fix(deps): bump the prod-deps group across 1 directory with 11 updates

[dependabot]

Bumps the prod-deps group with 11 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	3.5.4	4.0.1
org.folio:folio-service-tools-spring-dev	4.1.1	5.0.1
org.folio:folio-spring-cql	9.0.0	9.1.0
io.github.openfeign:feign-jackson	12.1	13.6
org.apache.sshd:sshd-spring-sftp	2.15.0	2.16.0
commons-net:commons-net	3.11.1	3.12.0
io.hypersistence:hypersistence-utils-hibernate-63	3.7.3	3.14.1
com.opencsv:opencsv	5.11.2	5.12.0
org.marc4j:marc4j	2.9.1	2.9.6
software.amazon.awssdk:aws-sdk-java	2.40.2	2.41.10
one.util:streamex	0.8.3	0.8.4

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.4 to 4.0.1

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.0.1

⚠️ Noteworthy Changes

• Hibernate has been upgraded to 7.2.0.Final in response to Hibernate 7.1 moving to limited support
• spring-boot-starter-kotlin-serialization has been renamed to to spring-boot-starter-kotlinx-serialization-json and spring-boot-starter-kotlin-serialization-test has been renamed to spring-boot-starter-kotlinx-serialization-json-test. This change aligns the starters' names with those of their respective modules
• Using TestRestTemplate now requires a dependency on spring-boot-restclient

🐞 Bug Fixes

• JsonMixinModuleEntriesBeanRegistrationAotProcessor does not handle deprecated code #48564
• JdbcSessionAutoConfiguration may not match when using the auto-configured DataSource #48552
• @ServiceConnection for LgtmStackContainer fails when logging endpoint is configured due to multiple OtlpLoggingConnectionDetails beans #48536
• WebApplicationType does not consider modules when deduced from classpath #48517
• Spring Session auto-configuration fails in a war deployment as ServerProperties is not available #48493
• Opentelemetry logging export requires actuator module #48488
• RabbitHealthIndicator reports an error when version is missing from the connection's server properties #48487
• Actuator Info class has inconsistent nullability annotations and cannot be built with null value #48480
• Profiles retained during AOT processing are not configured in a native image #48476
• Security matchers and WebServerNamespace resolution can fail with NoClassDefFoundError when used in a traditional WAR deployment #48388
• HealthEndpointGroupMembershipValidator does not consider reactive health indicators causing NoSuchHealthContributorException to be thrown #48387
• spring.jackson.default-property-inclusion is not applied to content inclusion #48343
• TestRestTemplate.getRootUri() returns empty string #48330
• Redis health check reports an error when redis_version is missing from the INFO response #48328
• Parent's MeterRegistry beans are closed when child context closes #48325
• HttpMessageConverters picks up converter beans for both client and server #48310
• Conditions to auto-configure a RestClient are outdated with the modularization #48308
• A custom JwtTypeValidator that replaces the default can no longer be configured #48301
• PropertiesRestClientHttpServiceGroupConfigurer has highest precedence, preventing other configurers from being ordered ahead of it #48296
• SpringBootTest.UseMainMethod.WHEN_AVAILABLE and ALWAYS are incompatible with package-private or parameter-less main method #48275
• Conditions to auto-configure RestClient-based HTTP service clients are outdated with the modularization #48274
• Starter for Kotlinx Serialization Json is misnamed #48262
• ApplicationServletEnvironment is no longer configured in war deployments #48254
• RestClient.Builder bean present in @SpringBootTest due to spring-boot-starter-webmvc-test, but missing at runtime without restclient starter #48253
• ProblemDetail is rendered to XML incorrectly #48222

📔 Documentation

• Harmonize Kotlin example for HTTP Service client support #48577
• Document HttpMessageConverters detection changes in 4.0.1 #48574
• Improve javadoc for when to use class names rather than class references #48569
• Documentation has an outdated reference to the Jackson Kotlin Module #48534
• Caching documentation should clarify how to use a no-op implementation to run a test suite #48532
• Document that the default rolling policy for Log4j2 requires logging.file.path to be set #48527
• Review documentation and migration guide about changes in @AutoConfigureCache #48522
• License header in build samples is displayed in the reference documentation #48478
• Configuring Two DataSources How-To code sample is inconsistent #48449
• Fix links to source files on GitHub #48398
• Documentation contains broken links to GitHub source files #48394
• Document that org.aspectj.weaver.Advice must be on the classpath to enable support for Micrometer's annotations #48360
• Correct the annotation in the Kotlin @ConfigurationPropertiesSource example #48357
• Polish TestRestTemplate examples in the reference guide #48336

... (truncated)

Commits

• b2bc463 Release v4.0.1
• 252b218 Correct renaming of Kotlinx Serialization JSON starters
• 2fa73c2 Merge pull request #48577 from jwalter
• 3e68988 Polish "Harmonize Kotlin example for HTTP Service client support"
• 423373b Harmonize Kotlin example for HTTP Service client support
• f61ac29 Document HttpMessageConverters detection changes
• 2519a5d Merge branch '3.5.x'
• 4fc3ca3 Next development version (v3.5.10-SNAPSHOT)
• aaf66f4 Merge branch '3.5.x'
• 08e2cab Polish javadoc for when to use class names rather than class references
• Additional commits viewable in compare view

Updates org.folio:folio-service-tools-spring-dev from 4.1.1 to 5.0.1

Release notes

Sourced from org.folio:folio-service-tools-spring-dev's releases.

v5.0.1

Dependencies

• Bump RMB from 35.4.0 to 35.4.1 (FST-98)
• Bump Vertx from 4.5.13 to 4.5.22

v5.0.0

Breaking changes

• Upgrade to Java 21 (FST-88)
• Remove TokenUtils and UserInfo classes (FST-89)

Features

Add autoOffsetReset to KafkaListenerProperties (FST-87) Add maxPollRecords and maxPollIntervalMs to KafkaListenerProperties (FST-85)

Dependencies

• Bump RMB from 35.3.0 to 35.4.0
• Bump folio-spring-support from 8.2.0 to 9.0.0
• Bump spring-boot from 3.3.4 to 3.4.3
• Bump Vertx from 4.5.10 to 4.5.13

v4.1.2

Dependencies

• Bump RMB from 35.3.0 to Ramsons version 35.3.1. (FST-97)
• Bump Vertx from 4.5.10 to Ramsons version 4.5.22.

Changelog

Sourced from org.folio:folio-service-tools-spring-dev's changelog.

v5.0.1 2025-12-11

Dependencies

• Bump RMB from 35.4.0 to 35.4.1 (FST-98)
• Bump Vertx from 4.5.13 to 4.5.22

---

v5.0.0 2025-02-28

Breaking changes

• Upgrade to Java 21 (FST-88)
• Remove TokenUtils and UserInfo classes (FST-89)

Features

Add autoOffsetReset to KafkaListenerProperties (FST-87) Add maxPollRecords and maxPollIntervalMs to KafkaListenerProperties (FST-85)

Dependencies

• Bump RMB from 35.3.0 to 35.4.0
• Bump folio-spring-support from 8.2.0 to 9.0.0
• Bump spring-boot from 3.3.4 to 3.4.3
• Bump Vertx from 4.5.10 to 4.5.13

---

v4.1.0 2024-10-25

Bug fixes

• Do not delete kafka topics if collection topic is enabled (FST-77)
• Fix incorrect base64 decoding in TokenUtils (FST-80)

Dependencies

• Bump RMB from 35.2.2 to version 35.3.0.
• Bump Vertx from 4.5.5 to version 4.5.10.
• Bump folio-spring-support/folio-spring-base from 8.2.0-SNAPSHOT to final version 8.2.0.
• Bump Spring Boot from 3.2.3 to version 3.3.4.
• Bump log4j-slf4j-impl to log4j-slf4j2-impl.
• Bump log4j from 2.23.1 to 2.24.1.
• Bump commons-io from 2.15.1 to 2.17.0.

v4.0.0 2024-03-18

Breaking changes

• Remove system-user related functionality from "folio-service-tools-spring-dev" (FST-68)
• Delete TestSetUpHelper.getPgClient() method (FST-73)
• Remove "folio-service-tools-spring-test" submodule (FST-74)

Bug fixes

• Avoid additional totalRecords SQL query for offset=0 limit=MAX_INT (FST-72)

Tech Debt

• Spring Boot 3.1.5, folio-spring-base 7.2.2, Snakeyaml, Snappy (FST-70)

... (truncated)

