fix(deps): update all minor dependencies (master)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
com.google.protobuf:protobuf-java (source)	4.32.1 -> 4.33.0
com.github.ben-manes.versions	0.51.0 -> 0.53.0
com.github.spotbugs	6.3.0 -> 6.4.4
org.openapi.generator	7.13.0 -> 7.17.0
io.github.sgtsilvio.gradle.metadata	0.5.0 -> 0.6.0
de.thetaphi.forbiddenapis	3.9 -> 3.10
net.ltgt.errorprone	4.2.0 -> 4.3.0
com.microsoft.sqlserver:mssql-jdbc	12.8.1.jre11 -> 12.10.2.jre11
org.mockito:mockito-junit-jupiter	5.17.0 -> 5.20.0
org.junit.jupiter:junit-jupiter (source)	5.13.2 -> 5.14.1
org.junit:junit-bom (source)	5.13.2 -> 5.14.1
net.minidev:json-smart (source)	2.5.2 -> 2.6.0
com.jayway.jsonpath:json-path	2.9.0 -> 2.10.0
com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider	2.19.1 -> 2.20.1
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	2.19.1 -> 2.20.1
com.fasterxml.jackson.dataformat:jackson-dataformat-xml	2.19.1 -> 2.20.1
com.fasterxml.jackson.core:jackson-databind (source)	2.19.1 -> 2.20.1
com.zaxxer:HikariCP	6.2.1 -> 6.3.3
com.google.guava:guava	33.4.8-jre -> 33.5.0-jre
com.google.errorprone:error_prone_core (source)	2.38.0 -> 2.43.0
nl.jqno.equalsverifier:equalsverifier (source)	3.17.5 -> 3.19.4
com.google.dagger:dagger-compiler	2.56.2 -> 2.57.2
com.google.dagger:dagger	2.56.2 -> 2.57.2
org.bouncycastle:bcprov-jdk18on (source)	1.80 -> 1.82
org.bouncycastle:bcpkix-jdk18on (source)	1.80 -> 1.82
io.github.sgtsilvio.gradle.oci	0.22.0 -> 0.24.0
org.apache.plc4x:plc4j-transport-raw-socket (source)	0.11.0 -> 0.13.1
org.apache.plc4x:plc4j-driver-s7 (source)	0.11.0 -> 0.13.1
org.apache.plc4x:plc4j-api (source)	0.11.0 -> 0.13.1
org.apache.plc4x:plc4j-driver-ads (source)	0.11.0 -> 0.13.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

mockito/mockito (org.mockito:mockito-junit-jupiter)

v5.20.0

^{Changelog generated by Shipkit Changelog Gradle Plugin}

5.20.0

• 2025-09-20 - 11 commit(s) by Adrian-Kim, Giulio Longfils, Rafael Winterhalter, dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.4 to 3.27.5 (#​3730)
• Introducing the Ability to Mock Construction of Generic Types (#​2401) (#​3729)
• Bump com.gradle.develocity from 4.1.1 to 4.2 (#​3726)
• Bump graalvm/setup-graalvm from 1.3.6 to 1.3.7 (#​3725)
• Bump org.eclipse.platform:org.eclipse.osgi from 3.23.100 to 3.23.200 (#​3720)
• Bump graalvm/setup-graalvm from 1.3.5 to 1.3.6 (#​3719)
• Bump actions/setup-java from 4 to 5 (#​3715)
• Bump com.gradle.develocity from 4.1 to 4.1.1 (#​3713)
• Bump bytebuddy from 1.17.6 to 1.17.7 (#​3712)
• test: Use Assume.assumeThat for SequencedCollection tests (#​3711)
• Fix #​3709 (#​3710)
• feat: Add support for JDK21 Sequenced Collections. (#​3708)
• Introducing the Ability to Mock Construction of Generic Types (#​2401)

v5.19.0

Compare Source

^{Changelog generated by Shipkit Changelog Gradle Plugin}

5.19.0

• 2025-08-15 - 37 commit(s) by Adrian-Kim, Tim van der Lippe, Tran Ngoc Nhan, dependabot[bot], juyeop
• feat: Add support for JDK21 Sequenced Collections. (#​3708)
• Bump actions/checkout from 4 to 5 (#​3707)
• build: Allow overriding 'Created-By' for reproducible builds (#​3704)
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#​3703)
• Bump androidx.test:runner from 1.6.2 to 1.7.0 (#​3697)
• Bump org.junit.platform:junit-platform-launcher from 1.13.3 to 1.13.4 (#​3694)
• Bump com.diffplug.spotless:spotless-plugin-gradle from 7.1.0 to 7.2.1 (#​3693)
• Bump junit-jupiter from 5.13.3 to 5.13.4 (#​3691)
• Bump com.gradle.develocity from 4.0.2 to 4.1 (#​3689)
• Bump com.google.googlejavaformat:google-java-format from 1.27.0 to 1.28.0 (#​3688)
• Bump com.google.googlejavaformat:google-java-format from 1.25.2 to 1.27.0 (#​3686)
• Bump com.diffplug.spotless:spotless-plugin-gradle from 7.0.4 to 7.1.0 (#​3685)
• Bump junit-jupiter from 5.13.2 to 5.13.3 (#​3684)
• Bump org.shipkit:shipkit-auto-version from 2.1.0 to 2.1.2 (#​3683)
• Bump com.diffplug.spotless:spotless-plugin-gradle from 7.0.2 to 7.0.4 (#​3682)
• Only run release after both Java and Android tests have finished
  (#​3681)
• Bump org.junit.platform:junit-platform-launcher from 1.12.2 to 1.13.3 (#​3680)
• Bump org.codehaus.groovy:groovy from 3.0.24 to 3.0.25 (#​3679)
• Bump org.eclipse.platform:org.eclipse.osgi from 3.23.0 to 3.23.100 (#​3678)
• Can no longer publish snapshot releases (#​3677)
• Update Gradle to 8.14.2 (#​3676)
• Bump errorprone from 2.23.0 to 2.39.0 (#​3674)
• Correct Junit docs link (#​3672)
• Bump net.ltgt.gradle:gradle-errorprone-plugin from 4.1.0 to 4.3.0 (#​3670)
• Bump junit-jupiter from 5.13.1 to 5.13.2 (#​3669)
• Bump bytebuddy from 1.17.5 to 1.17.6 (#​3668)
• Bump junit-jupiter from 5.12.2 to 5.13.1 (#​3666)
• Bump org.jetbrains.kotlin:kotlin-stdlib from 2.0.21 to 2.2.0 (#​3665)
• Bump org.gradle.toolchains.foojay-resolver-convention from 0.9.0 to 1.0.0 (#​3661)
• Bump org.junit.platform:junit-platform-launcher from 1.11.4 to 1.12.2 (#​3660)
• Add JDK21 sequenced collections for ReturnsEmptyValues (#​3659)
• Bump com.gradle.develocity from 3.19.1 to 4.0.2 (#​3658)
• Bump ru.vyarus:gradle-animalsniffer-plugin from 1.7.2 to 2.0.1 (#​3657)
• Bump org.eclipse.platform:org.eclipse.osgi from 3.22.0 to 3.23.0 (#​3656)
• Bump org.codehaus.groovy:groovy from 3.0.23 to 3.0.24 (#​3655)
• Bump junit-jupiter from 5.11.4 to 5.12.2 (#​3653)
• Reproducible Build: need to inject JDK distribution details to rebuild (#​3563)

v5.18.0

Compare Source

^{Changelog generated by Shipkit Changelog Gradle Plugin}

5.18.0

• 2025-05-20 - 5 commit(s) by Eugene Platonov, Patrick Doyle, Tim van der Lippe, dependabot[bot]
• Make vararg checks Scala friendly (for mockito-scala) (#​3651)
• For UnfinishedStubbingException, suggest the possibility of another thread (#​3636)
• UnfinishedStubbingException ought to suggest the possibility of another thread (#​3635)

