Skip to content

deps(deps): bump the testing group across 1 directory with 2 updates#269

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/maven/testing-1411463490
Open

deps(deps): bump the testing group across 1 directory with 2 updates#269
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/maven/testing-1411463490

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 13, 2026
edited
Loading

Bumps the testing group with 2 updates in the / directory: org.junit.jupiter:junit-jupiter and org.assertj:assertj-core.

Updates org.junit.jupiter:junit-jupiter from 5.13.4 to 5.14.3

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.14.3 = Platform 1.14.3 + Jupiter 5.14.3 + Vintage 5.14.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.2...r5.14.3

JUnit 5.14.2 = Platform 1.14.2 + Jupiter 5.14.2 + Vintage 5.14.2

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.14.1...r5.14.2

JUnit 5.14.1 = Platform 1.14.1 + Jupiter 5.14.1 + Vintage 5.14.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.0...r5.14.1

JUnit 5.14.0 = Platform 1.14.0 + Jupiter 5.14.0 + Vintage 5.14.0

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.4...r5.14.0

JUnit 5.14.0-RC1 = Platform 1.14.0-RC1 + Jupiter 5.14.0-RC1 + Vintage 5.14.0-RC1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.4...r5.14.0-RC1

Commits
  • 1c14c1b Release 5.14.3
  • 698391f Finalize 5.14.3 release notes
  • 5655c22 Fix link to milestone
  • b4d1f56 Reliably support JRE.OTHER with @⁠EnabledOnJre and @⁠DisabledOnJre
  • 5b6dfef Fix references
  • 718ee15 Fail build if xref fragment is invalid
  • a809887 Install poppler-utils for pdfinfo
  • b568f5a Update API baseline
  • 1ebb6bc Add missing checkout step
  • 4ca615b Back to snapshots for further development
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.6 to 3.27.7

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.7

🔒 Security

Core

🚫 Deprecated

Core

  • Deprecate XmlStringPrettyFormatter with no replacement

🐛 Bug Fixes

Guava

  • Navigation to assertj-core or guava types from assertj-guava Javadoc site has unnecessary header #3478

🔨 Dependency Upgrades

Core

  • Upgrade to Byte Buddy 1.18.3
  • Upgrade to JUnit BOM 5.14.1

Guava

  • Upgrade to Guava 33.5.0-jre
Commits
  • e840716 [maven-release-plugin] prepare release assertj-build-3.27.7
  • 85ca7eb Deprecate XmlStringPrettyFormatter
  • 77081dc Merge commit from fork
  • b68fc24 Bump github/codeql-action from 4.31.9 to 4.31.10 in the github-actions group ...
  • 0cf5bb6 Bump kotlin.version from 2.1.0 to 2.2.21
  • d393ef1 Abort tests when symbolic links cannot be created (#3788)
  • 2212433 Add IntelliJ custom inspection for test class names
  • 5717d02 Update JetBrains icon
  • a8ec20b Add icon for JetBrains products
  • c05fb3d Bump Maven to 3.9.12 and Wrapper to 3.3.4
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.junit.jupiter:junit-jupiter [>= 6.a0, < 7]

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 13, 2026

Labels

The following labels could not be found: dependencies, java. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from a team as a code owner April 13, 2026 04:32
@github-actions github-actions Bot changed the base branch from main to develop April 13, 2026 04:32
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 13, 2026
edited
Loading

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
maven/org.assertj:assertj-core 3.27.7 UnknownUnknown
maven/org.junit.jupiter:junit-jupiter 5.14.3 🟢 8.6
Details
CheckScoreReason
Code-Review🟢 4Found 4/10 approved changesets -- score normalized to 4
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 9binaries present in source code
Pinned-Dependencies🟢 10all dependencies are pinned
License🟢 10license file detected
CII-Best-Practices🟢 5badge detected: Passing
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
SAST🟢 10SAST tool is run on all commits
CI-Tests🟢 1023 out of 23 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 61 contributing companies or organizations

Scanned Files

  • pom.xml

@dependabot dependabot Bot changed the base branch from develop to main April 20, 2026 04:32
@dependabot dependabot Bot force-pushed the dependabot/maven/testing-1411463490 branch from c9b140a to 30cd346 Compare April 20, 2026 04:32
@dependabot dependabot Bot changed the title deps(deps): bump the testing group with 2 updates deps(deps): bump the testing group across 1 directory with 2 updates Apr 20, 2026
@github-actions github-actions Bot changed the base branch from main to develop April 20, 2026 04:32
@dependabot
deps(deps): bump the testing group with 2 updates
cd18ee7 
Bumps the testing group with 2 updates: [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) and [org.assertj:assertj-core](https://github.com/assertj/assertj).


Updates `org.junit.jupiter:junit-jupiter` from 5.13.4 to 5.14.3
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r5.13.4...r5.14.3)

Updates `org.assertj:assertj-core` from 3.27.6 to 3.27.7
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.6...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 5.14.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: testing
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: testing
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the base branch from develop to main April 20, 2026 04:33
@dependabot dependabot Bot force-pushed the dependabot/maven/testing-1411463490 branch from 30cd346 to cd18ee7 Compare April 20, 2026 04:33
@github-actions github-actions Bot changed the base branch from main to develop April 20, 2026 04:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants