Bump the gradle-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the gradle-dependencies group with 8 updates in the / directory:

Package	From	To
commons-io:commons-io	2.19.0	2.20.0
com.squareup.okio:okio	3.11.0	3.16.0
org.junit.jupiter:junit-jupiter	5.12.2	5.13.4
org.codehaus.groovy:groovy-json	3.0.24	3.0.25
com.networknt:json-schema-validator	1.5.6	1.5.8
org.jetbrains:annotations	26.0.2	26.0.2-1
com.google.code.gson:gson	2.13.0	2.13.1
com.gradle.plugin-publish	1.3.1	2.0.0

Updates commons-io:commons-io from 2.19.0 to 2.20.0

Changelog

Sourced from commons-io:commons-io's changelog.

Apache Commons IO 2.20.0 Release Notes

The Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.20.0.

Introduction

The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

Version 2.19.1: Java 8 or later is required.

New features

o IO-875: Add org.apache.commons.io.file.CountingPathVisitor.accept(Path, BasicFileAttributes) #743. Thanks to Pierre Baumard, Gary Gregory. o Add org.apache.commons.io.Charsets.isAlias(Charset, String). Thanks to Gary Gregory. o Add org.apache.commons.io.Charsets.isUTF8(Charset). Thanks to Gary Gregory. o Add org.apache.commons.io.Charsets.toCharsetDefault(String, Charset). Thanks to Gary Gregory. o IO-279: Add Tailer ignoreTouch option #757. Thanks to Joerg Budischewski, Gary Gregory.

Fixed Bugs

o [javadoc] Rename parameter of ProxyOutputStream.write(int) #740. Thanks to Jesse Glick. o IO-875: CopyDirectoryVisitor ignores fileFilter #743. Thanks to Pierre Baumard, Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.AbstractRandomAccessFileOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.ByeArrayOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.InputStreamOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.getWriter(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.AbstractRandomAccessFileOrigin.getWriter(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.OutputStreamOrigin.getWriter(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o FileUtils.readLines(File, Charset) now maps a null Charset to the default Charset #744. Thanks to Ryan Kurtz, Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashCr" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.WindowsLineEndingInputStream, org.apache.commons.io.input.WindowsLineEndingInputStream] At WindowsLineEndingInputStream.java:[line 77]Another occurrence at WindowsLineEndingInputStream.java:[line 81] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashCr" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.WindowsLineEndingInputStream] At WindowsLineEndingInputStream.java:[line 112] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashLf" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.WindowsLineEndingInputStream] At WindowsLineEndingInputStream.java:[line 113] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashLf" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 75] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atEos" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 120] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashCr" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 124] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashLf" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 125] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "closed" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.ProxyInputStream] At ProxyInputStream.java:[line 233] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "propagateClose" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.BoundedInputStream] At BoundedInputStream.java:[line 555] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o QueueInputStream reads all but the first byte without waiting. #748. Thanks to maxxedev, Piotr P. Karwasz, Gary Gregory. o Javadoc fixes and improvements. Thanks to Gary Gregory. o Avoid NPE in org.apache.commons.io.filefilter.WildcardFilter.accept(File). Thanks to Gary Gregory. o IO-874: FileUtils.forceDelete can delete a broken symlink again #756. Thanks to Andy Russell, Joerg Budischewski. o Fix infinite loop in AbstractByteArrayOutputStream. #758. Thanks to Alex Benusovich.

... (truncated)

Commits

• c224bce Prepare for the release candidate 2.20.0 RC1
• 8981a5c Remove workaround for
• 4ef481f Prepare for the next release candidate
• d23228f Merge branch 'master' of https://github.com/apache/commons-io.git
• 5d2737f Add @​SuppressWarnings
• e5c80d6 Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 #761
• 2017ac0 Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#761)
• 07ce798 Javadoc
• a828efa Add ciManagement element to POM
• 46bd1c2 Javadoc
• Additional commits viewable in compare view

Updates com.squareup.okio:okio from 3.11.0 to 3.16.0

Changelog

Sourced from com.squareup.okio:okio's changelog.

Version 3.16.0

2025-07-29

• Fix: Change Socket.asOkioSocket() to resolve its source InputStream and OutputStream eagerly. This will throw a SocketException immediately if the socket isn’t connected. This behavior is consistent with our similar APIs, Socket.source() and Socket.sink().

• Fix: Optimize AsyncTimeout on systems with a very large number of active timeouts. This class originally kept active timeouts in a linked list; with this update the internal data structure is a binary heap. The old runtime was 𝑂(𝑛²) to activate 𝑛 timeouts; with this optimization the runtime is 𝑂(𝑛 log 𝑛).

