[12.1.x EE9] Bump the dev-dependencies group across 1 directory with 31 updates by dependabot[bot] · Pull Request #15341 · jetty/jetty.project

dependabot · 2026-06-27T00:17:37Z

Bumps the dev-dependencies group with 30 updates in the /jetty-ee9 directory:

Package	From	To
org.glassfish.jersey.containers:jersey-container-servlet	`3.0.17`	`3.1.0`
org.glassfish.jersey.inject:jersey-hk2	`3.0.17`	`3.1.0`
org.glassfish.jersey.media:jersey-media-json-binding	`3.0.17`	`3.1.0`
org.ow2.asm:asm	`9.10`	`9.10.1`
org.ow2.asm:asm-commons	`9.10`	`9.10.1`
org.ow2.asm:asm-bom	`9.10`	`9.10.1`
net.java.dev.jna:jna	`5.18.1`	`5.19.1`
net.java.dev.jna:jna-jpms	`5.18.1`	`5.19.1`
org.mariadb.jdbc:mariadb-java-client	`3.5.8`	`3.5.9`
org.apache.openwebbeans:openwebbeans-jetty9	`2.0.27`	`2.0.28`
org.apache.openwebbeans:openwebbeans-web	`2.0.27`	`2.0.28`
com.fasterxml.jackson:jackson-bom	`2.21.3`	`2.22.0`
io.netty:netty-bom	`4.2.13.Final`	`4.2.15.Final`
org.hibernate.search:hibernate-search-bom	`8.3.1.Final`	`8.4.0.Final`
org.junit:junit-bom	`6.0.3`	`6.1.0`
ch.qos.logback:logback-core	`1.5.32`	`1.5.37`
com.github.jnr:jffi	`1.3.15`	`1.4.0`
io.grpc:grpc-core	`1.81.0`	`1.82.1`
io.grpc:grpc-netty-shaded	`1.81.0`	`1.82.1`
io.smallrye.common:smallrye-common-annotation	`2.18.1`	`2.19.0`
io.smallrye.common:smallrye-common-cpu	`2.18.1`	`2.19.0`
org.apache.kerby:kerb-simplekdc	`2.1.1`	`2.1.2`
org.codehaus.plexus:plexus-classworlds	`2.11.0`	`2.12.0`
org.eclipse.jdt:ecj	`3.45.0`	`3.46.0`
org.hibernate.models:hibernate-models	`1.1.1`	`1.2.0`
org.mortbay.jetty.quiche:jetty-quiche-native	`0.29.1`	`0.29.2`
eu.maveniverse.maven.njord:extension3	`0.9.6`	`0.9.9`
eu.maveniverse.maven.plugins:njord	`0.9.6`	`0.9.9`
org.apache.maven.extensions:maven-build-cache-extension	`1.2.2`	`1.2.3`
org.cyclonedx:cyclonedx-maven-plugin	`2.9.1`	`2.9.2`

Updates org.glassfish.jersey.containers:jersey-container-servlet from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.inject:jersey-hk2 from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.media:jersey-media-json-binding from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.inject:jersey-hk2 from 3.0.17 to 3.1.0

Updates org.glassfish.jersey.media:jersey-media-json-binding from 3.0.17 to 3.1.0

Updates org.ow2.asm:asm from 9.10 to 9.10.1

Updates org.ow2.asm:asm-commons from 9.10 to 9.10.1

Updates org.ow2.asm:asm-bom from 9.10 to 9.10.1

Updates org.ow2.asm:asm-commons from 9.10 to 9.10.1

Updates net.java.dev.jna:jna from 5.18.1 to 5.19.1

Changelog

Sourced from net.java.dev.jna:jna's changelog.

Release 5.19.1

Bug Fixes

#1730: Replace usage of MethodHandle with reflection to restore support for older Android releases - @matthiasblaesing.

Release 5.19.0

Features

#1696: Add LARGE_INTEGER.ByValue to LARGE_INTEGER in WinNT.java - @baier233.

#1697: Add WlanApi module - @eranl.

#1718: Add Cups to c.s.j.p.unix providing CUPS printing system bindings for destinations, jobs, options, and server configuration - @dbwiddis.

#1720: Add groupCount and groupMasks fields to CACHE_RELATIONSHIP in c.s.j.p.win32.WinNT, matching the updated Windows struct layout - @dbwiddis.

#1719: Add CoreGraphics to c.s.j.p.mac with Quartz Window Services and Display Services bindings; implement getAllWindows() in MacWindowUtils - @dbwiddis.

#1723: Add ProcFdInfo, InSockInfo, TcpSockInfo, proc_pidfdinfo, statfs64, and vm_deallocate to c.s.j.p.mac.SystemB - @dbwiddis.

#1725: Add BluetoothApis to c.s.j.p.win32 providing Bluetooth device and radio enumeration via BluetoothFindFirstRadio, BluetoothFindFirstDevice, and related functions - @dbwiddis.

Bug Fixes

#1644: Fix bug in VARDESC and TYPEDESC causing an illegal memory access - @lwahonen

#1715: Fix UdevDevice.getSysname() calling udev_device_get_syspath instead of udev_device_get_sysname - @dbwiddis.

#1721: Fix switched serverName/domainName arguments in Netapi32Util#getDCName - @dbwiddis.

#1722: Fix Advapi32#RegisterServiceCtrlHandler using wrong Handler type - @dbwiddis.

#1636: Drop hard dependency on java.lang.SecurityManager/java.security.AccessController - @matthiasblaesing.

#1724: Fix host_page_size in c.s.j.p.mac.SystemB and getxattr/setxattr/listxattr in c.s.j.p.mac.XAttr using long instead of pointer-sized types for size_t/ssize_t parameters - @dbwiddis.