Commits

• 5cf7f8b [maven-release-plugin] prepare release v5.0.1
• 12c99d8 feat(deps): upgrade to RMB 35.4.1
• bb62fb1 [maven-release-plugin] prepare for next development iteration
• dd544bf [maven-release-plugin] prepare release v5.0.0
• fb94b4f [maven-release-plugin] prepare branch release/v5.0
• 91b7618 Update NEWS
• 972a21f Update dependencies
• 2809c56 fix(deps): bump the prod-deps group with 2 updates (#214)
• a020daf fix: do not fail on javadoc generation (#213)
• 38d2000 chore: upgrade to Java 21 (#212)
• Additional commits viewable in compare view

Updates org.folio:folio-spring-cql from 9.0.0 to 9.1.0

Release notes

Sourced from org.folio:folio-spring-cql's releases.

v9.0.2

folio-spring-base

• FOLSPRINGS-200 commons-fileupload 1.6.0 fixing DoS from unlimited multipart headers CVE-2025-48976

v9.0.1

cql submodule

• FOLSPRINGS-185 Implement case insensitive accents ignoring CQL queries - backport, opt in only. To opt in call Cql2JpaCriteria.setCaseAccentsHandlingEnabled(true). Then a CQL search in a String field ignores case (= is case insensitive) and ignores accents by default; this is for consistency with RMB based modules. Use the annotations @RespectCase and/or @RespectAccents in the entity class to change this new default.

When enabling case insensitive and/or accents ignoring CQL queries you need to update database indices accordingly, for example:

DROP INDEX IF EXISTS idx_medreq_requester_barcode;
CREATE INDEX idx_medreq_requester_barcode ON ${database.defaultSchemaName}.mediated_request(lower(f_unaccent(requester_barcode)));

For test code that executes SQL you may need to add f_unaccent database method. Example: jpa-cql-general-it-schema.sql, @​Sql

Changelog

Sourced from org.folio:folio-spring-cql's changelog.

9.1.0 2025-04-23

Replacing OkHttpClient by ApacheHttpClient, adding configuration

Commits

• a9c940e [maven-release-plugin] prepare release v9.1.0
• f71312f Replacing OkHttpClient by ApacheHttpClient, adding configuration
• 4eab61d Replacing OkHttpClient by ApacheHttpClient, adding configuration
• e0ac99d Replacing OkHttpClient by ApacheHttpClient, adding configuration
• See full diff in compare view

Updates io.github.openfeign:feign-jackson from 12.1 to 13.6

Release notes

Sourced from io.github.openfeign:feign-jackson's releases.

OpenFeign 13.6

What's Changed

• Cross scripting by @​velo in OpenFeign/feign#2615
• Fix code scanning alert no. 12: Cross-site scripting by @​velo in OpenFeign/feign#2611
• Fix code scanning alert no. 7: Cross-site scripting by @​velo in OpenFeign/feign#2613
• Fix code scanning alert no. 13: Cross-site scripting by @​velo in OpenFeign/feign#2610
• Fix code scanning alert no. 8: Cross-site scripting by @​velo in OpenFeign/feign#2612
• Fix code scanning alert no. 6: Cross-site scripting by @​velo in OpenFeign/feign#2614
• Fix receive-pr workflow env by @​tylerbertrand in OpenFeign/feign#2632
• Integrate Feign Vertx into the main project by @​hosuaby in OpenFeign/feign#2631
• Applying rewrite to all modules by @​velo in OpenFeign/feign#2634
• Prevented tests of feign-form from writing logs by @​hosuaby in OpenFeign/feign#2633
• Allow optional request body by @​gromspys in OpenFeign/feign#2616
• Add Vertx module to Feature Overview by @​hosuaby in OpenFeign/feign#2647
• Fixes method Expressions.PathStyleExpression.getValue by @​ddenisandreev in OpenFeign/feign#2686
• Add gzip and deflate compression support in Http2Client by @​hicom150 in OpenFeign/feign#2738
• Enable Local Build Caching and Apply Optimizations by @​tylerbertrand in OpenFeign/feign#2656
• CI: migrate build pipeline on GitHub actions by @​hosuaby in OpenFeign/feign#2759
• Update README.md by @​hosuaby in OpenFeign/feign#2765
• FEATURE: base feign-vertx on Vertx WebClient instead of bare vertx by @​hosuaby in OpenFeign/feign#2756
• FIX: inreliable JSON asserts in Java 11 project by @​hosuaby in OpenFeign/feign#2816

---

• Bump kotlin.version from 2.0.20 to 2.0.21 by @​dependabot in OpenFeign/feign#2599
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.19.0 to 2.20.1 by @​dependabot in OpenFeign/feign#2600
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.41.0 to 5.42.2 by @​dependabot in OpenFeign/feign#2601
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.26.1 to 2.27.0 by @​dependabot in OpenFeign/feign#2602
• Bump org.springframework:spring-context from 6.1.13 to 6.1.14 in /core by @​dependabot in OpenFeign/feign#2604
• Bump reactor.version from 3.6.10 to 3.6.11 by @​dependabot in OpenFeign/feign#2609
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.27.0 to 2.27.1 by @​dependabot in OpenFeign/feign#2608
• Bump io.undertow:undertow-core from 2.3.17.Final to 2.3.18.Final by @​dependabot in OpenFeign/feign#2607
• Bump micrometer.version from 1.13.5 to 1.13.6 by @​dependabot in OpenFeign/feign#2606
• Bump mockito.version from 5.14.1 to 5.14.2 by @​dependabot in OpenFeign/feign#2605
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.27.1 to 2.28.0 by @​dependabot in OpenFeign/feign#2625
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.42.2 to 5.43.3 by @​dependabot in OpenFeign/feign#2627
• Bump org.springframework.boot:spring-boot-starter-web from 3.3.4 to 3.3.5 by @​dependabot in OpenFeign/feign#2620
• Bump jackson.version from 2.18.0 to 2.18.1 by @​dependabot in OpenFeign/feign#2628
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.4 to 5.4.1 by @​dependabot in OpenFeign/feign#2629
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.20.1 to 2.21.0 by @​dependabot in OpenFeign/feign#2624
• Bump org.springframework.boot:spring-boot-starter-test from 3.3.4 to 3.3.5 by @​dependabot in OpenFeign/feign#2623
• Bump org.junit:junit-bom from 5.11.2 to 5.11.3 by @​dependabot in OpenFeign/feign#2622
• Bump org.slf4j:slf4j-log4j12 from 1.8.0-beta0 to 2.0.0-alpha6 by @​dependabot in OpenFeign/feign#2635
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.1 to 3.11.1 by @​dependabot in OpenFeign/feign#2638
• Bump com.fasterxml.jackson:jackson-bom from 2.12.0 to 2.18.1 by @​dependabot in OpenFeign/feign#2637
• Bump com.github.tomakehurst:wiremock-jre8 from 2.35.1 to 2.35.2 by @​dependabot in OpenFeign/feign#2639

... (truncated)

Commits

• abd43f7 Generate jar for feign-vertx5-test
• bb59bfe Force single thread while deploying artifacts
• a45be66 prepare release 13.6
• bab7f2e Build project with mvnd (#2839)
• 5afdd22 Add missing secrets to nexus deploy
• 1c3fe71 Bump vertx.version from 5.0.0.CR4 to 4.5.14 (#2837)
• 61de712 FIX: inreliable JSON asserts in Java 11 project (#2816)
• 241f3ee Merge pull request #2838 from OpenFeign/dependabot/maven/netty.version-4.2.0....
• cff520a Bump netty.version from 4.1.119.Final to 4.2.0.Final
• e225ee8 Merge pull request #2836 from OpenFeign/dependabot/maven/org.projectlombok-lo...
• Additional commits viewable in compare view

Updates org.apache.sshd:sshd-spring-sftp from 2.15.0 to 2.16.0

Release notes

Sourced from org.apache.sshd:sshd-spring-sftp's releases.

Apache MINA SSHD 2.16.0

What's Changed

• bugfix: fix cert auth failed bug by @​liuziyu1226 in apache/mina-sshd#660
• GH-664: Skip MAC negotiation if an AEAD cipher was negotiated by @​tomaswolf in apache/mina-sshd#666
• GH-663: Fix a race in IoSession creation by @​tomaswolf in apache/mina-sshd#667
• Also test sshd-mina using mina-core 2.2.4 by @​tomaswolf in apache/mina-sshd#681
• ScpShell fixes; SFTP append mode for buggy servers by @​tomaswolf in apache/mina-sshd#696
• fix sources.jar Reproducible Builds issue by @​hboutemy in apache/mina-sshd#695
• GH-700: Fix race in AbstractCloseable.doCloseImmediately() by @​tomaswolf in apache/mina-sshd#702
• GH-705: Make ChannelToPortHandler accessible to user code by @​tomaswolf in apache/mina-sshd#707
• GH-709: Handle keep-alive channel messages sent by an old OpenSSH server by @​tomaswolf in apache/mina-sshd#710
• GH-727: supply default port for proxyJump if no HostConfigEntry by @​tomaswolf in apache/mina-sshd#730
• GH-733: Fix SftpRemotePathChannel.transferTo by @​tomaswolf in apache/mina-sshd#734
• GH-725 Added commandTimeoutMillis in executeRemoteCommand by @​raajeive in apache/mina-sshd#726
• GH-774: Fix WritePendingException by @​tomaswolf in apache/mina-sshd#775
• #771 Avoid NoClassDefFoundError: net/i2p/crypto/eddsa/EdDSAPublicKey by @​rde-infologic in apache/mina-sshd#773
• GH-516 Fix filesystem-id parsing in getFileSystem(URI) by @​ago1024 in apache/mina-sshd#766
• GH-754: Don't close DefaultForwarder on bind error by @​tomaswolf in apache/mina-sshd#776
• Close repository after usage in GitPackCommand by @​kwin in apache/mina-sshd#794
• Trigger ClientChannelEvent.Timeout and ClientSessionEvent.TIMEOUT independently to host's program cycle times by @​fersaru in apache/mina-sshd#790

New Contributors

• @​liuziyu1226 made their first contribution in apache/mina-sshd#660
• @​raajeive made their first contribution in apache/mina-sshd#726
• @​rde-infologic made their first contribution in apache/mina-sshd#773
• @​ago1024 made their first contribution in apache/mina-sshd#766
• @​kwin made their first contribution in apache/mina-sshd#794
• @​fersaru made their first contribution in apache/mina-sshd#790

Full Changelog: apache/mina-sshd@sshd-2.15.0...sshd-2.16.0

Changelog

Sourced from org.apache.sshd:sshd-spring-sftp's changelog.

Previous Versions

• Version 2.1.0 to 2.2.0
• Version 2.2.0 to 2.3.0
• Version 2.3.0 to 2.4.0
• Version 2.4.0 to 2.5.0
• Version 2.5.0 to 2.5.1
• Version 2.5.1 to 2.6.0
• Version 2.6.0 to 2.7.0
• Version 2.7.0 to 2.8.0
• Version 2.8.0 to 2.9.0
• Version 2.9.0 to 2.9.1
• Version 2.9.1 to 2.9.2
• Version 2.9.2 to 2.10.0
• Version 2.10.0 to 2.11.0
• Version 2.11.0 to 2.12.0
• Version 2.12.0 to 2.12.1
• Version 2.12.1 to 2.13.0
• Version 2.13.0 to 2.13.1
• Version 2.13.1 to 2.13.2
• Version 2.13.2 to 2.14.0
• Version 2.14.0 to 2.15.0
• Version 2.15.0 to 2.16.0

Latest Version

• Version 2.16.0 to 2.17.0

Planned for Next Version

Bug Fixes

New Features

Potential Compatibility Issues

Major Code Re-factoring

Commits

• 445ef7e [maven-release-plugin] prepare release sshd-2.16.0
• ebbfaf9 [releng] SCM tag for development versions
• 2ec336a Fix javadoc warnings
• 92eb158 Prepare documentation for a 2.16.0 release
• 62e6b5c [releng] Bump version to 2.16.0-SNAPSHOT
• 3fbc0a8 Bump grpc.version from 1.73.0 to 1.74.0 (#792)
• 99246d6 Fix ClientChannelEvent.Timeout and ClientSessionEvent.TIMEOUT (#790)
• 2868de8 Merge pull request #794 from kwin/bugfix/close-repo-in-pack-cmd
• 6358be2 Close repository after usage in GitPackCommand
• 67e2e4c Bump pmd.version from 7.15.0 to 7.16.0 (#788)
• Additional commits viewable in compare view

Updates commons-net:commons-net from 3.11.1 to 3.12.0

Changelog

Sourced from commons-net:commons-net's changelog.

Apache Commons Net 3.12.0 Release Notes

The Apache Commons Net team is pleased to announce the release of Apache Commons Net 3.12.0.

Apache Commons Net library contains a collection of network utilities and protocol implementations. Supported protocols include Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, and Whois.

This is a feature and maintenance release. Java 8 or later is required.

For complete information on Apache Commons Net, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Net website:

https://commons.apache.org/proper/commons-net/

Download page: https://commons.apache.org/proper/commons-net/download_net.cgi

New features

o Add org.apache.commons.net.nntp.Article#getChild(). Thanks to Gary Gregory. o Add org.apache.commons.net.nntp.Article#getNext(). Thanks to Gary Gregory. o Add private SubnetAddressStringIterable and private SubnetAddressStringIterator to implement SubnetInfo.iterableAddressStrings() and SubnetInfo.streamAddressStrings() #298. Thanks to Lixiongyou, Gary Gregory. o Add SubnetInfo.iterableAddressStrings(). Thanks to Gary Gregory. o Add SubnetInfo.streamAddressStrings(). Thanks to Gary Gregory. o Add FTPCmd.OPTS. Thanks to Gary Gregory. o Add FTP.opts(String, String). Thanks to Gary Gregory. o Add FTP.opts(String...). Thanks to Gary Gregory. o Add FTP.setControlEncoding(Charset). Thanks to Gary Gregory. o Add --OPTS to FTPClientExample. Thanks to Gary Gregory. o NET-727: Add accessing options map for TFTP request packet and allow using 'blksize' option #331. Thanks to Gary Gregory. o Add org.apache.commons.net.util.ListenerList.isEmpty(). Thanks to Gary Gregory. o Add org.apache.commons.net.ftp.FTPClient.getSystemTypeOverride(). Thanks to Gary Gregory. o Add generics to ListenerList. Thanks to Gary Gregory. o Add module-info.class in the JAR file instead of an Automatic-Module-Name in MANIFEST.MF. Thanks to Gary Gregory.

Fixed Bugs

o Increase message limit in IMAPReply.TAGGED_RESPONSE from 80 to 500 characters. Thanks to Andreas Lemke, Gary Gregory. o Increase message limit in IMAPReply.UNTAGGED_RESPONSE from 160 to 500 characters. Thanks to Andreas Lemke, Gary Gregory. o Remove InvalidKeySpecException from AuthenticatingIMAPClient.auth(AUTH_METHOD, String, String) never throws, it's not thrown. Thanks to Gary Gregory. o Remove InvalidKeySpecException from AuthenticatingIMAPClient.authenticate(AUTH_METHOD, String, String) never throws, it's not thrown. Thanks to Gary Gregory. o Remove InvalidKeySpecException from ExtendedPOP3Client.auth(AUTH_METHOD, String, String) never throws, it's not thrown. Thanks to Gary Gregory. o Remove InvalidKeySpecException from org.apache.commons.net.smtp.AuthenticatingSMTPClient.auth(AUTH_METHOD, String, String) never throws, it's not thrown. Thanks to Gary Gregory. o Fix SpotBugs RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE in SSLSocketUtils. Thanks to Gary Gregory. o Fix PMD UnnecessaryFullyQualifiedName. Thanks to Gary Gregory. o Fix PMD UnusedFormalParameter. Thanks to Gary Gregory. o Fix PMD AvoidBranchingStatementAsLastInLoop in org.apache.commons.net.bsd.RCommandClient. Thanks to Gary Gregory.

... (truncated)

Commits

• bb741d0 Prepare for the release candidate 3.12.0 RC1
• bfaf5d2 Prepare for the next release candidate
• 91baa6f Add module-info.class in the JAR file instead of an
• 6a49728 Merge pull request #355 from apache/dependabot/github_actions/github/codeql-a...
• de4990b Bump github/codeql-action from 3.29.2 to 3.29.4
• 078c17d Merge some string literals
• 200dccd Format nit
• f84d393 Format nit
• 7cfdadf Format nit
• 1213ed8 Update the GitHub pull request template for AI
• Additional commits viewable in compare view

Updates io.hypersistence:hypersistence-utils-hibernate-63 from 3.7.3 to 3.14.1

Changelog

Sourced from io.hypersistence:hypersistence-utils-hibernate-63's changelog.

