Skip to content

deps(deps): bump the testing group across 1 directory with 2 updates#278

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/maven/testing-5dcd15025b
Open

deps(deps): bump the testing group across 1 directory with 2 updates#278
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/maven/testing-5dcd15025b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps the testing group with 2 updates in the / directory: org.junit.jupiter:junit-jupiter and org.assertj:assertj-core.

Updates org.junit.jupiter:junit-jupiter from 5.13.4 to 5.14.4

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.14.4 = Platform 1.14.4 + Jupiter 5.14.4 + Vintage 5.14.4

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.3...r5.14.4

JUnit 5.14.3 = Platform 1.14.3 + Jupiter 5.14.3 + Vintage 5.14.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.2...r5.14.3

JUnit 5.14.2 = Platform 1.14.2 + Jupiter 5.14.2 + Vintage 5.14.2

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.14.1...r5.14.2

JUnit 5.14.1 = Platform 1.14.1 + Jupiter 5.14.1 + Vintage 5.14.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.0...r5.14.1

JUnit 5.14.0 = Platform 1.14.0 + Jupiter 5.14.0 + Vintage 5.14.0

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.4...r5.14.0

JUnit 5.14.0-RC1 = Platform 1.14.0-RC1 + Jupiter 5.14.0-RC1 + Vintage 5.14.0-RC1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.4...r5.14.0-RC1

Commits
  • 096fd69 Release 5.14.4
  • 11fd02b Remove JDK 24 (EOL)
  • 5b7f023 Fix integration tests on JDK 27
  • 18f842a Test against JDK 26 (GA) and JDK 27 (EA)
  • a5bf336 Polish 5.14.4 release notes
  • 7667c14 Fix race condition in NodeTestTask (#5427)
  • ac01f2d Include full display name in legacy XML reports (#5524)
  • fbd4a8e Include class template invocation index in legacy reporting names
  • 7d6f0c0 Only check PDF for GA releases
  • 14f534d Test 5.14.x against JDK 25 ga (#5623)
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.6 to 3.27.7

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.7

🔒 Security

Core

🚫 Deprecated

Core

  • Deprecate XmlStringPrettyFormatter with no replacement

🐛 Bug Fixes

Guava

  • Navigation to assertj-core or guava types from assertj-guava Javadoc site has unnecessary header #3478

🔨 Dependency Upgrades

Core

  • Upgrade to Byte Buddy 1.18.3
  • Upgrade to JUnit BOM 5.14.1

Guava

  • Upgrade to Guava 33.5.0-jre
Commits
  • e840716 [maven-release-plugin] prepare release assertj-build-3.27.7
  • 85ca7eb Deprecate XmlStringPrettyFormatter
  • 77081dc Merge commit from fork
  • b68fc24 Bump github/codeql-action from 4.31.9 to 4.31.10 in the github-actions group ...
  • 0cf5bb6 Bump kotlin.version from 2.1.0 to 2.2.21
  • d393ef1 Abort tests when symbolic links cannot be created (#3788)
  • 2212433 Add IntelliJ custom inspection for test class names
  • 5717d02 Update JetBrains icon
  • a8ec20b Add icon for JetBrains products
  • c05fb3d Bump Maven to 3.9.12 and Wrapper to 3.3.4
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.junit.jupiter:junit-jupiter [>= 6.a0, < 7]

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 4, 2026

Labels

The following labels could not be found: dependencies, java. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from a team as a code owner May 4, 2026 04:34
@github-actions github-actions Bot changed the base branch from main to develop May 4, 2026 04:34
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 4, 2026
edited
Loading

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
maven/org.assertj:assertj-core 3.27.7 UnknownUnknown
maven/org.junit.jupiter:junit-jupiter 5.14.4 🟢 8.4
Details
CheckScoreReason
Security-Policy🟢 10security policy file detected
Code-Review⚠️ 1Found 2/17 approved changesets -- score normalized to 1
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 9binaries present in source code
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies🟢 10all dependencies are pinned
Vulnerabilities🟢 100 existing vulnerabilities detected
CII-Best-Practices🟢 5badge detected: Passing
Signed-Releases⚠️ -1no releases found
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST🟢 10SAST tool is run on all commits
Fuzzing⚠️ 0project is not fuzzed
CI-Tests🟢 1017 out of 17 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 62 contributing companies or organizations

Scanned Files

  • pom.xml

@dependabot dependabot Bot changed the base branch from develop to main May 11, 2026 04:36
@dependabot dependabot Bot changed the title deps(deps): bump the testing group with 2 updates deps(deps): bump the testing group across 1 directory with 2 updates May 11, 2026
@dependabot dependabot Bot force-pushed the dependabot/maven/testing-5dcd15025b branch from f74365e to 74477ff Compare May 11, 2026 04:37
@github-actions github-actions Bot changed the base branch from main to develop May 11, 2026 04:37
@dependabot
deps(deps): bump the testing group across 1 directory with 2 updates
ba1c5de 
Bumps the testing group with 2 updates in the / directory: [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) and [org.assertj:assertj-core](https://github.com/assertj/assertj).


Updates `org.junit.jupiter:junit-jupiter` from 5.13.4 to 5.14.4
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r5.13.4...r5.14.4)

Updates `org.assertj:assertj-core` from 3.27.6 to 3.27.7
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.6...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: testing
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 5.14.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: testing
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the base branch from develop to main May 11, 2026 04:37
@dependabot dependabot Bot force-pushed the dependabot/maven/testing-5dcd15025b branch from 74477ff to ba1c5de Compare May 11, 2026 04:37
@github-actions github-actions Bot changed the base branch from main to develop May 11, 2026 04:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants