Bump the all-maven-dependencies group across 2 directories with 3 updates

[dependabot]

Bumps the all-maven-dependencies group with 3 updates in the / directory: com.sap.cloud.security:java-bom, org.apache.maven.plugins:maven-compiler-plugin and com.diffplug.spotless:spotless-maven-plugin.
Bumps the all-maven-dependencies group with 3 updates in the /srv directory: com.sap.cloud.security:java-bom, org.apache.maven.plugins:maven-compiler-plugin and com.diffplug.spotless:spotless-maven-plugin.

Updates com.sap.cloud.security:java-bom from 3.6.5 to 3.6.6

Release notes

Sourced from com.sap.cloud.security:java-bom's releases.

3.6.6

• added Token Exchange support to Security Library for ID Token exchange and XSUAA Token exchange

Dependency upgrades

• Update Spring dependencies (#1907)
• Bump the prod-deps-ver group with 9 updates (#1902)
• Bump the dev-deps group with 3 updates (#1901)
• Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• Configure Dependabot with dependency groups (#1900)
• Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• Bump org.json:json from 20250517 to 20251224 (#1898)
• Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 (#1873)
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 (#1874)
• Bump reactor.version from 3.7.11 to 3.7.12 (#1875)
• Bump spring.core.version from 6.2.11 to 6.2.12 (#1878)
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1 (#1880)
• Bump com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8 (#1881)
• Bump spring.security.version from 6.5.5 to 6.5.6 (#1882)
• Bump spring.security.oauth2.version from 6.5.5 to 6.5.6 (#1883)
• Bump ch.qos.logback:logback-core from 1.5.13 to 1.5.19 in /token-client (#1884)

Changelog

Sourced from com.sap.cloud.security:java-bom's changelog.

3.6.6

• added Token Exchange support to Security Library for ID Token exchange and XSUAA Token exchange

Dependency upgrades

• Update Spring dependencies (#1907)
• Bump the prod-deps-ver group with 9 updates (#1902)
• Bump the dev-deps group with 3 updates (#1901)
• Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• Configure Dependabot with dependency groups (#1900)
• Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• Bump org.json:json from 20250517 to 20251224 (#1898)
• Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 (#1873)
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 (#1874)
• Bump reactor.version from 3.7.11 to 3.7.12 (#1875)
• Bump spring.core.version from 6.2.11 to 6.2.12 (#1878)
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1 (#1880)
• Bump com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8 (#1881)
• Bump spring.security.version from 6.5.5 to 6.5.6 (#1882)
• Bump spring.security.oauth2.version from 6.5.5 to 6.5.6 (#1883)
• Bump ch.qos.logback:logback-core from 1.5.13 to 1.5.19 in /token-client (#1884)

Commits

• 699d25f Release 3.6.6 (#1908)
• 033870b Update Spring dependencies (#1907)
• b69f9f9 Bump the prod-deps-ver group with 9 updates (#1902)
• c6c6cbb Bump the dev-deps group with 3 updates (#1901)
• 3ffaebc Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• d791dbf Configure Dependabot with dependency groups (#1900)
• e051197 Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• 3ae6036 Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• 1723785 Bump org.json:json from 20250517 to 20251224 (#1898)
• 2aa234a Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.15.0

🐛 Bug Fixes

• Fix Java 25 compatibility during integration tests (#1020) @​desruisseaux
• [MCOMPILER-540] - useIncrementalCompilation=false may add generated sources to the sources list (#192) @​mensinda

👻 Maintenance

• Bump org.apache.maven.plugins:maven-plugins from 45 to 46 (#1015) @​slachiewicz
• Remove declaration of "plexus-snapshots" repository (#1010) @​desruisseaux
• Works only with Maven 4.0.0 rc4 (#996) @​slachiewicz
• Enable Java 25 and Maven 4 in CI (#975) @​slachiewicz

📦 Dependency updates

• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#1016) @dependabot[bot]
• Bump plexusCompilerVersion from 2.16.1 to 2.16.2 (#1021) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 46 to 47 (#1019) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2 (#1008) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.9 to 9.9.1 (#1005) @dependabot[bot]
• Bump mavenVersion from 3.9.11 to 3.9.12 (#1007) @dependabot[bot]
• Bump maven-plugin-testing-harness to 3.4.0 (#1001) @​slawekjaranowski
• Bump plexusCompilerVersion from 2.16.0 to 2.16.1 (#999) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.5.0 to 1.5.1 (#993) @dependabot[bot]
• Bump plexusCompilerVersion from 2.15.0 to 2.16.0 (#992) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.8 to 9.9 (#981) @dependabot[bot]

Commits

• 9290cb3 [maven-release-plugin] prepare release maven-compiler-plugin-3.15.0
• 3657d40 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
• 7bbf805 Bump plexusCompilerVersion from 2.16.1 to 2.16.2
• 57fa938 Bump org.apache.maven.plugins:maven-plugins from 46 to 47
• 385e3f2 Fix Java 25 compatibility during integration tests (#1020)
• 6b34423 Bump org.apache.maven.plugins:maven-plugins from 45 to 46
• aaeb9c6 [MCOMPILER-540] useIncrementalCompilation=false may add generated sources to ...
• 6e3db9d Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2
• 0fe9b84 Remove declaration of "plexus-snapshots" repository (#1010)
• 35f6800 Bump org.ow2.asm:asm from 9.9 to 9.9.1
• Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 3.2.0 to 3.2.1

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.2.1

Fixed

• removeSemicolons() should not be applied to multiline strings in groovy #2780 (#2792)

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

spotless-lib and spotless-lib-extra releases

If you are a Spotless user (as opposed to developer), then you are probably looking for:

• https://github.com/diffplug/spotless/blob/main/plugin-gradle/CHANGES.md
• https://github.com/diffplug/spotless/blob/main/plugin-maven/CHANGES.md

This document is intended for Spotless developers.

We adhere to the keepachangelog format (starting after version 1.27.0).

[Unreleased]

[4.3.0] - 2026-01-27

Added

• Add P2Provisioner interface in lib-extra to enable build-tool-specific caching strategies for Eclipse P2 dependencies, fixing OutOfMemoryError in large multi-project builds. (#2788)

Fixed

• removeSemicolons() should not be applied to multiline strings in groovy #2780 (#2792)

[4.2.0] - 2026-01-22

Added

• Add a expandWildcardImports API for java (#2679)
• Add the ability to specify a wildcard version (*) for external formatter executables. (#2757)

Fixed

• Prevent race conditions when multiple npm-based formatters launch the server process simultaneously while sharing the same node_modules directory. (#2786)
• Git ratchet no longer throws an error with Git worktrees. (#2779)

Changes

• Bump default ktfmt version to latest 0.59 -> 0.61. (2804)
• Bump default ktlint version to latest 1.7.1 -> 1.8.0. (2763)
• Bump default gherkin-utils version to latest 9.2.0 -> 10.0.0. (#2619)

[4.1.0] - 2025-11-18

Changes

• Bump default ktfmt version to latest 0.58 -> 0.59. (#2681
• Bump default jackson version to latest 2.20.0 -> 2.20.1. (#2730)
• Bump default cleanthat version to latest 2.23 -> 2.24. (#2620)
• POTENTIALLY BREAKING Removed support for ktlint versions below 1.0. (#2711)

Fixed

• palantirJavaFormat is no longer arbitrarily set to outdated versions on Java 17, latest available version is always used (#2686 fixes #2685)

Added

• Add a forbidModuleImports API for java (#2679)
• new options to customize Flexmark, e.g. to allow YAML front matter (#2616)

[4.0.0] - 2025-09-24

Changes

• BREAKING Bump the required Java to 17. (#2375, #2540)
• BREAKING Renamed RemoveWildcardImportsStep to ForbidWildcardImportsStep. (#2633)
• Bump JGit from 6.10.1 to 7.3.0 (#2257)
  • Adds support for worktrees (fixes #1765)

... (truncated)

Commits

• d0f4c3d Published maven/3.2.1
• 2b7f9de Published gradle/8.2.1
• 78e26e9 Published lib/4.3.0
• 33692c2 [fix] removeSemicolons() should not be applied to multiline strings in groo...
• 90628d8 Update changelog.
• 61864a2 Merge branch 'main' into fix-removeSemicolons
• 4864bc8 Fix Gradle Cache performance issue by supporting cached P2 provisionning via ...
• 075895c docs: Mention P2 caching for gradle plugin caching
• 57214bf feat: Supports P2 in predeclare
• 8aee8ac chore: Adds a GradleProvisioner test
• Additional commits viewable in compare view

Updates com.sap.cloud.security:java-bom from 3.6.5 to 3.6.6

Release notes

Sourced from com.sap.cloud.security:java-bom's releases.