• Upgrade: [Kotlin 2.2.0][kotlin_2_2_0].

Version 3.15.0

2025-07-01

• Upgrade: [kotlinx-datetime 0.7.0-0.6.x-compat][datetime_0_7_0_compat]. The previous 3.14.0 release, FakeFileSystem broke binary-compatibility for calls to FakeFileSystem(). This restores that compatibility.

• Breaking: Change FakeFileSystem.clock from a JVM field to a property. This avoids a crash running Okio in a Gradle 8.x plugin. This change is not binary-compatible.

Version 3.14.0

2025-06-28

• Upgrade: [kotlinx-datetime 0.7.0][datetime_0_7_0]. This impacts the okio-fakefilesystem artifact only. This is a binary-incompatible backwards-incompatible change that cannot co-exist with previous releases of okio-fakefilesystem! If you observe a NoSuchMethodError calling FakeFileSystem.init, update the calling code to this release (or newer) and recompile. We don't like imposing backwards-incompatible changes like this on you and do so regretfully.

Version 3.13.0

2025-06-13

• New: okio.Socket interface. This is a first step towards low-level streaming networking support for Kotlin/Multiplatform. This release provides two JVM-only implementations: asOkioSocket() adapts a java.net.Socket to our new interface, and inMemorySocketPair() returns a pair of mutually-connected sockets. We also anticipate that this interface will be a useful abstraction for proxies and tunnels.
• New: In-development snapshots are now published to the [Central Portal Snapshots repository].

... (truncated)

Commits

• 8259b1d Prepare for release 3.16.0.
• a0d0c5e Upgrade to Kotlin 2.2.0 (#1670)
• 9e25e03 Get Socket.inputStream and outputStream eagerly (#1669)
• 0e48b0d Add heap implementation for AsyncTimeout (#1658)
• d9e59b6 Update dependency com.diffplug.spotless:spotless-plugin-gradle to v7.2.1 (#1667)
• 0cccd61 Update dependency com.diffplug.spotless:spotless-plugin-gradle to v7.2.0 (#1665)
• 5355bcc Update dependency com.vanniktech:gradle-maven-publish-plugin to v0.34.0 (#1659)
• 4e88847 Update dependency com.google.jimfs:jimfs to v1.3.1 (#1657)
• 7edbfd3 Update dependency com.android.tools.build:gradle to v8.11.1 (#1655)
• a96af6f Update dependency org.jetbrains.kotlinx.binary-compatibility-validator:org.je...
• Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 5.12.2 to 5.13.4

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.13.4 = Platform 1.13.4 + Jupiter 5.13.4 + Vintage 5.13.4

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.3...r5.13.4

JUnit 5.13.3 = Platform 1.13.3 + Jupiter 5.13.3 + Vintage 5.13.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.2...r5.13.3

JUnit 5.13.2 = Platform 1.13.2 + Jupiter 5.13.2 + Vintage 5.13.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.1...r5.13.2

JUnit 5.13.1 = Platform 1.13.1 + Jupiter 5.13.1 + Vintage 5.13.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0...r5.13.1

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336
• @​hanszt made their first contribution in junit-team/junit5#3377
• @​ngocnhan-tran1996 made their first contribution in junit-team/junit5#4545

Full Changelog: junit-team/junit-framework@r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

• @​hanszt made their first contribution in junit-team/junit5#3377

Full Changelog: junit-team/junit-framework@r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M2...r5.13.0-M3

... (truncated)

Commits

• 8a21048 Release 5.13.4
• 9a38789 Finalize 5.13.4 release notes
• 458325c Log only once per implementation type for CloseableResource types
• 976a110 Protect against potential problems when converting file-based selectors
• e94f728 Allow default package for PackageSource
• b60fecf Fail on classpath resource names that are blank after removing leading /
• 6378c88 Remove java.* packages from Import-Package headers in all jars (#4738)
• 1a360f3 Create initial 5.13.4 release notes from template
• 806fc9a Document #4689 in release notes
• 1653839 Document #4686 in release notes
• Additional commits viewable in compare view

Updates org.codehaus.groovy:groovy-json from 3.0.24 to 3.0.25

Commits

• See full diff in compare view

Updates com.networknt:json-schema-validator from 1.5.6 to 1.5.8

Release notes

Sourced from com.networknt:json-schema-validator's releases.