Version 3.14.1 - December 17, 2025

Deprecate all ArrayTypes, with the exception of the EnumArrayType #823

Version 3.14.0 - December 16, 2025

The Hibernate SessionFactory cannot be built due to a ClassCastException after upgrading to 3.13.3 #821

Add support for Hibernate 7.2.0.CR4

Version 3.13.3 - December 12, 2025

ArrayType causes org.hibernate.tool.schema.spi.SchemaManagementException: Schema-validation: wrong column type encountered in column found (Types#ARRAY), but expecting (Types#OTHER) #697

Version 3.13.2 - December 03, 2025

Change SQLStatementCountMismatchException to extend AssertionError #820

Version 3.13.1 - December 01, 2025

Change the signature of the SequenceOptimizerGenerator.configure method for Hibernate 7.1 #818

Add a null check for the XProperty JsonType parameter #814

Version 3.13.0 - December 01, 2025

Add SequenceOptimizer as an alternative to the deprecated GenericGenerator #817

Add support for registering the Jackson KotlinModule when using Kotlin #816

Version 3.12.0 - November 09, 2025

Add support for Short identifiers in BatchSequenceGenerator #813

Replace JdbcOperationQuerySelect with JdbcOperation for Hibernate 7.2.0.CR1 #812

Version 3.11.0 - September 09, 2025

Add support for Hibernate 7.1 #802

ObjectMapperWrapper not working with Map<String, String> #793

... (truncated)

Commits

• b28c619 [maven-release-plugin] prepare release hypersistence-utils-parent-3.14.1
• e0590a0 Update changelog for the 3.14.1 release
• 8812b18 Deprecate all ArrayTypes, with the exception of the EnumArrayType #823
• 0895613 Bump version up
• 1c3b14e [maven-release-plugin] prepare for next development iteration
• acc9347 [maven-release-plugin] prepare release hypersistence-utils-parent-3.14.0
• 57d5869 Update changelog for the 3.14.0 release
• 1200e6a The Hibernate SessionFactory cannot be built due to a ClassCastException afte...
• e434ecd Upgrade Hibernate version to 7.2.0.Final
• 76d2011 Add support for Hibernate 7.2.0.CR4
• Additional commits viewable in compare view

Updates com.opencsv:opencsv from 5.11.2 to 5.12.0

Updates org.marc4j:marc4j from 2.9.1 to 2.9.6

Release notes

Sourced from org.marc4j:marc4j's releases.

2.9.6

This includes a couple of pull requests:
marc4j/marc4j#100 marc4j/marc4j#98 marc4j/marc4j#97 Plus code to handle marc4j/marc4j#102 marc4j/marc4j#94

Plus a number of changes to the build.xml code to support automatic uploading of the built code artifacts to sonatype.org Plus a new github workflow, that should run automatically when a release is published.

2.9.4

Include the additional Pull request that includes imports of org.marc4j.marc.Record to prevent collision with newer java class Record.

2.9.3

Merges in a Pull Request to add handling of NLM Call Numbers

Pull Request Release

Merged in several Pull requests, including some error fixes and upgrading the version of Ivy used to 2.5 and using https.

Commits

• f654e83 handle issues :
• 798ccea only run release.yml when a release is published
• 3ebfe70 many changes to build code, to support automatically uploading to sonatype.or...
• 1355383 Merge pull request #100 from MSU-Libraries/linked_occurrence
• 975f789 Merge pull request #98 from cleydyr/issue-88
• b526eda Merge pull request #97 from julianladisch/nlm-w
• bd290cc Linked field no longer fails due to occurrence
• 579295b refactor: [88] remove redundant if-else
• d4e80cf Allow 3 class letters
• de23419 prevent OOB errors on really bad records.
• Additional commits viewable in compare view

Updates software.amazon.awssdk:aws-sdk-java from 2.40.2 to 2.41.10

Updates one.util:streamex from 0.8.3 to 0.8.4

Release notes

Sourced from one.util:streamex's releases.

StreamEx 0.8.4

• #279 Added: AbstractStreamEx.mapToEntryPartial.
• #280 Added: EntryStream.mapKeysPartial and mapValuesPartial

Commits

• fa62158 Version 0.8.4
• 0b76dac InternalsTest: cover exception in CloneableSpliterator
• 724067b Inline the implementation of mapKeysPartial and mapValuesPartial to reduce th...
• 351235a Update CHANGES.md and CHEATSHEET.md
• 6e42b52 Merge pull request #280 from roblburris/rb/add-mapPartial-for-keys-and-values
• 072bf1c Merge pull request #279 from rhuffy/rh/map-to-entry-partial
• e664b14 reuse existing
• 704a126 init
• ba52b8e revert spurious whitespace
• 3bb5714 formatting
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• `@dependabot ign...

Description has been truncated