v5.3.0 🎁

📦 Dependency Updates

• Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.1 to 3.5.2 (#1046) @dependabot
• Bump org.pitest:pitest-maven from 1.17.0 to 1.17.1 (#1051) @dependabot
• Bump nl.jqno.equalsverifier:equalsverifier from 3.17.1 to 3.17.3 (#1053) @dependabot
• Bump com.puppycrawl.tools:checkstyle from 10.20.0 to 10.20.1 (#1054) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.15.7 to 1.15.10 (#1047) @dependabot
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.1 to 3.5.2 (#1048) @dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.1 to 3.11.1 (#1050) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.43.3 to 5.43.4 (#1049) @dependabot
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.4 to 4.8.6.5 (#1039) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.43.1 to 5.43.3 (#1043) @dependabot
• Bump org.owasp:dependency-check-maven from 11.0.0 to 11.1.0 (#1044) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.20.1 to 2.21.0 (#1037) @dependabot
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.0 to 3.8.1 (#1040) @dependabot
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.25.0 to 3.26.0 (#1041) @dependabot
• Bump com.uber.nullaway:nullaway from 0.12.0 to 0.12.1 (#1042) @dependabot
• Bump com.puppycrawl.tools:checkstyle from 10.18.2 to 10.20.0 (#1045) @dependabot

v5.2.0 🎁

✨ Improvements

• Upgrade PMD to 7.7.0 and combine metrics into same plugin executions (#1036) @uhafner

v5.1.0 🎁

💥 Breaking Changes

• Prepare for Java 17 (#1035) @uhafner

📦 Dependency Updates

• Bump org.junit-pioneer:junit-pioneer from 2.2.0 to 2.3.0 (#1016) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.41.0 to 5.43.1 (#1034) @dependabot
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.0 to 3.5.1 (#1015) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.10.0 to 1.12.0 (#1030) @dependabot
• Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.0 to 3.5.1 (#1014) @dependabot
• Bump org.junit:junit-bom from 5.11.1 to 5.11.3 (#1027) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.26.1 to 2.28.0 (#1031) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.19.0 to 2.21.0 (#1032) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.15.3 to 1.15.7 (#1033) @dependabot
• Bump mockito.version from 5.13.0 to 5.14.1 (#1008) @dependabot
• Bump com.puppycrawl.tools:checkstyle from 10.18.1 to 10.18.2 (#1007) @dependabot
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.6 to 3.2.7 (#1005) @dependabot
• Bump pmd.version from 7.5.0 to 7.6.0 (#1004) @dependabot
• Bump error-prone.version from 2.32.0 to 2.33.0 (#1009) @dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.0 to 3.10.1 (#1010) @dependabot
• Bump codecov/codecov-action from 4.5.0 to 4.6.0 (#1011) @dependabot
• Bump nl.jqno.equalsverifier:equalsverifier from 3.17 to 3.17.1 (#1012) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.40.2 to 5.41.0 (#994) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.9.0 to 1.10.0 (#995) @dependabot
• Bump nl.jqno.equalsverifier:equalsverifier from 3.16.2 to 3.17 (#996) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.16.0 to 1.17.0 (#997) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.18.0 to 2.19.0 (#999) @dependabot
• Bump org.junit:junit-bom from 5.11.0 to 5.11.1 (#1000) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.25.1 to 2.26.1 (#1002) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.15.1 to 1.15.3 (#1003) @dependabot

v4.16.0 🎁

📦 Dependency Updates

• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.3 to 4.8.6.4 (#991) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.25.0 to 2.25.1 (#992) @dependabot

🔧 Internal Changes

• Move maven plugin version to plugin management section (#993) @uhafner

v4.15.0 🎁

🚀 New Features

• Provide OWASP dependency check as profile (#989) @uhafner

📦 Dependency Updates

• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.6 (#985) @dependabot
• Bump one.util:streamex from 0.8.2 to 0.8.3 (#984) @dependabot
• Bump com.uber.nullaway:nullaway from 0.11.2 to 0.11.3 (#986) @dependabot
• Bump org.pitest:pitest-maven from 1.16.3 to 1.17.0 (#987) @dependabot
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#988) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.15.0 to 1.16.0 (#979) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.23.0 to 2.25.0 (#982) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.39.2 to 5.40.2 (#983) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.17.1 to 2.18.0 (#980) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.8.4 to 1.9.0 (#981) @dependabot
• Bump error-prone.version from 2.31.0 to 2.32.0 (#976) @dependabot