netplex/json-smart-v2 (net.minidev:json-smart)

v2.6.0

Compare Source

What's Changed

• fix JSONObject.merge blocks overwriting (#​175) by @​caimo in #​238
• build: prepare for next version by @​hezhangjian in #​241
• chore: use standard charset object instead by @​hezhangjian in #​242
• add Spotless + Maven wrapper by @​ccudennec-otto in #​246
• fix JSONArray merge(Object)(#​51) by @​caimo in #​247
• Bump junit.version from 5.11.4 to 5.12.0 in /json-smart by @​dependabot[bot] in #​253
• Bump junit.version from 5.11.4 to 5.12.0 in /json-smart-action by @​dependabot[bot] in #​248
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.2 to 2.44.3 in /json-smart by @​dependabot[bot] in #​252
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0 in /json-smart by @​dependabot[bot] in #​251
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.2 to 2.44.3 in /json-smart-action by @​dependabot[bot] in #​250
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0 in /json-smart-action by @​dependabot[bot] in #​249
• Bump junit.version from 5.12.0 to 5.12.1 in /json-smart by @​dependabot[bot] in #​256
• Bump junit.version from 5.12.0 to 5.12.1 in /json-smart-action by @​dependabot[bot] in #​255
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.3 to 2.44.4 in /json-smart-action by @​dependabot[bot] in #​263
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.3 to 2.44.4 in /json-smart by @​dependabot[bot] in #​260
• Bump junit.version from 5.12.1 to 5.12.2 in /json-smart-action by @​dependabot[bot] in #​262
• Bump junit.version from 5.12.1 to 5.12.2 in /json-smart by @​dependabot[bot] in #​261
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.4 to 2.44.5 in /json-smart by @​dependabot[bot] in #​268
• Bump junit.version from 5.12.2 to 5.13.0 in /json-smart by @​dependabot[bot] in #​267
• Bump junit.version from 5.12.2 to 5.13.0 in /json-smart-action by @​dependabot[bot] in #​266
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.4 to 2.44.5 in /json-smart-action by @​dependabot[bot] in #​265
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 in /json-smart-action by @​dependabot[bot] in #​276
• Bump junit.version from 5.13.0 to 5.13.4 in /json-smart by @​dependabot[bot] in #​274
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 in /json-smart by @​dependabot[bot] in #​273
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.5 to 2.46.1 in /json-smart-action by @​dependabot[bot] in #​277
• Bump junit.version from 5.13.0 to 5.13.4 in /json-smart-action by @​dependabot[bot] in #​278
• Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.5 to 2.46.1 in /json-smart by @​dependabot[bot] in #​275
• fix unpack dependencies failed (#​176) by @​pcHwang2 in #​257
• fix Issue 177 (support incomplet json messages) by @​UrielCh in #​254
• improve github action by @​UrielCh in #​279
• mutiple updates, new github workflow, more coverage.... by @​UrielCh in #​280
• Upgrade by @​UrielCh in #​281

New Contributors

• @​pcHwang2 made their first contribution in #​257

Full Changelog: netplex/json-smart-v2@2.5.2...v2.6.0

google/error-prone (com.google.errorprone:error_prone_core)

v2.43.0: Error Prone 2.43.0

Compare Source

Changes:

• -XepPatchChecks now skips disabled checks (#​4943)
• AndroidJdkLibsChecker has been removed, the recommended replacement for Android code is Android Lint's NewApi check

New checks:

• NullNeedsCastForVarargs: Detect calls that incorrectly passes a null array instead of a null element.
• RedundantNullCheck: detect checks on expressions that are non-null.

Closed issues: #​4943, #​5102, #​5107, #​5121, #​5158, #​5217, #​5239

Full changelog: google/error-prone@v2.42.0...v2.43.0

v2.42.0: Error Prone 2.42.0

New checks:

• ExplicitArrayForVarargs: discourage unnecessary explicit construction of an array to provide varargs.
• FloggerPerWithoutRateLimit: discourage Flogger's perUnique without rate limiting
• StringJoin: Ban String.join(CharSequence) and String.join(CharSequence, CharSequence)
• ThreadBuilderNameWithPlaceholder: Do not allow placeholders in Thread.Builder.name(String) or name(String, int).