1.5.8- 2025-06-27

Added

Changed

• upgrade maven-gpg to 3.2.7
• Fix walk with validate when node is null (#1169) Thanks @​justin-tay
• add central-publishing-maven-plugin

1.5.7- 2025-05-23

Added

Changed

• upgrade nexus-staging version
• Fix OverrideValidatorTest (#1159) Thanks @​justin-tay
• update slf4j to 2.0.17
• update jackson to 2.18.3

Upgrade Guide

This release updates the dependencies only. There is no functional change; however, we have changed the publishing plugin with central-publishing-maven-plugin, so we need you to verify the release. Also, I have built the jar with Java 21 but the target is still Java 8. Let us know if anyone encounters any issues. Thanks.

Changelog

Sourced from com.networknt:json-schema-validator's changelog.

Change Log

All notable changes to this project will be documented in this file.

This format is based on Keep a Changelog.

This project does not adhere to Semantic Versioning and minor version changes can have incompatible API changes. These incompatible API changes will largely affect those who have custom validator or walker implementations. Those who just use the library to validate using the standard JSON Schema Draft specifications may not need changes.

[Unreleased]

Added

Changed

1.5.8- 2025-06-27

Added

Changed

• upgrade maven-gpg to 3.2.7
• Fix walk with validate when node is null (#1169) Thanks @​justin-tay
• add central-publishing-maven-plugin

1.5.7- 2025-05-23

Added

Changed

• upgrade nexus-staging verison
• Fix OverrideValidatorTest (#1159) Thanks @​justin-tay
• update slf4j to 2.0.17
• update jackson to 2.18.3

1.5.6- 2025-02-19

Added

Changed

• Set requires static for optional and excludable dependencies (#1155) Thanks @​justin-tay
• Fix NPE when walking a missing node that will have missing properties (#1152) Thanks @​justin-tay
• Fix relative iris with colons (#1147) Thanks @​justin-tay
• Fix explicit disabling of format assertions (#1145) Thanks @​justin-tay

1.5.5 - 2025-01-14

Added

... (truncated)

Commits

• d46d11c upgrade to 1.5.8 and update changelog
• a3c0dac upgrade maven-gpg to 3.2.7
• ffe4ca0 Fix walk with validate when node is null (#1169)
• 2cd2baa add central-publishing-maven-plugin
• 2c27114 upgrade to 1.5.7 and update changelog
• 94594f0 Merge branch 'master' of github.com:networknt/json-schema-validator
• f15c17d upgrade nexus-staging verison
• 7357417 Fix OverrideValidatorTest (#1159)
• 4ba8ecf update slf4j to 2.0.17
• 45b81ec update jackson to 2.18.3
• See full diff in compare view

Updates org.jetbrains:annotations from 26.0.2 to 26.0.2-1

Release notes

Sourced from org.jetbrains:annotations's releases.

26.0.2-1

A technical release to employ new Maven publishing machinery

Changelog

Sourced from org.jetbrains:annotations's changelog.

Version 26.0.2-1

• A technical release using the new Sonatype publication mechanism, see https://central.sonatype.org/publish/publish-portal-guide/

Commits

• 20ff2b3 Merge pull request #130 from DmPanov/dmpanov/allworknoplay
• 21116cc the version is bumped to 26.0.2-1 to test the Maven Central publication
• b44ce8d Maven Central artifacts task
• 5fb050c legacy Sonatype publishing removed
• 2a28eab Merge pull request #120 from JojOatXGME/override-only-static
• dd44b5b OverrideOnly: Update documentation to exclude static methods
• See full diff in compare view

Updates com.google.code.gson:gson from 2.13.0 to 2.13.1

Release notes

Sourced from com.google.code.gson:gson's releases.

Gson 2.13.1

What's Changed

• Give FieldNamingStrategy the ability to return multiple String names by @​mfriesen in google/gson#2776
• Remove outdated android-proguard-example by @​Goooler in google/gson#2843
• Adjust Troubleshooting Guide ProGuard / R8 section by @​Marcono1234 in google/gson#2844
• Update dependencies, including the problematic com.google.errorprone:error_prone_annotations:2.37.0.

New Contributors

• @​mfriesen made their first contribution in google/gson#2776
• @​Goooler made their first contribution in google/gson#2843

Full Changelog: google/gson@gson-parent-2.13.0...gson-parent-2.13.1

Commits

• 257bee9 [maven-release-plugin] prepare release gson-parent-2.13.1
• 63d74b3 Bump the maven group with 5 updates (#2851)
• 810e356 Add shrinker test for interface implementation being deserialized (#2845)
• 00ae397 Adjust Troubleshooting Guide ProGuard / R8 section (#2844)
• 0eec6f3 Remove outdated android-proguard-example (#2843)
• 4e65e6a Give FieldNamingStrategy the ability to return multiple String names (#2776)
• 6010131 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.gradle.plugin-publish from 1.3.1 to 2.0.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.