v4.14.0 🎁

📦 Dependency Updates

• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.17.1 to 2.18.0 (#980) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.8.4 to 1.9.0 (#981) @dependabot
• Bump error-prone.version from 2.31.0 to 2.32.0 (#976) @dependabot

v4.13.0 🎁

📦 Dependency Updates

• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.14.0 to 1.15.0 (#962) @dependabot
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.4.0 to 3.5.0 (#972) @dependabot
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.2 to 4.8.6.3 (#973) @dependabot
• Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (#974) @dependabot
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.24.0 to 3.25.0 (#975) @dependabot
• Bump org.pitest:pitest-maven from 1.16.1 to 1.16.3 (#965) @dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.10.0 (#963) @dependabot
• Bump com.puppycrawl.tools:checkstyle from 10.17.0 to 10.18.1 (#964) @dependabot
• Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.4.0 to 3.5.0 (#966) @dependabot
• Bump pmd.version from 7.4.0 to 7.5.0 (#967) @dependabot
• Bump error-prone.version from 2.30.0 to 2.31.0 (#968) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.16.0 to 2.17.1 (#969) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.22.1 to 2.23.0 (#970) @dependabot
• Bump mockito.version from 5.12.0 to 5.13.0 (#971) @dependabot
• Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.2 to 3.1.3 (#952) @dependabot
• Bump com.uber.nullaway:nullaway from 0.11.1 to 0.11.2 (#950) @dependabot
• Bump commons-logging:commons-logging from 1.3.3 to 1.3.4 (#951) @dependabot
• Bump org.apache.maven.plugins:maven-install-plugin from 3.1.2 to 3.1.3 (#953) @dependabot
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.1 to 3.8.0 (#954) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.8.3 to 1.8.4 (#956) @dependabot
• Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.4.0 to 3.5.0 (#957) @dependabot
• Bump nl.jqno.equalsverifier:equalsverifier from 3.16.1 to 3.16.2 (#958) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.39.0 to 5.39.2 (#960) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.14.19 to 1.15.1 (#961) @dependabot
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.4.0 (#949) @dependabot
• Bump slf4j.version from 2.0.15 to 2.0.16 (#935) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.38.1 to 5.39.0 (#937) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.13.0 to 1.14.0 (#938) @dependabot
• Bump org.apache.maven.plugins:maven-site-plugin from 3.12.1 to 3.20.0 (#947) @dependabot
• Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.3.1 to 3.4.0 (#948) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.8.1 to 1.8.3 (#944) @dependabot
• Bump error-prone.version from 2.29.2 to 2.30.0 (#936) @dependabot
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.5 (#939) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.15.0 to 2.16.0 (#942) @dependabot
• Bump org.junit:junit-bom from 5.10.3 to 5.11.0 (#943) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.21.0 to 2.22.1 (#945) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.14.18 to 1.14.19 (#946) @dependabot
• Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 (#932) @dependabot
• Bump com.uber.nullaway:nullaway from 0.11.0 to 0.11.1 (#926) @dependabot
• Bump pmd.version from 7.3.0 to 7.4.0 (#922) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.37.1 to 5.38.1 (#933) @dependabot
• Bump slf4j.version from 2.0.14 to 2.0.15 (#934) @dependabot
• Bump slf4j.version from 2.0.13 to 2.0.14 (#923) @dependabot
• Bump error-prone.version from 2.28.0 to 2.29.2 (#925) @dependabot
• Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 (#924) @dependabot
• Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.3.0 to 3.3.1 (#927) @dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 (#928) @dependabot
• Bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1 (#929) @dependabot
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.23.0 to 3.24.0 (#930) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.10.1 to 1.13.0 (#918) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.34.1 to 5.37.1 (#917) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.18.1 to 2.21.0 (#919) @dependabot
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.1 to 4.8.6.2 (#907) @dependabot
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 (#910) @dependabot
• Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#909) @dependabot
• Bump commons-logging:commons-logging from 1.3.2 to 1.3.3 (#906) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.14.17 to 1.14.18 (#908) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.12.2 to 2.15.0 (#920) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.6.1 to 1.8.1 (#921) @dependabot
• Bump io.github.git-commit-id:git-commit-id-maven-plugin from 9.0.0 to 9.0.1 (#900) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.10.1 to 2.12.2 (#887) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.16.0 to 2.18.1 (#889) @dependabot
• Bump org.junit:junit-bom from 5.10.2 to 5.10.3 (#892) @dependabot
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.5.0 to 4.8.6.1 (#893) @dependabot
• Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.5 to 3.3.0 (#894) @dependabot
• Bump spotbugs.version from 4.8.5 to 4.8.6 (#897) @dependabot
• Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.0 (#899) @dependabot
• Bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3.4.0 (#895) @dependabot
• Bump pmd.version from 7.2.0 to 7.3.0 (#896) @dependabot
• Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 (#898) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.32.1 to 5.34.1 (#888) @dependabot
• Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 (#875) @dependabot
• Bump io.github.git-commit-id:git-commit-id-maven-plugin from 8.0.2 to 9.0.0 (#878) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.4.3 to 1.6.1 (#886) @dependabot
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 (#882) @dependabot
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 (#885) @dependabot
• Bump codecov/codecov-action from 4.4.1 to 4.5.0 (#884) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.8.1 to 1.10.1 (#890) @dependabot
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.1 (#891) @dependabot

