Feb 2026 08:36:12 +0800
Subject: [PATCH 06/10] chore(deps): bump
 org.apache.maven.plugins:maven-compiler-plugin (#435)

Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.14.1 to 3.15.0.
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.14.1...maven-compiler-plugin-3.15.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 demos/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/demos/pom.xml b/demos/pom.xml
index 0888483a..0a72346d 100644
--- a/demos/pom.xml
+++ b/demos/pom.xml
@@ -114,7 +114,7 @@
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-compiler-plugin</artifactId>
-					<version>3.14.1</version>
+					<version>3.15.0</version>
 					<configuration>
 						<!-- https://maven.apache.org/plugins/maven-compiler-plugin/compile-mojo.html#compilerArgs -->
 						<compilerArgs>

From 6e366ddd317526db55be2768e04708199b1b088b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 5 Feb 2026 23:30:02 +0800
Subject: [PATCH 07/10] chore(deps): bump kotlin.version from 2.3.0 to 2.3.10
 in /demos (#437)

Bumps `kotlin.version` from 2.3.0 to 2.3.10.

Updates `org.jetbrains.kotlin:kotlin-bom` from 2.3.0 to 2.3.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.0...v2.3.10)

Updates `org.jetbrains.kotlin:kotlin-maven-plugin` from 2.3.0 to 2.3.10

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlin:kotlin-bom
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.jetbrains.kotlin:kotlin-maven-plugin
  dependency-version: 2.3.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 demos/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/demos/pom.xml b/demos/pom.xml
index 0a72346d..41269124 100644
--- a/demos/pom.xml
+++ b/demos/pom.xml
@@ -14,7 +14,7 @@
 		<project.reporting.outputEncoding>${project.build.sourceEncoding}</project.reporting.outputEncoding>
 		<maven.deploy.skip>true</maven.deploy.skip>
 
-		<kotlin.version>2.3.0</kotlin.version>
+		<kotlin.version>2.3.10</kotlin.version>
 		<kotlin.compiler.jvmTarget>${maven.compiler.source}</kotlin.compiler.jvmTarget>
 
 		<!-- overridden by submodule -->

From acb8f5d8e29caf202c4ddd85e7d5571de4bb9751 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 5 Feb 2026 23:30:31 +0800
Subject: [PATCH 08/10] chore(deps): bump kotlin.version from 2.3.0 to 2.3.10
 (#436)

Bumps `kotlin.version` from 2.3.0 to 2.3.10.

Updates `org.jetbrains.kotlin:kotlin-bom` from 2.3.0 to 2.3.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.0...v2.3.10)

Updates `org.jetbrains.kotlin:kotlin-maven-plugin` from 2.3.0 to 2.3.10

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlin:kotlin-bom
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.jetbrains.kotlin:kotlin-maven-plugin
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 7acfca94..8a60d73b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -82,7 +82,7 @@
 		<jsr305.version>3.0.2</jsr305.version>
 		<jetbrains.annotations.version>26.0.2-1</jetbrains.annotations.version>
 
-		<kotlin.version>2.3.0</kotlin.version>
+		<kotlin.version>2.3.10</kotlin.version>
 
 		<slf4j.version>2.0.17</slf4j.version>
 		<log4j2.version>2.25.3</log4j2.version>

From fc72b2e611205cedd86364497fa01e2c8c7a7bc0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 11 Feb 2026 10:52:09 +0800
Subject: [PATCH 09/10] chore(deps-dev): bump
 org.apache.maven.plugins:maven-dependency-plugin (#438)

Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.9.0...maven-dependency-plugin-3.10.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-version: 3.10.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 8a60d73b..a475686e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -469,7 +469,7 @@
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-dependency-plugin</artifactId>
-					<version>3.9.0</version>
+					<version>3.10.0</version>
 				</plugin>
 				<plugin>
 					<groupId>io.github.git-commit-id</groupId>