Changes:

• The return type of ASTHelpers.asFlagSet has changed. The previous type was EnumSet<Flags.Flag>, where Flags.Flag is an enum in the javac class Flags. A recent JDK change has replaced that enum with a new top-level enum called FlagsEnum. It is not possible to change ASTHelpers.asFlagSet in a way that would be type-safe and compatible with the enums from JDKs both before and after the change. Instead, the method now returns ImmutableSet<String>, where the strings come from the toString() of the enum constants. That means they are "native", "abstract", etc.
• Flag IO.print[ln]() in SystemOut.

Full changelog: google/error-prone@v2.41.0...v2.42.0

v2.41.0: Error Prone 2.41.0

New checks:

• EffectivelyPrivate: Detect declarations that have public or protected modifiers, but are effectively private

Changes:

• Skip BooleanLiteral findings if the target type is boxed (#​5134)

Full changelog: google/error-prone@v2.40.0...v2.41.0

v2.40.0: Error Prone 2.40.0

Changes:

• Bug fixes and improvements
• Releases (including snapshots) have migrated from OSSRH to the Central Publisher Portal

Full changelog: google/error-prone@v2.39.0...v2.40.0

v2.39.0: Error Prone 2.39.0

Changes:

• Temporarily downgrade to Guava 33.4.0 (#​5108)

Checks:

• BooleanLiteral: Prefer true to Boolean.TRUE
• ExpensiveLenientFormatString: Renamed from PreconditionsExpensiveString, detects unnecessary calls to String.format in the arguments of lenient formatting methods.
• UnnecessaryQualifier: Detects @Qualifier or @BindingAnnotation annotations that have no effect, and can be removed

Issues: #​4996, #​5045

Full changelog: google/error-prone@v2.38.0...v2.39.0

jqno/equalsverifier (nl.jqno.equalsverifier:equalsverifier)

v3.19.4

Fixed

• Suppressing Warning.IDENTICAL_COPY_FOR_VERSIONED_ENTITY doesn't work for a versioned entity class when equals is defined in an entity parent class.

v3.19.3

Fixed

• StackOverflowError when a field has type with a generic type bound that recurses into itself with a wildcard: interface X<T extends X<?>>. (Issue 1062)

v3.19.2

Fixed

• Exception when superclass of class under test has field with the same name but different type. (Issue 1056)
• Bug in withPrefabValueForField where fields in the superclass of the class under test is ignored.

v3.19.1

Added

• Prefab value for java.util.concurrent.locks.ReentrantLock. (Issue 981)

Fixed

• Bug in withPrefabValueForField where in some cases the prefab value is not used.

v3.19

Fixed

• Suppressing Warning.IDENTICAL_COPY_FOR_VERSIONED_ENTITY doesn't work for a versioned entity class when equals is defined in an entity parent class.

v3.18.2

Fixed

• Gives readable error message when trying to use forPackage() on third-party dependency package, instead of a NullPointerException. (Issue 1040)

v3.18.1

Added

• Improved Kotlin support. (Issue 506)

v3.18

Fixed

• Gives readable error message when trying to use forPackage() on third-party dependency package, instead of a NullPointerException. (Issue 1040)

apache/plc4x (org.apache.plc4x:plc4j-transport-raw-socket)

v0.13.1: Apache PLC4X 0.13.1

New Features

• Extended the PlcRawByteArray to provide access to a List of
  USINT objects.