#1727: Include DragonFlyBSD in NativeLibrary versioned library resolution, libc special-case loading, and 64-bit search paths - @dbwiddis.

#1709: Rebuild native library for OpenBSD 7.9 x86-64, drop OpenBSD x86 - @matthiasblaesing.

Commits

1a91122 Release 5.19.1
cbfcb4a Merge pull request #1731 from matthiasblaesing/ancient_android
4ba086b Restore support for Android versions not supporting MethodHandles
699935f Merge pull request #1729 from thesamesam/parallel-fix
3fe4cb5 native: fix parallel build issue
01c7807 Prepare next development iteration
9ff1381 Release 5.19.0
2d038ef Merge pull request #1726 from matthiasblaesing/openbsd
eecab35 Update native built for OpenBSD 7.9 (x86-64 only)
f670868 Merge pull request #1727 from dbwiddis/fix/dragonflybsd-library-loading
Additional commits viewable in compare view

Updates net.java.dev.jna:jna-jpms from 5.18.1 to 5.19.1

Changelog

Sourced from net.java.dev.jna:jna-jpms's changelog.

Release 5.19.1

Bug Fixes

#1730: Replace usage of MethodHandle with reflection to restore support for older Android releases - @matthiasblaesing.

Release 5.19.0

Features

#1696: Add LARGE_INTEGER.ByValue to LARGE_INTEGER in WinNT.java - @baier233.

#1697: Add WlanApi module - @eranl.

#1718: Add Cups to c.s.j.p.unix providing CUPS printing system bindings for destinations, jobs, options, and server configuration - @dbwiddis.

#1720: Add groupCount and groupMasks fields to CACHE_RELATIONSHIP in c.s.j.p.win32.WinNT, matching the updated Windows struct layout - @dbwiddis.

#1719: Add CoreGraphics to c.s.j.p.mac with Quartz Window Services and Display Services bindings; implement getAllWindows() in MacWindowUtils - @dbwiddis.

#1723: Add ProcFdInfo, InSockInfo, TcpSockInfo, proc_pidfdinfo, statfs64, and vm_deallocate to c.s.j.p.mac.SystemB - @dbwiddis.

#1725: Add BluetoothApis to c.s.j.p.win32 providing Bluetooth device and radio enumeration via BluetoothFindFirstRadio, BluetoothFindFirstDevice, and related functions - @dbwiddis.

Bug Fixes

#1644: Fix bug in VARDESC and TYPEDESC causing an illegal memory access - @lwahonen

#1715: Fix UdevDevice.getSysname() calling udev_device_get_syspath instead of udev_device_get_sysname - @dbwiddis.

#1721: Fix switched serverName/domainName arguments in Netapi32Util#getDCName - @dbwiddis.

#1722: Fix Advapi32#RegisterServiceCtrlHandler using wrong Handler type - @dbwiddis.

#1636: Drop hard dependency on java.lang.SecurityManager/java.security.AccessController - @matthiasblaesing.

#1724: Fix host_page_size in c.s.j.p.mac.SystemB and getxattr/setxattr/listxattr in c.s.j.p.mac.XAttr using long instead of pointer-sized types for size_t/ssize_t parameters - @dbwiddis.

#1727: Include DragonFlyBSD in NativeLibrary versioned library resolution, libc special-case loading, and 64-bit search paths - @dbwiddis.

#1709: Rebuild native library for OpenBSD 7.9 x86-64, drop OpenBSD x86 - @matthiasblaesing.

Commits

1a91122 Release 5.19.1
cbfcb4a Merge pull request #1731 from matthiasblaesing/ancient_android
4ba086b Restore support for Android versions not supporting MethodHandles
699935f Merge pull request #1729 from thesamesam/parallel-fix
3fe4cb5 native: fix parallel build issue
01c7807 Prepare next development iteration
9ff1381 Release 5.19.0
2d038ef Merge pull request #1726 from matthiasblaesing/openbsd
eecab35 Update native built for OpenBSD 7.9 (x86-64 only)
f670868 Merge pull request #1727 from dbwiddis/fix/dragonflybsd-library-loading
Additional commits viewable in compare view

Updates org.mariadb.jdbc:mariadb-java-client from 3.5.8 to 3.5.9

Release notes

Sourced from org.mariadb.jdbc:mariadb-java-client's releases.

MariaDB Connector/Java 3.5.9

3.5.9 (Jun 2026)

Full Changelog

Key Enhancements

CONJ-1223 - cache TLS trust/key managers across connections to reduce SSL connection cost

CONJ-1314 - add SPI for interactive dialog (PAM) authentication callback

CONJ-1311 - add dedicated option useIpForKillQuery for query cancellation

CONJ-1310 - Add full native image support and CI coverage

Issues Resolved

CONJ-1320 - PAM (dialog) authentication must require a secure connection (report by fg0x0)

CONJ-1319 - Use constant-time comparison when validating the server certificate fingerprint (report by jmestwa-coder)

CONJ-1318 - enforce allowLocalInfile=false on the server's local-infile request, so a malicious server cannot read a client file despite the option being disabled

CONJ-1322 - match local infile filename case-sensitively (thanks to jmestwa-coder)

CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)

CONJ-1315 - cap BigDecimal/BigInteger string parsing length to prevent CPU exhaustion if MitM (report by tonghuaroot)

CONJ-1317 - ensure non-UTF8 charset cannot be used for protocol exchanges (report by fg0x0)

CONJ-1304 - CallableStatement parameter metadata read from mysql.proc, with MySQL info_schema fallback

CONJ-1299 - keep VALUES literals after the last placeholder when rewriting batches

CONJ-1313 - race condition in HaMode#getAvailableHostInOrder can cause NPE

CONJ-1311 - Connection.cancelCurrentQuery fails with SslMode.VERIFY_FULL when client socket IP is set

CONJ-1264 - handle LocalDateTime as a zoneless wall-clock value

CONJ-1316 - pin Locale.ROOT on locale-sensitive call sites and date/time/Duration text formatting (fixes locale-dependent parsing/formatting, e.g. under tr_TR) (thanks to jmestwa-coder)

CONJ-1324 - fix SQL parser to correctly handle '--' in expressions and reset lastChar after block comments

CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)

Changelog

Sourced from org.mariadb.jdbc:mariadb-java-client's changelog.