From 92551e8c8ad09b3bcfec88668a848c0ac74ae7ef Mon Sep 17 00:00:00 2001
From: Cursor Agent <cursoragent@cursor.com>
Date: Wed, 11 Feb 2026 18:18:42 +0000
Subject: [PATCH 10/10] fix: drain queued tasks after synchronous executor runs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: 李鼎 <oldratlee@gmail.com>
---
 .../cffu2/ConcurrencyLimitExecutor.java       | 25 +++++++++++++++----
 .../cffu2/ConcurrencyLimitExecutorTest.kt     |  8 +++---
 2 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/cffu-core/src/main/java/io/foldright/cffu2/ConcurrencyLimitExecutor.java b/cffu-core/src/main/java/io/foldright/cffu2/ConcurrencyLimitExecutor.java
index 810c52c9..981cdb70 100644
--- a/cffu-core/src/main/java/io/foldright/cffu2/ConcurrencyLimitExecutor.java
+++ b/cffu-core/src/main/java/io/foldright/cffu2/ConcurrencyLimitExecutor.java
@@ -7,7 +7,6 @@
 import java.util.ArrayDeque;
 import java.util.Deque;
 import java.util.concurrent.Executor;
-import java.util.concurrent.RejectedExecutionException;
 import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReentrantLock;
 
@@ -58,10 +57,6 @@ public void execute(Runnable command) {
         //       so no need to declare it as type AtomicBoolean for thread safety.
         final boolean[] locking = {true};
         try {
-            if (syncRunnerCount >= maxConcurrency) throw new RejectedExecutionException("reject new task:"
-                    + " synchronous running task(s) (i.e. CallerRunsPolicy) already occupy"
-                    + " all concurrency slot(s) of " + ConcurrencyLimitExecutor.this);
-
             queue.add(command);
             if (workerCount >= maxConcurrency) return;
 
@@ -93,13 +88,19 @@ private void syncRun() {
                     try {
                         command.run();
                     } finally {
+                        boolean scheduleAsyncWorker = false;
                         lock.lock();
                         try {
                             workerCount--;
                             syncRunnerCount--;
+                            if (!queue.isEmpty() && workerCount < maxConcurrency) {
+                                incrementWorkerCount();
+                                scheduleAsyncWorker = true;
+                            }
                         } finally {
                             lock.unlock();
                         }
+                        if (scheduleAsyncWorker) submitAsyncWorkerAfterSyncRun();
                     }
                 }
 
@@ -154,6 +155,20 @@ private void asyncWork() {
         }
     }
 
+    private void submitAsyncWorkerAfterSyncRun() {
+        try {
+            executor.execute(this::asyncWork);
+        } catch (Throwable e) {
+            lock.lock();
+            try {
+                workerCount--;
+            } finally {
+                lock.unlock();
+            }
+            logUncaughtException(ERROR, super.toString() + "#submitAsyncWorkerAfterSyncRun", e);
+        }
+    }
+
     @GuardedBy("lock")
     private void incrementWorkerCount() {
         workerCount++;
diff --git a/cffu-core/src/test/java/io/foldright/cffu2/ConcurrencyLimitExecutorTest.kt b/cffu-core/src/test/java/io/foldright/cffu2/ConcurrencyLimitExecutorTest.kt
index b0b1f909..c3a40d51 100644
--- a/cffu-core/src/test/java/io/foldright/cffu2/ConcurrencyLimitExecutorTest.kt
+++ b/cffu-core/src/test/java/io/foldright/cffu2/ConcurrencyLimitExecutorTest.kt
@@ -157,12 +157,10 @@ class ConcurrencyLimitExecutorTest : FunSpec({
     }
 
     /**
-     * ❗❗ TODO: Due to the limitation in the current ConcurrencyLimitExecutor implementation,
-     * if all tasks execute synchronously,
-     *  - the remaining tasks in the work queue cannot be executed!
-     *  - the task execution is only triggered by task submission.
+     * Regression test: when all submitted tasks execute synchronously at the base executor,
+     * queued tasks must still be drained after synchronous runners complete.
      */
-    test("sync execution at MoreExecutors.directExecutor(), multi-threaded submission").config(enabled = false) {
+    test("sync execution at MoreExecutors.directExecutor(), multi-threaded submission") {
         val concurrencyLimitExecutor = ConcurrencyLimitExecutor(3, MoreExecutors.directExecutor())
 
         val concurrencyChecker = ConcurrencyChecker(3)