3.6.6

• added Token Exchange support to Security Library for ID Token exchange and XSUAA Token exchange

Dependency upgrades

• Update Spring dependencies (#1907)
• Bump the prod-deps-ver group with 9 updates (#1902)
• Bump the dev-deps group with 3 updates (#1901)
• Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• Configure Dependabot with dependency groups (#1900)
• Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• Bump org.json:json from 20250517 to 20251224 (#1898)
• Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 (#1873)
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 (#1874)
• Bump reactor.version from 3.7.11 to 3.7.12 (#1875)
• Bump spring.core.version from 6.2.11 to 6.2.12 (#1878)
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1 (#1880)
• Bump com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8 (#1881)
• Bump spring.security.version from 6.5.5 to 6.5.6 (#1882)
• Bump spring.security.oauth2.version from 6.5.5 to 6.5.6 (#1883)
• Bump ch.qos.logback:logback-core from 1.5.13 to 1.5.19 in /token-client (#1884)

Changelog

Sourced from com.sap.cloud.security:java-bom's changelog.

3.6.6

• added Token Exchange support to Security Library for ID Token exchange and XSUAA Token exchange

Dependency upgrades

• Update Spring dependencies (#1907)
• Bump the prod-deps-ver group with 9 updates (#1902)
• Bump the dev-deps group with 3 updates (#1901)
• Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• Configure Dependabot with dependency groups (#1900)
• Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• Bump org.json:json from 20250517 to 20251224 (#1898)
• Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 (#1873)
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 (#1874)
• Bump reactor.version from 3.7.11 to 3.7.12 (#1875)
• Bump spring.core.version from 6.2.11 to 6.2.12 (#1878)
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1 (#1880)
• Bump com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8 (#1881)
• Bump spring.security.version from 6.5.5 to 6.5.6 (#1882)
• Bump spring.security.oauth2.version from 6.5.5 to 6.5.6 (#1883)
• Bump ch.qos.logback:logback-core from 1.5.13 to 1.5.19 in /token-client (#1884)

Commits

• 699d25f Release 3.6.6 (#1908)
• 033870b Update Spring dependencies (#1907)
• b69f9f9 Bump the prod-deps-ver group with 9 updates (#1902)
• c6c6cbb Bump the dev-deps group with 3 updates (#1901)
• 3ffaebc Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• d791dbf Configure Dependabot with dependency groups (#1900)
• e051197 Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• 3ae6036 Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• 1723785 Bump org.json:json from 20250517 to 20251224 (#1898)
• 2aa234a Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.15.0

🐛 Bug Fixes

• Fix Java 25 compatibility during integration tests (#1020) @​desruisseaux
• [MCOMPILER-540] - useIncrementalCompilation=false may add generated sources to the sources list (#192) @​mensinda

👻 Maintenance

• Bump org.apache.maven.plugins:maven-plugins from 45 to 46 (#1015) @​slachiewicz
• Remove declaration of "plexus-snapshots" repository (#1010) @​desruisseaux
• Works only with Maven 4.0.0 rc4 (#996) @​slachiewicz
• Enable Java 25 and Maven 4 in CI (#975) @​slachiewicz

📦 Dependency updates

• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#1016) @dependabot[bot]
• Bump plexusCompilerVersion from 2.16.1 to 2.16.2 (#1021) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 46 to 47 (#1019) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2 (#1008) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.9 to 9.9.1 (#1005) @dependabot[bot]
• Bump mavenVersion from 3.9.11 to 3.9.12 (#1007) @dependabot[bot]
• Bump maven-plugin-testing-harness to 3.4.0 (#1001) @​slawekjaranowski
• Bump plexusCompilerVersion from 2.16.0 to 2.16.1 (#999) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.5.0 to 1.5.1 (#993) @dependabot[bot]
• Bump plexusCompilerVersion from 2.15.0 to 2.16.0 (#992) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.8 to 9.9 (#981) @dependabot[bot]

Commits

• 9290cb3 [maven-release-plugin] prepare release maven-compiler-plugin-3.15.0
• 3657d40 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
• 7bbf805 Bump plexusCompilerVersion from 2.16.1 to 2.16.2
• 57fa938 Bump org.apache.maven.plugins:maven-plugins from 46 to 47
• 385e3f2 Fix Java 25 compatibility during integration tests (#1020)
• 6b34423 Bump org.apache.maven.plugins:maven-plugins from 45 to 46
• aaeb9c6 [MCOMPILER-540] useIncrementalCompilation=false may add generated sources to ...
• 6e3db9d Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2
• 0fe9b84 Remove declaration of "plexus-snapshots" repository (#1010)
• 35f6800 Bump org.ow2.asm:asm from 9.9 to 9.9.1
• Additional commits viewable in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 3.2.0 to 3.2.1

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.2.1

Fixed

• removeSemicolons() should not be applied to multiline strings in groovy #2780 (#2792)

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

spotless-lib and spotless-lib-extra releases

If you are a Spotless user (as opposed to developer), then you are probably looking for:

• https://github.com/diffplug/spotless/blob/main/plugin-gradle/CHANGES.md
• https://github.com/diffplug/spotless/blob/main/plugin-maven/CHANGES.md

This document is intended for Spotless developers.

We adhere to the keepachangelog format (starting after version 1.27.0).

[Unreleased]

[4.3.0] - 2026-01-27

Added

• Add P2Provisioner interface in lib-extra to enable build-tool-specific caching strategies for Eclipse P2 dependencies, fixing OutOfMemoryError in large multi-project builds. (#2788)

Fixed

• removeSemicolons() should not be applied to multiline strings in groovy #2780 (#2792)

[4.2.0] - 2026-01-22

Added

• Add a expandWildcardImports API for java (#2679)
• Add the ability to specify a wildcard version (*) for external formatter executables. (#2757)

Fixed

• Prevent race conditions when multiple npm-based formatters launch the server process simultaneously while sharing the same node_modules directory. (#2786)
• Git ratchet no longer throws an error with Git worktrees. (#2779)

Changes

• Bump default ktfmt version to latest 0.59 -> 0.61. (2804)
• Bump default ktlint version to latest 1.7.1 -> 1.8.0. (2763)
• Bump default gherkin-utils version to latest 9.2.0 -> 10.0.0. (#2619)

[4.1.0] - 2025-11-18

Changes

• Bump default ktfmt version to latest 0.58 -> 0.59. (#2681
• Bump default jackson version to latest 2.20.0 -> 2.20.1. (#2730)
• Bump default cleanthat version to latest 2.23 -> 2.24. (#2620)
• POTENTIALLY BREAKING Removed support for ktlint versions below 1.0. (#2711)

Fixed

• palantirJavaFormat is no longer arbitrarily set to outdated versions on Java 17, latest available version is always used (#2686 fixes #2685)

Added

• Add a forbidModuleImports API for java (#2679)
• new options to customize Flexmark, e.g. to allow YAML front matter (#2616)

[4.0.0] - 2025-09-24

Changes

• BREAKING Bump the required Java to 17. (#2375, #2540)
• BREAKING Renamed RemoveWildcardImportsStep to ForbidWildcardImportsStep. (#2633)
• Bump JGit from 6.10.1 to 7.3.0 (#2257)
  • Adds support for worktrees (fixes #1765)

... (truncated)

Commits

• d0f4c3d Published maven/3.2.1
• 2b7f9de Published gradle/8.2.1
• 78e26e9 Published lib/4.3.0
• 33692c2 [fix] removeSemicolons() should not be applied to multiline strings in groo...
• 90628d8 Update changelog.
• 61864a2 Merge branch 'main' into fix-removeSemicolons
• 4864bc8 Fix Gradle Cache performance issue by supporting cached P2 provisionning via ...
• 075895c docs: Mention P2 caching for gradle plugin caching
• 57214bf feat: Supports P2 in predeclare
• 8aee8ac chore: Adds a GradleProvisioner test
• Additional commits viewable in compare view

Updates com.sap.cloud.security:java-bom from 3.6.5 to 3.6.6

Release notes

Sourced from com.sap.cloud.security:java-bom's releases.

3.6.6

• added Token Exchange support to Security Library for ID Token exchange and XSUAA Token exchange

Dependency upgrades

• Update Spring dependencies (#1907)
• Bump the prod-deps-ver group with 9 updates (#1902)
• Bump the dev-deps group with 3 updates (#1901)
• Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• Configure Dependabot with dependency groups (#1900)
• Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• Bump org.json:json from 20250517 to 20251224 (#1898)
• Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 (#1873)
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 (#1874)
• Bump reactor.version from 3.7.11 to 3.7.12 (#1875)
• Bump spring.core.version from 6.2.11 to 6.2.12 (#1878)
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1 (#1880)
• Bump com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8 (#1881)
• Bump spring.security.version from 6.5.5 to 6.5.6 (#1882)
• Bump spring.security.oauth2.version from 6.5.5 to 6.5.6 (#1883)
• Bump ch.qos.logback:logback-core from 1.5.13 to 1.5.19 in /token-client (#1884)

Changelog

Sourced from com.sap.cloud.security:java-bom's changelog.

3.6.6

• added Token Exchange support to Security Library for ID Token exchange and XSUAA Token exchange

Dependency upgrades

• Update Spring dependencies (#1907)
• Bump the prod-deps-ver group with 9 updates (#1902)
• Bump the dev-deps group with 3 updates (#1901)
• Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• Configure Dependabot with dependency groups (#1900)
• Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• Bump org.json:json from 20250517 to 20251224 (#1898)
• Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 (#1873)
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 (#1874)
• Bump reactor.version from 3.7.11 to 3.7.12 (#1875)
• Bump spring.core.version from 6.2.11 to 6.2.12 (#1878)
• Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1 (#1880)
• Bump com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8 (#1881)
• Bump spring.security.version from 6.5.5 to 6.5.6 (#1882)
• Bump spring.security.oauth2.version from 6.5.5 to 6.5.6 (#1883)
• Bump ch.qos.logback:logback-core from 1.5.13 to 1.5.19 in /token-client (#1884)

Commits

• 699d25f Release 3.6.6 (#1908)
• 033870b Update Spring dependencies (#1907)
• b69f9f9 Bump the prod-deps-ver group with 9 updates (#1902)
• c6c6cbb Bump the dev-deps group with 3 updates (#1901)
• 3ffaebc Bump io.projectreactor:reactor-test from 3.7.11 to 3.8.2 (#1892)
• d791dbf Configure Dependabot with dependency groups (#1900)
• e051197 Bump org.sonatype.central:central-publishing-maven-plugin (#1894)
• 3ae6036 Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 (#1895)
• 1723785 Bump org.json:json from 20250517 to 20251224 (#1898)
• 2aa234a Bump ch.qos.logback:logback-core from 1.5.19 to 1.5.25 in /token-client (#1899)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.15.0

🐛 Bug Fixes

• Fix Java 25 compatibility during integration tests (#1020) @​desruisseaux
• [MCOMPILER-540] - useIncrementalCompilation=false may add generated sources to the sources list (#192) @​mensinda

👻 Maintenance

• Bump org.apache.maven.plugins:maven-plugins from 45 to 46 (#1015) @​slachiewicz
• Remove declaration of "plexus-snapshots" repository (#1010) @​desruisseaux
• Works only with Maven 4.0.0 rc4 (#996) @​slachiewicz
• Enable Java 25 and Maven 4 in CI (#975) @​slachiewicz

📦 Dependency updates

• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#1016) @dependabot[bot]
• Bump plexusCompilerVersion from 2.16.1 to 2.16.2 (#1021) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 46 to 47 (#1019) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2 (#1008) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.9 to 9.9.1 (#1005) @dependabot[bot]
• Bump mavenVersion from 3.9.11 to 3.9.12 (#1007) @dependabot[bot]
• Bump maven-plugin-testing-harness to 3.4.0 (#1001) @​slawekjaranowski
• Bump plexusCompilerVersion from 2.16.0 to 2.16.1 (#999) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.5.0 to 1.5.1 (#993) @dependabot[bot]
• Bump plexusCompilerVersion from 2.15.0 to 2.16.0 (#992) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.8 to 9.9 (#981) @dependabot[bot]

Commits

• 9290cb3 [maven-release-plugin] prepare release maven-compiler-plugin-3.15.0
• 3657d40 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
• 7bbf805 Bump plexusCompilerVersion from 2.16.1 to 2.16.2
• 57fa938 Bump org.apache.maven.plugins:maven-plugins from 46 to 47
• 385e3f2 Fix Java 25 compatibility during integration tests (#1020)
• 6b34423 Bump org.apache.maven.plugins:maven-plugins from 45 to 46
• aaeb9c6 [MCOMPILER-540] useIncrementalCompilation=false may add generated sources to ...
• 6e3db9d Bump org.codeh...

  Description has been truncated