3.5.9 (Jun 2026)

Full Changelog

Key Enhancements

CONJ-1223 - cache TLS trust/key managers across connections to reduce SSL connection cost

CONJ-1314 - add SPI for interactive dialog (PAM) authentication callback

CONJ-1311 - add dedicated option useIpForKillQuery for query cancellation

CONJ-1310 - Add full native image support and CI coverage

Issues Resolved

CONJ-1320 - PAM (dialog) authentication must require a secure connection (report by fg0x0)

CONJ-1319 - Use constant-time comparison when validating the server certificate fingerprint (report by jmestwa-coder)

CONJ-1318 - enforce allowLocalInfile=false on the server's local-infile request, so a malicious server cannot read a client file despite the option being disabled

CONJ-1322 - match local infile filename case-sensitively (thanks to jmestwa-coder)

CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)

CONJ-1315 - cap BigDecimal/BigInteger string parsing length to prevent CPU exhaustion if MitM (report by tonghuaroot)

CONJ-1317 - ensure non-UTF8 charset cannot be used for protocol exchanges (report by fg0x0)

CONJ-1304 - CallableStatement parameter metadata read from mysql.proc, with MySQL info_schema fallback

CONJ-1299 - keep VALUES literals after the last placeholder when rewriting batches

CONJ-1313 - race condition in HaMode#getAvailableHostInOrder can cause NPE

CONJ-1311 - Connection.cancelCurrentQuery fails with SslMode.VERIFY_FULL when client socket IP is set

CONJ-1264 - handle LocalDateTime as a zoneless wall-clock value

CONJ-1316 - pin Locale.ROOT on locale-sensitive call sites and date/time/Duration text formatting (fixes locale-dependent parsing/formatting, e.g. under tr_TR) (thanks to jmestwa-coder)

CONJ-1324 - fix SQL parser to correctly handle '--' in expressions and reset lastChar after block comments

CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)

CONJ-1318 - allowLocalInfile=false does not block LOAD DATA LOCAL INFILE against a malicious server (thanks to tharavel)

3.4.3 (Jun 2026)

Full Changelog

Bugs Fixed

CONJ-1315 - cap BigDecimal/BigInteger string parsing length to prevent CPU exhaustion if Mitm (report by tonghuaroot)

CONJ-1316 - pin Locale.ROOT on locale-sensitive call sites and date/time/Duration text formatting (fixes locale-dependent parsing/formatting, e.g. under tr_TR) (thanks to jmestwa-coder)

CONJ-1259 - DatabaseMetaData read-only detection: handle MariaDB 12.0 @@read_only returning ON/OFF instead of 1/0

CONJ-1317 - ensure non-UTF8 charset cannot be used for protocol exchanges (report by fg0x0)

CONJ-1320 - PAM (dialog) authentication now requires a secure connection (TLS or unix socket), like mysql_clear_password (report by fg0x0)

CONJ-1319 - use constant-time comparison when validating the server certificate fingerprint (thanks to jmestwa-coder)

CONJ-1322 - match local infile filename case-sensitively (thanks to jmestwa-coder)

CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)

CONJ-1318 - allowLocalInfile=false does not block LOAD DATA LOCAL INFILE against a malicious server (thanks to tharavel)

3.3.5 (Jun 2026)

... (truncated)

Commits

df4ebe2 [misc] enhance TcpProxy and TcpProxySocket for improved thread safety and con...
687c840 [misc] update environment variable for Maxscale version
4466ad6 [misc] test stability improvement : update proxy close method in PooledConnec...
1e29819 [misc] update README version
da297f1 Merge branch 'develop'
83d3da9 [misc] Update CHANGELOG
e39e8b9 match local infile filename case-sensitively
d90b987 [misc] Implement secure authentication checks and add regression tests for cr...
f4a727c [CONJ-1320] PAM (dialog) authentication must require a secure connection
a87c711 [misc] update CHANGELOG
Additional commits viewable in compare view

Updates org.apache.openwebbeans:openwebbeans-jetty9 from 2.0.27 to 2.0.28

Commits

09181d5 [maven-release-plugin] prepare release openwebbeans-2.0.28
ab45ce6 fix(#OWB-1450): Interceptor proxy memory leak. Add caching at an higher level
f93bfea fix(#OWB-1450): remove non working cache on proxies per AT
cdc9a57 fix: maven dependency to Gradle not found and NPE in previous plugin version
3feacc6 Merge pull request #127 from jgallimore/owb_2.0.x-owb-cdi-junit
129a538 OWB-1448 remove wildcard import
9bbd3f7 OWB-1448 rework following feedback
eb4b4c6 OWB-1448 removing left over e.printStackTrace()
41a5596 OWB-1448 Fix Issue with Cdi annotation and alternatives
0376bd7 upgrade to apache-parent 29
Additional commits viewable in compare view

Updates org.apache.openwebbeans:openwebbeans-web from 2.0.27 to 2.0.28

Commits

09181d5 [maven-release-plugin] prepare release openwebbeans-2.0.28
ab45ce6 fix(#OWB-1450): Interceptor proxy memory leak. Add caching at an higher level
f93bfea fix(#OWB-1450): remove non working cache on proxies per AT
cdc9a57 fix: maven dependency to Gradle not found and NPE in previous plugin version
3feacc6 Merge pull request #127 from jgallimore/owb_2.0.x-owb-cdi-junit
129a538 OWB-1448 remove wildcard import
9bbd3f7 OWB-1448 rework following feedback
eb4b4c6 OWB-1448 removing left over e.printStackTrace()
41a5596 OWB-1448 Fix Issue with Cdi annotation and alternatives
0376bd7 upgrade to apache-parent 29
Additional commits viewable in compare view

Updates org.apache.openwebbeans:openwebbeans-web from 2.0.27 to 2.0.28

Commits

09181d5 [maven-release-plugin] prepare release openwebbeans-2.0.28
ab45ce6 fix(#OWB-1450): Interceptor proxy memory leak. Add caching at an higher level
f93bfea fix(#OWB-1450): remove non working cache on proxies per AT
cdc9a57 fix: maven dependency to Gradle not found and NPE in previous plugin version
3feacc6 Merge pull request #127 from jgallimore/owb_2.0.x-owb-cdi-junit
129a538 OWB-1448 remove wildcard import
9bbd3f7 OWB-1448 rework following feedback
eb4b4c6 OWB-1448 removing left over e.printStackTrace()
41a5596 OWB-1448 Fix Issue with Cdi annotation and alternatives
0376bd7 upgrade to apache-parent 29
Additional commits viewable in compare view

Updates com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0

Commits

112e859 [maven-release-plugin] prepare release jackson-bom-2.22.0
2cae2ce Prep for 2.22.0 release
7955d21 Merge branch '2.21' into 2.x
8922a05 Post-release dep version bump
1fa9943 [maven-release-plugin] prepare for next development iteration
d1abd31 [maven-release-plugin] prepare release jackson-bom-2.21.4
2aaea43 Prep for 2.21.4 release
902ec69 Update Woodstox/stax2-api (to 7.2.0/4.3.0)
2570647 Merge branch '2.21' into 2.x
9d3a9d5 Post-release dep version bump
Additional commits viewable in compare view

Updates io.netty:netty-bom from 4.2.13.Final to 4.2.15.Final

Release notes

Sourced from io.netty:netty-bom's releases.

netty-4.2.15.Final

Security fixes

CVE-2026-48059: memory exhaustion in io.netty:netty-codec-haproxy (high).

CVE-2026-47691: DNS cache poisoning in io.netty:netty-resolver-dns (high).

CVE-2026-50560: DDoS in io.netty:netty-codec-http2.

CVE-2026-50011: memory exhaustion in io.netty:netty-codec-redis (high).

CVE-2026-44250: memory exhaustion in io.netty:netty-codec-redis (high).

CVE-2026-44890: memory exhaustion in io.netty:netty-codec-redis (high).

CVE-2026-50009: information disclosure and denial of service in io.netty:netty-codec-classes-quic.

CVE-2026-44249: IPv6 subnet filter bypass in io.netty:netty-handler (high).

CVE-2026-50020: request smuggling in io.netty:netty-codec-http.

CVE-2026-44892: memory exhaustion in io.netty:netty-codec-http3 (high).

CVE-2026-44893: memory leak in io.netty:netty-codec-haproxy (high).

CVE-2026-44894: traffic amplification in io.netty:netty-codec-classes-quic (high).

CVE-2026-50010: TLS hostname verification accidentally disabled in io.netty:netty-handler (high).

CVE-2026-45673: DNS cache poisoning in io.netty:netty-resolver-dns.

CVE-2026-45416: excessive memory usage from SNIHandler in io.netty:netty-handler (high).

CVE-2026-45536: file descriptor leak in io.netty:netty-transport-native-epoll and io.netty:netty-transport-native-kqueue.

CVE-2026-45674: DNS cache poisoning in io.netty:netty-resolver-dns (high).

CVE-2026-46340: memory exhaustion in io.netty:netty-transport-sctp (high).

CVE-2026-47244: denial of service in io.netty:netty-codec-http2.

CVE-2026-48006: memory exhaustion in io.netty:netty-codec-redis (high).

CVE-2026-48748: memory exhaustion in io.netty:netty-codec-http3 (high).

CVE-2026-48043: memory exhaustion in io.netty:netty-codec-http2.

What's Changed

Fix race in io.netty.channel.uring.IoUringIoHandler.wakeup by @dreamlike-ocean in netty/netty#16836

HTTP/2: Parse request-target path like Vert.x by @yawkat in netty/netty#16810

Auto-port 4.2: ChannelInitializer: correct misleading comment on exceptionCaught route by @netty-project-bot in netty/netty#16853

FlowControlHandler: Suppress duplicate channelReadComplete after draining queue (#15053) by @schiemon in netty/netty#16837

Pass maxAllocation to Brotli and Zstd decoders by @fedinskiy in netty/netty#16844

Fix revapi warnings by @chrisvest in netty/netty#16885

Fix SCTP and Redis tests by @chrisvest in netty/netty#16893

Add maxWindowLog parameter to ZstdDecoder to bound memory allocation by @skyguard1 in netty/netty#16850

Auto-port 4.2: MQTT: Reject malformed no-payload packets with non-zero Remaining Length by @netty-project-bot in netty/netty#16890

New Contributors

@schiemon made their first contribution in netty/netty#16837

@fedinskiy made their first contribution in netty/netty#16844

Full Changelog: netty/netty@netty-4.2.14.Final...netty-4.2.15.Final

netty-4.2.14.Final

What's Changed

HTTP: Fix revapi failure introduced by 84530fa81e12dcd1d42310bb20c1385cb44128d8 by @normanmaurer in netty/netty#16748

HTTP: Re-add constructor to HttpProxyHandler that was removed by mistake by @normanmaurer in netty/netty#16747

Marshalling: Explicit document security requirements by @normanmaurer in netty/netty#16752

Fix io_uring op completion TRACE logging by @chrisvest in netty/netty#16755

Quic: Ensure writes are done before notify close promise of QuicheQui… by @normanmaurer in netty/netty#16758

Avoid re-parsing openssl key material with non-cached provider by @chrisvest in netty/netty#16759

... (truncated)

Commits

a41f7b2 [maven-release-plugin] prepare release netty-4.2.15.Final
2394530 Auto-port 4.2: MQTT: Reject malformed no-payload packets with non-zero Remain...
0bd1657 Add maxWindowLog parameter to ZstdDecoder to bound memory allocation (#16850)
76291f5 Fix SCTP and Redis tests (#16893)
e067b6e Fix revapi warnings (#16885)
5a52600 Pass maxAllocation to Brotli and Zstd decoders (#16844)
541add0 Merge commit from fork
270800e Merge commit from fork
3d45a1e Merge commit from fork
75127ca Merge commit from fork
Additional commits viewable in compare view

Updates org.hibernate.search:hibernate-search-bom from 8.3.1.Final to 8.4.0.Final

Release notes

Sourced from org.hibernate.search:hibernate-search-bom's releases.

Release 8.4.0.Final

Hibernate Search 8.4.0.Final released

We are pleased to announce the release of Hibernate Search 8.4: 8.4.0.Final.

You can find the full list of 8.4.0.Final changes here.

What's new

See the website for requirements and compatibilities.

See the What's New guide for details about new features and capabilities.

Conclusion

For additional details, see:

the release page

the Migration Guide

the ORM Getting Started Guide

the Standalone Getting Started Guide

the Reference Guide

the API docs

Visit the website for details on getting in touch with us.

Release 8.4.0.CR1

Hibernate Search 8.4.0.CR1 released

We are pleased to announce the release of Hibernate Search 8.4: 8.4.0.CR1.

You can find the full list of 8.4.0.CR1 changes here.

What's new

See the website for requirements and compatibilities.

See the What's New guide for details about new features and capabilities.

Conclusion

For additional details, see:

the release page

the Migration Guide

the ORM Getting Started Guide

the Standalone Getting Started Guide

the Reference Guide

... (truncated)

Changelog

Sourced from org.hibernate.search:hibernate-search-bom's changelog.

8.4.0.Final (2026-05-27)

Full changelog

Improvement

HSEARCH-5630 - Update to Hibernate ORM 7.4.0.Final

HSEARCH-5629 - Use Maven 3.9.16 as a required minimum version for the build

HSEARCH-5627 - Switch from the Search session holder to a Hibernate ORM session extension

HSEARCH-5626 - Update Elasticsearch client (elasticsearch-rest-client) to 9.4.1

HSEARCH-5625 - Test against latest Elasticsearch 9.4.1

HSEARCH-5624 - Update Elasticsearch client (elasticsearch-rest5-client) to 9.4.1

8.4.0.CR1 (2026-05-11)

Full changelog

Bug

HSEARCH-5595 - checkstyle:check is not build cache relocatable due to project resources including the workspace root

Improvement

HSEARCH-5623 - Update to Hibernate ORM 7.4.0.CR1

HSEARCH-5622 - Update Elasticsearch client (elasticsearch-rest5-client) to 9.4.0

HSEARCH-5621 - Update Elasticsearch client (elasticsearch-rest-client) to 9.4.0

HSEARCH-5620 - Add compatibility with Elasticsearch 9.4

HSEARCH-5619 - Upgrade to GSON 2.14.0

HSEARCH-5618 - Update Jackson to 2.21.3

HSEARCH-5617 - Update to AWS SDK 2.44.1

HSEARCH-5616 - Update Elasticsearch client (elasticsearch-rest-client) to 9.3.4

HSEARCH-5613 - Use Maven 3.9.15 as a required minimum version for the build

HSEARCH-5612 - Upgrade to commons-codec 1.22.0

HSEARCH-5611 - Update Apache HTTP Client components to 5.6.1

HSEARCH-5609 - Update Elasticsearch client (elasticsearch-rest-client) to 9.3.3

HSEARCH-5608 - Update Elasticsearch client (elasticsearch-rest5-client) to 9.3.4

HSEARCH-5607 - Update Elasticsearch rest client (opensearch-rest-client) to 3.6.0

HSEARCH-5606 - Add compatibility with OpenSearch 3.6

HSEARCH-5601 - Update to commons-logging to 1.3.6

HSEARCH-5600 - Update Jackson to 2.21.2

HSEARCH-5599 - Update Apache HTTP Core client components to 5.4.2

HSEARCH-5598 - Update Elasticsearch client (elasticsearch-rest-client) to 9.3.2

HSEARCH-5597 - Update Elasticsearch client (elasticsearch-rest5-client) to 9.3.3

Task

HSEARCH-5596 - Use changeDetection config option instead of the deprecated overwrite in maven-resources-plugin

HSEARCH-5280 - Look into OutboxPollingAutomaticIndexingDynamicShardingRebalancingIT#agentJoined test

HSEARCH-5242 - Investigate why building hibernate-search-integrationtest-performance-backend-lucene fails on some envs

8.3.0.Final (2026-03-20)

... (truncated)

Commits

7369a18 [Jenkins release job] Preparing release 8.4.0.Final
4e26c08 [Jenkins release job] changelog.txt updated by release build 8.4.0.Final
fe410d2 HSEARCH-5630 Add a few migration notes
87335b6 HSEARCH-5630 Update to Hibernate ORM 7.4.0.Final
58d6af1 HSEARCH-5624 Update Elasticsearch client (elasticsearch-rest5-client) to 9.4.1
9efe369 Bump the build-dependencies group with 4 updates
bc1c185 Use the ssh URL for updating the website during the release
311adb0 HSEARCH-5627 Mention limitations of a StatelessSession
d429b05 HSEARCH-5627 Better error message for "incompatible" session types
2eaeb28 HSEARCH-5627 Add a simple StatelessSession test
Additional commits viewable in compare view

Updates org.junit:junit-bom from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

@JarvisCraft made their first contribution in junit-team/junit-framework#5633

@Maran23 made their first contribution in junit-team/junit-framework#5644

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

@mariokhoury4 made their first contribution in junit-team/junit-framework#4574

@Ogu1208 made their first contribution in junit-team/junit-framework#5145

@HyungGeun94 made their first contribution in junit-team/junit-framework#5271

@yalishevant made their first contribution in junit-team/junit-framework#5316

@JINU-CHANG made their first contribution in junit-team/junit-framework#5290

@jaschdoc made their first contribution in junit-team/junit-framework#5427

@kawshikbuet17 made their first contribution in junit-team/junit-framework#5561

@msridhar made their first contribution in junit-team/junit-framework#5602

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

@vy made their first contribution in junit-team/junit-framework#5041

@Pankraz76 made their first contribution in junit-team/junit-framework#5006

@arukiidou made their first contribution in junit-team/junit-framework#5066

@laeubi made their first contribution in junit-team/junit-framework#5092

@jihun4452 made their first contribution in junit-team/junit-framework#5088

@TWiStErRob made their first contribution in junit-team/junit-framework#5133

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

0dc3af1 Release 6.1.0
1d13002 Prepare 6.1.0 release notes
072b217 Update plugin spotless to v8.5.0 (#5668)
3a53480 Update Gradle to v9.5.1 (#5666)
0e18a20 Update zizmorcore/zizmor-action action to v0.5.4 (#5669)
0a2634f Update github/codeql-action action to v4.35.5 (#5671)
4dbd556 Restructure workflows to have single "status" job (#5670)
f2194ce Increase timeout to reduce flakiness
5c8fdd2 Update dependency org.apache.groovy:groovy to v5.0.6 (#5659)
43c6982 Update dependency org.slf4j:slf4j-jdk14 to v2.0.18 (#5667)
Additional commits viewable in compare view

Updates org.ow2.asm:asm-bom from 9.10 to 9.10.1

Updates ch.qos.logback:logback-core from 1.5.32 to 1.5.37

Release notes...

Description has been truncated

…31 updates Bumps the dev-dependencies group with 30 updates in the /jetty-ee9 directory: | Package | From | To | | --- | --- | --- | | org.glassfish.jersey.containers:jersey-container-servlet | `3.0.17` | `3.1.0` | | org.glassfish.jersey.inject:jersey-hk2 | `3.0.17` | `3.1.0` | | org.glassfish.jersey.media:jersey-media-json-binding | `3.0.17` | `3.1.0` | | org.ow2.asm:asm | `9.10` | `9.10.1` | | org.ow2.asm:asm-commons | `9.10` | `9.10.1` | | org.ow2.asm:asm-bom | `9.10` | `9.10.1` | | [net.java.dev.jna:jna](https://github.com/java-native-access/jna) | `5.18.1` | `5.19.1` | | [net.java.dev.jna:jna-jpms](https://github.com/java-native-access/jna) | `5.18.1` | `5.19.1` | | [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) | `3.5.8` | `3.5.9` | | [org.apache.openwebbeans:openwebbeans-jetty9](https://github.com/apache/openwebbeans) | `2.0.27` | `2.0.28` | | [org.apache.openwebbeans:openwebbeans-web](https://github.com/apache/openwebbeans) | `2.0.27` | `2.0.28` | | [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.21.3` | `2.22.0` | | [io.netty:netty-bom](https://github.com/netty/netty) | `4.2.13.Final` | `4.2.15.Final` | | [org.hibernate.search:hibernate-search-bom](https://github.com/hibernate/hibernate-search) | `8.3.1.Final` | `8.4.0.Final` | | [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` | | [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.32` | `1.5.37` | | [com.github.jnr:jffi](https://github.com/jnr/jffi) | `1.3.15` | `1.4.0` | | [io.grpc:grpc-core](https://github.com/grpc/grpc-java) | `1.81.0` | `1.82.1` | | [io.grpc:grpc-netty-shaded](https://github.com/grpc/grpc-java) | `1.81.0` | `1.82.1` | | [io.smallrye.common:smallrye-common-annotation](https://github.com/smallrye/smallrye-common) | `2.18.1` | `2.19.0` | | [io.smallrye.common:smallrye-common-cpu](https://github.com/smallrye/smallrye-common) | `2.18.1` | `2.19.0` | | org.apache.kerby:kerb-simplekdc | `2.1.1` | `2.1.2` | | [org.codehaus.plexus:plexus-classworlds](https://github.com/codehaus-plexus/plexus-classworlds) | `2.11.0` | `2.12.0` | | [org.eclipse.jdt:ecj](https://github.com/eclipse-jdt/eclipse.jdt.core) | `3.45.0` | `3.46.0` | | [org.hibernate.models:hibernate-models](https://github.com/hibernate/hibernate-models) | `1.1.1` | `1.2.0` | | [org.mortbay.jetty.quiche:jetty-quiche-native](https://github.com/jetty-project/jetty-quiche-native) | `0.29.1` | `0.29.2` | | [eu.maveniverse.maven.njord:extension3](https://github.com/maveniverse/njord) | `0.9.6` | `0.9.9` | | [eu.maveniverse.maven.plugins:njord](https://github.com/maveniverse/njord) | `0.9.6` | `0.9.9` | | [org.apache.maven.extensions:maven-build-cache-extension](https://github.com/apache/maven-build-cache-extension) | `1.2.2` | `1.2.3` | | [org.cyclonedx:cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin) | `2.9.1` | `2.9.2` | Updates `org.glassfish.jersey.containers:jersey-container-servlet` from 3.0.17 to 3.1.0 Updates `org.glassfish.jersey.inject:jersey-hk2` from 3.0.17 to 3.1.0 Updates `org.glassfish.jersey.media:jersey-media-json-binding` from 3.0.17 to 3.1.0 Updates `org.glassfish.jersey.inject:jersey-hk2` from 3.0.17 to 3.1.0 Updates `org.glassfish.jersey.media:jersey-media-json-binding` from 3.0.17 to 3.1.0 Updates `org.ow2.asm:asm` from 9.10 to 9.10.1 Updates `org.ow2.asm:asm-commons` from 9.10 to 9.10.1 Updates `org.ow2.asm:asm-bom` from 9.10 to 9.10.1 Updates `org.ow2.asm:asm-commons` from 9.10 to 9.10.1 Updates `net.java.dev.jna:jna` from 5.18.1 to 5.19.1 - [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md) - [Commits](java-native-access/jna@5.18.1...5.19.1) Updates `net.java.dev.jna:jna-jpms` from 5.18.1 to 5.19.1 - [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md) - [Commits](java-native-access/jna@5.18.1...5.19.1) Updates `org.mariadb.jdbc:mariadb-java-client` from 3.5.8 to 3.5.9 - [Release notes](https://github.com/mariadb-corporation/mariadb-connector-j/releases) - [Changelog](https://github.com/mariadb-corporation/mariadb-connector-j/blob/main/CHANGELOG.md) - [Commits](mariadb-corporation/mariadb-connector-j@3.5.8...3.5.9) Updates `org.apache.openwebbeans:openwebbeans-jetty9` from 2.0.27 to 2.0.28 - [Commits](apache/openwebbeans@openwebbeans-2.0.27...openwebbeans-2.0.28) Updates `org.apache.openwebbeans:openwebbeans-web` from 2.0.27 to 2.0.28 - [Commits](apache/openwebbeans@openwebbeans-2.0.27...openwebbeans-2.0.28) Updates `org.apache.openwebbeans:openwebbeans-web` from 2.0.27 to 2.0.28 - [Commits](apache/openwebbeans@openwebbeans-2.0.27...openwebbeans-2.0.28) Updates `com.fasterxml.jackson:jackson-bom` from 2.21.3 to 2.22.0 - [Commits](FasterXML/jackson-bom@jackson-bom-2.21.3...jackson-bom-2.22.0) Updates `io.netty:netty-bom` from 4.2.13.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.13.Final...netty-4.2.15.Final) Updates `org.hibernate.search:hibernate-search-bom` from 8.3.1.Final to 8.4.0.Final - [Release notes](https://github.com/hibernate/hibernate-search/releases) - [Changelog](https://github.com/hibernate/hibernate-search/blob/main/changelog.md) - [Commits](hibernate/hibernate-search@8.3.1.Final...8.4.0.Final) Updates `org.junit:junit-bom` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.ow2.asm:asm-bom` from 9.10 to 9.10.1 Updates `ch.qos.logback:logback-core` from 1.5.32 to 1.5.37 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.32...v_1.5.37) Updates `com.github.jnr:jffi` from 1.3.15 to 1.4.0 - [Commits](jnr/jffi@jffi-1.3.15...1.4.0) Updates `io.grpc:grpc-core` from 1.81.0 to 1.82.1 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.81.0...v1.82.1) Updates `io.grpc:grpc-netty-shaded` from 1.81.0 to 1.82.1 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.81.0...v1.82.1) Updates `io.grpc:grpc-netty-shaded` from 1.81.0 to 1.82.1 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.81.0...v1.82.1) Updates `io.smallrye.common:smallrye-common-annotation` from 2.18.1 to 2.19.0 - [Release notes](https://github.com/smallrye/smallrye-common/releases) - [Commits](smallrye/smallrye-common@2.18.1...2.19.0) Updates `io.smallrye.common:smallrye-common-cpu` from 2.18.1 to 2.19.0 - [Release notes](https://github.com/smallrye/smallrye-common/releases) - [Commits](smallrye/smallrye-common@2.18.1...2.19.0) Updates `net.java.dev.jna:jna-jpms` from 5.18.1 to 5.19.1 - [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md) - [Commits](java-native-access/jna@5.18.1...5.19.1) Updates `org.apache.kerby:kerb-simplekdc` from 2.1.1 to 2.1.2 Updates `org.codehaus.plexus:plexus-classworlds` from 2.11.0 to 2.12.0 - [Release notes](https://github.com/codehaus-plexus/plexus-classworlds/releases) - [Commits](codehaus-plexus/plexus-classworlds@plexus-classworlds-2.11.0...plexus-classworlds-2.12.0) Updates `org.eclipse.jdt:ecj` from 3.45.0 to 3.46.0 - [Commits](https://github.com/eclipse-jdt/eclipse.jdt.core/commits) Updates `org.hibernate.models:hibernate-models` from 1.1.1 to 1.2.0 - [Release notes](https://github.com/hibernate/hibernate-models/releases) - [Commits](hibernate/hibernate-models@1.1.1...1.2.0) Updates `org.mortbay.jetty.quiche:jetty-quiche-native` from 0.29.1 to 0.29.2 - [Commits](jetty-project/jetty-quiche-native@jetty-quiche-native-0.29.1...jetty-quiche-native-0.29.2) Updates `org.junit.platform:junit-platform-engine` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `eu.maveniverse.maven.njord:extension3` from 0.9.6 to 0.9.9 - [Release notes](https://github.com/maveniverse/njord/releases) - [Commits](maveniverse/njord@release-0.9.6...release-0.9.9) Updates `eu.maveniverse.maven.plugins:njord` from 0.9.6 to 0.9.9 - [Release notes](https://github.com/maveniverse/njord/releases) - [Commits](maveniverse/njord@release-0.9.6...release-0.9.9) Updates `org.apache.maven.extensions:maven-build-cache-extension` from 1.2.2 to 1.2.3 - [Release notes](https://github.com/apache/maven-build-cache-extension/releases) - [Commits](apache/maven-build-cache-extension@maven-build-cache-extension-1.2.2...maven-build-cache-extension-1.2.3) Updates `eu.maveniverse.maven.plugins:njord` from 0.9.6 to 0.9.9 - [Release notes](https://github.com/maveniverse/njord/releases) - [Commits](maveniverse/njord@release-0.9.6...release-0.9.9) Updates `org.cyclonedx:cyclonedx-maven-plugin` from 2.9.1 to 2.9.2 - [Release notes](https://github.com/CycloneDX/cyclonedx-maven-plugin/releases) - [Commits](CycloneDX/cyclonedx-maven-plugin@cyclonedx-maven-plugin-2.9.1...cyclonedx-maven-plugin-2.9.2) --- updated-dependencies: - dependency-name: org.glassfish.jersey.containers:jersey-container-servlet dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.glassfish.jersey.inject:jersey-hk2 dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.glassfish.jersey.media:jersey-media-json-binding dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.glassfish.jersey.inject:jersey-hk2 dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.glassfish.jersey.media:jersey-media-json-binding dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.ow2.asm:asm dependency-version: 9.10.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.ow2.asm:asm-commons dependency-version: 9.10.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.ow2.asm:asm-bom dependency-version: 9.10.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.ow2.asm:asm-commons dependency-version: 9.10.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: net.java.dev.jna:jna dependency-version: 5.19.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: net.java.dev.jna:jna-jpms dependency-version: 5.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.mariadb.jdbc:mariadb-java-client dependency-version: 3.5.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.apache.openwebbeans:openwebbeans-jetty9 dependency-version: 2.0.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.apache.openwebbeans:openwebbeans-web dependency-version: 2.0.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.apache.openwebbeans:openwebbeans-web dependency-version: 2.0.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.netty:netty-bom dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.hibernate.search:hibernate-search-bom dependency-version: 8.4.0.Final dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.junit:junit-bom dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.ow2.asm:asm-bom dependency-version: 9.10.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: ch.qos.logback:logback-core dependency-version: 1.5.37 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: com.github.jnr:jffi dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.grpc:grpc-core dependency-version: 1.82.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.grpc:grpc-netty-shaded dependency-version: 1.82.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.grpc:grpc-netty-shaded dependency-version: 1.82.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.smallrye.common:smallrye-common-annotation dependency-version: 2.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.smallrye.common:smallrye-common-cpu dependency-version: 2.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: net.java.dev.jna:jna-jpms dependency-version: 5.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.apache.kerby:kerb-simplekdc dependency-version: 2.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.codehaus.plexus:plexus-classworlds dependency-version: 2.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.eclipse.jdt:ecj dependency-version: 3.46.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.hibernate.models:hibernate-models dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: org.mortbay.jetty.quiche:jetty-quiche-native dependency-version: 0.29.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.junit.platform:junit-platform-engine dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eu.maveniverse.maven.njord:extension3 dependency-version: 0.9.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eu.maveniverse.maven.plugins:njord dependency-version: 0.9.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.apache.maven.extensions:maven-build-cache-extension dependency-version: 1.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eu.maveniverse.maven.plugins:njord dependency-version: 0.9.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: org.cyclonedx:cyclonedx-maven-plugin dependency-version: 2.9.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 27, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[12.1.x EE9] Bump the dev-dependencies group across 1 directory with 31 updates#15341