v4.12.0 🎁

🐛 Bug Fixes

• Revert skipping of maven flatten plugin to reenable incrementals (#858) @uhafner

📦 Dependency Updates

• Bump error-prone.version from 2.27.1 to 2.28.0 (#872) @dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 (#871) @dependabot
• Bump pmd.version from 7.1.0 to 7.2.0 (#873) @dependabot
• Bump com.uber.nullaway:nullaway from 0.10.26 to 0.11.0 (#874) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.7.0 to 1.8.1 (#861) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.31.0 to 5.32.1 (#862) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.4.2 to 1.4.3 (#864) @dependabot
• Bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 (#866) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.14.0 to 2.16.0 (#865) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.9.0 to 2.10.1 (#860) @dependabot
• Bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0 (#868) @dependabot
• Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#867) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.14.15 to 1.14.17 (#869) @dependabot
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 (#870) @dependabot
• Bump codecov/codecov-action from 4.4.0 to 4.4.1 (#859) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.30.0 to 5.31.0 (#854) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.6.0 to 1.7.0 (#855) @dependabot
• Bump com.github.ekryd.sortpom:sortpom-maven-plugin from 3.4.1 to 4.0.0 (#852) @dependabot
• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.13.0 to 2.14.0 (#853) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.8.0 to 2.9.0 (#856) @dependabot

🔧 Internal Changes

• Add sort-pom configuration (#857) @uhafner

v4.10.0 🎁

🐛 Bug Fixes

• Skip flattening of POM in CI builds (#851) @uhafner

📦 Dependency Updates

• Bump org.openrewrite.recipe:rewrite-migrate-java from 2.12.0 to 2.13.0 (#844) @dependabot
• Bump org.openrewrite.recipe:rewrite-testing-frameworks from 2.7.0 to 2.8.0 (#842) @dependabot
• Bump mockito.version from 5.11.0 to 5.12.0 (#848) @dependabot
• Bump codecov/codecov-action from 4.3.1 to 4.4.0 (#849) @dependabot
• Bump commons-logging:commons-logging from 1.3.1 to 1.3.2 (#850) @dependabot
• Bump org.openrewrite.recipe:rewrite-static-analysis from 1.5.0 to 1.6.0 (#845) @dependabot
• Bump org.openrewrite.maven:rewrite-maven-plugin from 5.29.0 to 5.30.0 (#841) @dependabot
• Bump net.bytebuddy:byte-buddy from 1.14.14 to 1.14.15 (#843) @dependabot
• Bump org.openrewrite.recipe:rewrite-recommendations from 1.4.1 to 1.4.2 (#847) @dependabot
• Bump org.pitest:pitest-maven from 1.16.0 to 1.16.1 (#846) @dependabot

v4.9.0 🎁

🐛 Bug Fixes

• Run SpotBugs only once (#840) @uhafner