Bump net.sf.jasperreports:jasperreports from 6.12.2 to 7.0.4

[dependabot]

Bumps net.sf.jasperreports:jasperreports from 6.12.2 to 7.0.4.

Release notes

Sourced from net.sf.jasperreports:jasperreports's releases.

JasperReports 7.0.4

• add deserialization class filter to fix the CVE-2025-10492 security vulnerability;

• new net.sf.jasperreports.export.docx.size.page.to.content export configuration property added to support variable DOCX page size;

• minor bug fixes and improvements;

JasperReports 7.0.3

• minor bug fixes and improvements;

JasperReports 7.0.2

• added support for horizontalPosition and shrinkWidth properties to table component and weight property to table columns to better control table resize behavior when table columns are hidden or resized.

• removed the Google Maps component, the Chrome server side rendering of Javascript visualizations extension, the interactivity extension as well as the PL/SQL and Oracle stored procedure query executer;

• various dependencies upgrades including: Apache Batik 1.18, Apache POI 5.3.0 and Spring 6.2.3;

• minor bug fixes and improvements;

JasperReports 7.0.1

• added automatic module names to manifest files and fixed split packages issues in preparation for Java 9 modules compliance;

• minor bug fixes and improvements;

JasperReports 7.0.0

• removal of the Ant build system and replacing it with a Maven build system;

• deprecated code removed;

• breaking backward compatibility of serialized/compiled *.jasper report template files, mostly because of historical deprecated serialization code removal/cleanup mentioned above (source *.jrxml report templates need to be recompiled to *.jasper using the new version of the library);

• breaking backward compatibility of source *.jrxml report template files and *.jrtx style template files by replacing the Apache Commons Digester based parsers with Jackson XML object serialization. *.jrxml and *.jrtx files created with version 6 or older can no longer be loaded with version 7 or newer of the library alone. The conversion from the old file formats to the new file formats and back can be made using Jaspersoft Studio 7 and later versions of it;

• extracting various optional extension JAR artifacts from the the core library JAR artifact to allow the Jakarta Migration of certain of these optional features while also introducing better third party Maven dependency management of these artifacts;

• some Java package names have changed as a consequence of separating functionality into optional JAR artifacts;

... (truncated)

Changelog

Sourced from net.sf.jasperreports:jasperreports's changelog.

JasperReports 7.0.4 (2025-11-03)

• add deserialization class filter to fix the CVE-2025-10492 security vulnerability;

• new net.sf.jasperreports.export.docx.size.page.to.content export configuration property added to support variable DOCX page size;

• minor bug fixes and improvements;

JasperReports 7.0.3 (2025-05-02)

• minor bug fixes and improvements;

JasperReports 7.0.2 (2025-03-10)

• added support for horizontalPosition and shrinkWidth properties to table component and weight property to table columns to better control table resize behavior when table columns are hidden or resized.

• removed the Google Maps component, the Chrome server side rendering of Javascript visualizations extension, the interactivity extension as well as the PL/SQL and Oracle stored procedure query executer;

• various dependencies upgrades including: Apache Batik 1.18, Apache POI 5.3.0 and Spring 6.2.3;

• minor bug fixes and improvements;

JasperReports 7.0.1 (2024-09-30)

• added automatic module names to manifest files and fixed split packages issues in preparation for Java 9 modules compliance;

• minor bug fixes and improvements;

... (truncated)

Commits

• 2b24e9a version update
• baf2cd3 changes.txt update
• f00cb93 eula update
• 83c7f99 version update
• fa6baaa Merge branch 'develop'
• 3d0d3ac Merge branch 'develop-JRL-2054' into develop
• bb61b7b add ossindex flag
• dbf4add fix docx empty page issue after size content to page changes
• 2009271 Merge branch 'develop' into develop-JRL-2054
• 3541a3e add more classes to deserialization whitelist
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.