Incompatible changes

Bug Fixes

• When reading an array of bits, the old s7 driver seems to hang.
• The s7 driver causes issues when writing arrays of bits.
• The block optimizer used in s7-light causes errors, if a tag
  references the same byte multiple times.
• When using the new block-optimizer in the s7-light driver,
  when reading multiple BOOL values located in the same byte
  produces errors

v0.13.0: Apache PLC4X 0.13.0

New Features

• The CachedPlcConnectionManager now has a maxIdleTimeout time
  which defaults to 5 minutes. If a connection is not being
  used for that amount of time, the connection is closed and
  removed from the cache.
• The CachedPlcConnectionManager now has a close method, which
  shuts down all connections.
• The CachedPlcConnection now implements the EventPlcConnection
  interface which forwards listener registrations to the
  connection.
• The S7 driver is now able to automatically split up large
  array requests into multiple ones and transparently merge
  them back together. It is now possible to read arrays of
  almost unlimited size.
• Added an Optimizer to the Modbus driver, that improves read
  performance of multi-item read requests by more than 10 times.
• Added an optimizer to the Modbus protocol, that allows reading
  multiple fields in one request.
• Added support for Modbus encodings of BIG_ENDIAN_WORD_SWAP
  and LITTLE_ENDIAN_WORD_SWAP.
• Modbus tags allow specifying the unit-id in order to address
  multiple devices using one serial modbus connection.
• Added a new optimizer to the S7 protocol, that ready chunks
  of data instead of individual fields, which allows reading
  a lot more fields in one request.
• Added a new variant of the S7 driver, called s7-light, which
  doesn't have support for subscriptions, but is less likely
  to cause connection problems.
• Added auto-discovery to the KNX Driver in PLC4J.
• Added auto-discovery to EIP in PLC4J.
• Added auto-discovery to S7 in PLC4J.
• Improved some things in the SPI, that caused issues with
  drivers under heavy load.
• The Modbus driver uses the "Single Register Request" if a
  tag fits into one register. This can help communicating with
  devices that don't support "Multi Register Requests".

Incompatible changes

• When reading byte arrays with the s7 driver, now the more
  efficient PlcRawByteArray type is used, that gives users
  direct access to the bytes returned from the PLC instead of
  a list of PlcValues.
• The builders for read-, write- ans subscription.requests now
  process tags and values on a per-field level. If one field
  has an invalid address it will now only fail the one item
  related to that. Same applies to values. Only the tag who's
  value was invalid will be considered failed and no longer an
  exception should be thrown.
• Subscription-requests now allow registering a handler for
  all fields in the subscription.
• The addPreRegisteredConsumer method was removed and versions
  of the "addXYZ" methods were added, that allow providing
  individual consumers for each tag.

Bug Fixes

v0.12.0: Apache PLC4X 0.12.0

New Features

• API: Made several bits of information available via the API
  allowing tools to provide more content assist when dealing
  with PLC4X connections.
• S7: The S7 driver now supports reading of STRING and
  WSTRING data-types without providing a maximum length.
• Build: Worked on making PLC4X provide reproducible builds.
• Added "Ping" functionality to: ADS, EIP, KNX, Mock, Modbus
  and Simulated drivers.
• The OPC-UA Java driver now support certificate-based
  authentication and encryption.

Incompatible changes

• Java 8 is no longer officially supported and Java 11 is the
  new base-line.
• Renamed the PlcDriverManager method listDrivers to
  getProtocolCodes
• Renamed the PlcDriverMetadata method canDiscover to
  isDiscoverySupported
• Renamed the PlcConnectionMetadata methods canRead, canWrite
canSubscribe and canBrowse to isReadSupported,
  isWriteSupported, isSubscribeSupported and isBrowseSupported
• The configuration syntax for configuring transport-related
  config options in the connection-string was updated to be
  now prefixed with the transport name the option belongs to.

Bug Fixes

• S7: Several bugs and issues regarding supporting various
  duration, date and time data-types.
• S7: Implemented the missing 64bit (L-) types.
• KNX: Fixed an issue with decoding 16 bit floating point
  numbers.
• NiFi-Integration: The NiFi integration module was greatly
  improved.
• Core: Fixed several leaks of open threads.

---

Configuration

📅 Schedule: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.