[12.1.x EE9] Bump the dev-dependencies group across 1 directory with 31 updates#15341
dependabot[bot] wants to merge 1 commit into
jetty-12.1.xfrom
dependabot/maven/jetty-ee9/jetty-12.1.x/dev-dependencies-f1ea711ec2

dependabot Bot commented on behalf of github Jun 27, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 27, 2026

Release 5.19.1

Bug Fixes

Release 5.19.0

Features

Bug Fixes

Release 5.19.1

Bug Fixes

Release 5.19.0

Features

Bug Fixes

MariaDB Connector/Java 3.5.9

3.5.9 (Jun 2026)

Key Enhancements

Issues Resolved

3.5.9 (Jun 2026)

Key Enhancements

Issues Resolved

3.4.3 (Jun 2026)

Bugs Fixed

3.3.5 (Jun 2026)

netty-4.2.15.Final

Security fixes

What's Changed

New Contributors

netty-4.2.14.Final

What's Changed

Release 8.4.0.Final

Hibernate Search 8.4.0.Final released

What's new

Conclusion

Release 8.4.0.CR1

Hibernate Search 8.4.0.CR1 released

What's new

Conclusion

8.4.0.Final (2026-05-27)

Improvement

8.4.0.CR1 (2026-05-11)

Bug

Improvement

Task

8.3.0.Final (2026-03-20)

New Contributors

New Contributors

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants