Bump the java group across 1 directory with 28 updates

[dependabot]

Bumps the java group with 26 updates in the / directory:

Package	From	To
ch.qos.logback:logback-core	1.5.16	1.5.17
ch.qos.logback:logback-classic	1.5.16	1.5.17
org.slf4j:slf4j-simple	2.0.16	2.0.17
org.slf4j:slf4j-api	2.0.16	2.0.17
org.xerial:sqlite-jdbc	3.48.0.0	3.49.1.0
com.fasterxml.jackson.core:jackson-databind	2.18.2	2.18.3
org.apache.httpcomponents.client5:httpclient5	5.4.1	5.4.2
org.jsoup:jsoup	1.18.3	1.19.1
org.springframework.boot:spring-boot-maven-plugin	3.4.2	3.4.3
org.codehaus.mojo:flatten-maven-plugin	1.6.0	1.7.0
co.elastic.clients:elasticsearch-java	8.17.1	8.17.3
com.itextpdf:itext-core	9.0.0	9.1.0
com.itextpdf:cleanup	5.0.0	5.0.1
org.mariadb.jdbc:mariadb-java-client	3.5.1	3.5.2
org.apache.tika:tika-core	3.0.0	3.1.0
org.apache.tika:tika-parsers	3.0.0	3.1.0
org.apache.tika:tika-parser-pdf-module	3.0.0	3.1.0
org.apache.tika:tika-parser-text-module	3.0.0	3.1.0
org.apache.tika:tika-parser-ocr-module	3.0.0	3.1.0
org.apache.tika:tika-parser-microsoft-module	3.0.0	3.1.0
org.springdoc:springdoc-openapi-starter-webmvc-ui	2.8.4	2.8.5
org.apache.solr:solr-solrj	9.8.0	9.8.1
org.springframework.security:spring-security-test	6.4.2	6.4.3
org.apache.maven.plugins:maven-compiler-plugin	3.13.0	3.14.0
org.apache.maven.plugins:maven-project-info-reports-plugin	3.8.0	3.9.0
org.apache.maven.plugins:maven-pdf-plugin	1.6.1	1.6.2

Updates ch.qos.logback:logback-core from 1.5.16 to 1.5.17

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.17

2025-02-25 Release of logback version 1.5.17

• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.

• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• 1035872 prepare release 1.5.17
• 2e6984d bump to slf4j version 2.0.17
• 1009952 use a new LoggerContert instance when running LogbackListenerTest. This shoul...
• a3bb4b0 Merge branch 'master' of github.com:qos-ch/logback
• b507297 Fixed race condition occurring in case MDC class is initialized while org.slf...
• f5b3bc5 add warning about the deprecation of SerializedModelConfigurator if activated
• 5bc0998 Update README.md
• 5610c96 correct relocation address
• f3d100b update logback-access evaluator examples
• 51e3903 fix issues/753 for the second time
• Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.16 to 1.5.17

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.17

2025-02-25 Release of logback version 1.5.17

• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.

• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• 1035872 prepare release 1.5.17
• 2e6984d bump to slf4j version 2.0.17
• 1009952 use a new LoggerContert instance when running LogbackListenerTest. This shoul...
• a3bb4b0 Merge branch 'master' of github.com:qos-ch/logback
• b507297 Fixed race condition occurring in case MDC class is initialized while org.slf...
• f5b3bc5 add warning about the deprecation of SerializedModelConfigurator if activated
• 5bc0998 Update README.md
• 5610c96 correct relocation address
• f3d100b update logback-access evaluator examples
• 51e3903 fix issues/753 for the second time
• Additional commits viewable in compare view

Updates org.slf4j:slf4j-simple from 2.0.16 to 2.0.17

Updates org.slf4j:slf4j-api from 2.0.16 to 2.0.17

Updates org.xerial:sqlite-jdbc from 3.48.0.0 to 3.49.1.0

Release notes

Sourced from org.xerial:sqlite-jdbc's releases.

Release 3.49.1.0

Changelog

🚀 Features

sqlite

• upgrade to sqlite 3.49.1 (02d5463)

🛠 Build

deps

• bump org.graalvm.buildtools:native-maven-plugin (9cda17f)

deps-dev

• bump com.tngtech.archunit:archunit-junit5 (bdcf7ee)

Contributors

We'd like to thank the following people for their contributions: Gauthier, Gauthier Roebroeck

Release 3.49.0.0

Changelog

🚀 Features

sqlite

• upgrade to sqlite 3.49.0 (3ef2146)

🛠 Build

deps

• bump org.graalvm.sdk:nativeimage from 24.1.1 to 24.1.2 (2ced005)

deps-dev

• bump org.assertj:assertj-core from 3.27.2 to 3.27.3 (cea714f)

Contributors

We'd like to thank the following people for their contributions: Gauthier, Gauthier Roebroeck

Commits

• b9983e6 chore(release): 3.49.1.0 [skip ci]
• ed20edd chore: update native libraries
• 02d5463 feat(sqlite): upgrade to sqlite 3.49.1
• bdcf7ee build(deps-dev): bump com.tngtech.archunit:archunit-junit5
• 9cda17f build(deps): bump org.graalvm.buildtools:native-maven-plugin
• 51b7f8f chore(release): prepare next snapshot [skip ci]
• 3c697e8 chore(release): 3.49.0.0 [skip ci]
• a08886a chore: update native libraries
• 3ef2146 feat(sqlite): upgrade to sqlite 3.49.0
• 2ced005 build(deps): bump org.graalvm.sdk:nativeimage from 24.1.1 to 24.1.2
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.18.3

Commits

• See full diff in compare view

Updates org.apache.httpcomponents.client5:httpclient5 from 5.4.1 to 5.4.2

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.4.2

This is a maintenance release that upgrades HttpCore to version 5.3.3 and fixes several regressions reported since the last release. One of the regressions could cause connection leaks and eventual connection pool exhaustion in case of proxy authentication failure when establishing a tunnel via the proxy.

Change Log

• Upgraded HttpCore to version 5.3.3 Contributed by Oleg Kalnichevski

• Improved internal state representation of the internal async execution runtime in order to prevent potential race conditions. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2357, regression: Classic HttpClient fails to release connection in case of a proxy authentication failure. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2355, regression: Reset protocol version in the execution context on a 200 response to CONNECT request. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2354: ResponseCachingPolicy to allow caching of responses with "must-revalidate" in shared caches with Authorization headers. The change aligns with RFC 9111 Section 5.2.2.2 (#609). Contributed by Arturo Bernal

• Do not add Upgrade header if Connection header already present (the caller manually manages connection state). Contributed by Oleg Kalnichevski

• Avoid logging HTTP message version where it can be a hint, not an actual protocol version Contributed by Oleg Kalnichevski

• IDN encode hostnames with Unicode characters prior to DNS resolution (#608). Contributed by Arturo Bernal

• HTTPCLIENT-2353: Fixed rejection of certificates with IDN encoded identities. (#607) Contributed by Arturo Bernal

Commits

• 34f1b02 HttpClient 5.4.2 release
• 2145d2c Updated release notes for HttpClient 5.4.2 release
• 7e48abb Upgraded HttpCore to version 5.3.3
• 1119d49 Disabled a test case that fails intermittently with GitHub Actions, pending r...
• 9433bca Improved internal state representation of the internal async execution runtim...
• 7f56b8e HTTPCLIENT-2357, regression: Classic HttpClient fails to release connect in c...
• 8958b36 HTTPCLIENT-2355, regression: Reset protocol version in the execution context ...
• f7f8069 Upgraded HttpCore to version 5.3.2
• d048550 Fix HTTPCLIENT-2354 by updating ResponseCachingPolicy to allow caching of res...
• 5ab09ea Do not add Upgrade header if Connection header already present (the calle...
• Additional commits viewable in compare view

Updates org.jsoup:jsoup from 1.18.3 to 1.19.1

Release notes

Sourced from org.jsoup:jsoup's releases.

jsoup 1.19.1

Changes

• Added support for http/2 requests in Jsoup.connect(), when running on Java 11+, via the Java HttpClient implementation. #2257.
  • In this version of jsoup, the default is to make requests via the HttpUrlConnection implementation: use System.setProperty("jsoup.useHttpClient", "true"); to enable making requests via the HttpClient instead , which will enable http/2 support, if available. This will become the default in a later version of jsoup, so now is a good time to validate it.
  • If you are repackaging the jsoup jar in your deployment (i.e. creating a shaded- or a fat-jar), make sure to specify that as a Multi-Release JAR.
  • If the HttpClient impl is not available in your JRE, requests will continue to be made via HttpURLConnection (in http/1.1 mode).
• Updated the minimum Android API Level validation from 10 to 21. As with previous jsoup versions, Android developers need to enable core library desugaring. The minimum Java version remains Java 8. #2173
• Removed previously deprecated class: org.jsoup.UncheckedIOException (replace with java.io.UncheckedIOException); moved previously deprecated method Element Element#forEach(Consumer) to void Element#forEach(Consumer()). #2246
• Deprecated the methods Document#updateMetaCharsetElement(bool) and #Document#updateMetaCharsetElement(), as the setting had no effect. When Document#charset(Charset) is called, the document's meta charset or XML encoding instruction is always set. #2247

Improvements

• When cleaning HTML with a Safelist that preserves relative links, the isValid() method will now consider these links valid. Additionally, the enforced attribute rel=nofollow will only be added to external links when configured in the safelist. #2245
• Added Element#selectStream(String query) and Element#selectStream(Evaluator) methods, that return a Stream of matching elements. Elements are evaluated and returned as they are found, and the stream can be terminated early. #2092
• Element objects now implement Iterable, enabling them to be used in enhanced for loops.
• Added support for fragment parsing from a Reader via Parser#parseFragmentInput(Reader, Element, String). #1177
• Reintroduced CLI executable examples, in jsoup-examples.jar. #1702
• Optimized performance of selectors like #id .class (and other similar descendant queries) by around 4.6x, by better balancing the Ancestor evaluator's cost function in the query planner. #2254
• Removed the legacy parsing rules for <isindex> tags, which would autovivify a form element with labels. This is no longer in the spec.
• Added Elements.selectFirst(String cssQuery) and Elements.expectFirst(String cssQuery), to select the first matching element from an Elements list. #2263
• When parsing with the XML parser, XML Declarations and Processing Instructions are directly handled, vs bouncing through the HTML parser's bogus comment handler. Serialization for non-doctype declarations no longer end with a spurious !. #2275
• When converting parsed HTML to XML or the W3C DOM, element names containing < are normalized to _ to ensure valid XML. For example, <foo<bar> becomes <foo_bar>, as XML does not allow < in element names, but HTML5 does. #2276
• Reimplemented the HTML5 Adoption Agency Algorithm to the current spec. This handles mis-nested formating / structural elements. #2278

... (truncated)

Changelog

Sourced from org.jsoup:jsoup's changelog.

1.19.1 (2025-03-04)

Changes

• Added support for http/2 requests in Jsoup.connect(), when running on Java 11+, via the Java HttpClient implementation. #2257.
  • In this version of jsoup, the default is to make requests via the HttpUrlConnection implementation: use System.setProperty("jsoup.useHttpClient", "true"); to enable making requests via the HttpClient instead , which will enable http/2 support, if available. This will become the default in a later version of jsoup, so now is a good time to validate it.
  • If you are repackaging the jsoup jar in your deployment (i.e. creating a shaded- or a fat-jar), make sure to specify that as a Multi-Release JAR.
  • If the HttpClient impl is not available in your JRE, requests will continue to be made via HttpURLConnection (in http/1.1 mode).
• Updated the minimum Android API Level validation from 10 to 21. As with previous jsoup versions, Android developers need to enable core library desugaring. The minimum Java version remains Java 8. #2173
• Removed previously deprecated class: org.jsoup.UncheckedIOException (replace with java.io.UncheckedIOException); moved previously deprecated method Element Element#forEach(Consumer) to void Element#forEach(Consumer()). #2246
• Deprecated the methods Document#updateMetaCharsetElement(boolean) and Document#updateMetaCharsetElement(), as the setting had no effect. When Document#charset(Charset) is called, the document's meta charset or XML encoding instruction is always set. #2247

Improvements

• When cleaning HTML with a Safelist that preserves relative links, the isValid() method will now consider these links valid. Additionally, the enforced attribute rel=nofollow will only be added to external links when configured in the safelist. #2245
• Added Element#selectStream(String query) and Element#selectStream(Evaluator) methods, that return a Stream of matching elements. Elements are evaluated and returned as they are found, and the stream can be terminated early. #2092
• Element objects now implement Iterable, enabling them to be used in enhanced for loops.
• Added support for fragment parsing from a Reader via Parser#parseFragmentInput(Reader, Element, String). #1177
• Reintroduced CLI executable examples, in jsoup-examples.jar. #1702
• Optimized performance of selectors like #id .class (and other similar descendant queries) by around 4.6x, by better balancing the Ancestor evaluator's cost function in the query planner. #2254
• Removed the legacy parsing rules for <isindex> tags, which would autovivify a form element with labels. This is no longer in the spec.
• Added Elements.selectFirst(String cssQuery) and Elements.expectFirst(String cssQuery), to select the first matching element from an Elements list. #2263
• When parsing with the XML parser, XML Declarations and Processing Instructions are directly handled, vs bouncing through the HTML parser's bogus comment handler. Serialization for non-doctype declarations no longer end with a spurious !. #2275
• When converting parsed HTML to XML or the W3C DOM, element names containing < are normalized to _ to ensure valid XML. For example, <foo<bar> becomes <foo_bar>, as XML does not allow < in element names, but HTML5 does. #2276

... (truncated)

Commits

• 5c4c09a [maven-release-plugin] prepare release jsoup-1.19.1
• 7de25be Updated changelog in preparation of release
• 6d7a058 Use 'el' instead of 'node' in adoption agency
• 0679bef Perf: removed redundant lowercase normalization
• d80275e Performance tweak when appending tag names
• 4b733b1 Updated InScope search basetypes to be namespace aware
• d89d757 Changelog tidy
• 5fde3d9 Changelog for #2281
• d55469a Clone the Parser when cloning a Document
• 11a0334 Concurrency note
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-maven-plugin from 3.4.2 to 3.4.3

Release notes

Sourced from org.springframework.boot:spring-boot-maven-plugin's releases.

v3.4.3

⚠️ Noteworthy

• Due to the upgrade to Prometheus Client 1.3.6, dependency management for Guava is no longer provided. If you are affected by this change, configure your build with a version of Guava that meets your application's needs.

⭐ New Features

• Add TWENTY_FOUR to JavaVersion enum #44209

🐞 Bug Fixes

• Console output may be lost when using Log4j2 with something that replaces System.out #44380
• Maven plugin does not consistently use ArgFile for classpath argument on Windows #44328
• Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support #44319
• When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception #44317
• View resolver for Thymeleaf should back off if spring-webmvc is not present #44296
• WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails #44294
• Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration #44293
• Banner placeholder and defaults do not work during development #44255
• Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header #44193
• Servlet EndpointRequest doesn't match web server namespace correctly #44188
• java.lang.ClassCastException when using default management security with WebFlux and health probes enabled #44052
• Logback configuration that relies on inner-classes does not work in a native image #44025
• IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 #43989
• Metrics and health do not include non-default candidate beans #43481

📔 Documentation

• Document that auto-configuration classes should be identified using their binary names #44303
• Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off #44301
• Link to JarLauncher's javadoc #44170
• When using observability annotations, recommend that care is taken to avoid double instrumentation #44145
• Fix typo in Running Your Application #44035
• Document Kubernetes preStop handler when using a Docker image without a shell #44022
• Source snippet in Developing Your First Spring Boot Application section uses the root package #43983
• Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" #43975
• Add links to Jackson Javadoc #43971
• Warn that some Quartz database schema scripts must be modified before use #43958

🔨 Dependency Upgrades

• Upgrade to Commons Pool2 2.12.1 #44173
• Upgrade to Couchbase Client 3.7.8 #44269
• Upgrade to Groovy 4.0.25 #44174
• Upgrade to Hibernate 6.6.8.Final #44332
• Upgrade to HttpClient5 5.4.2 #44176
• Upgrade to HttpCore5 5.3.3 #44177
• Upgrade to Infinispan 15.0.13.Final #44178
• Upgrade to jOOQ 3.19.19 #44368
• Upgrade to Json-smart 2.5.2 #44264

... (truncated)

Commits

• 2f53c0a Release v3.4.3
• f99171f Merge branch '3.3.x' into 3.4.x
• 70e0744 Next development version (v3.3.10-SNAPSHOT)
• 07d9db3 Merge pull request #44380 from nosan
• 2295809 Register Log42J StatusListener
• 575655c Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4
• c74397a Merge branch '3.3.x' into 3.4.x
• c718461 Protect against NoSuchMethodException on setReadOnly
• 7dc9bf2 Upgrade to Testcontainers Redis Module 2.2.4
• 7d1fc06 Upgrade to Testcontainers 1.20.5
• Additional commits viewable in compare view

Updates org.codehaus.mojo:flatten-maven-plugin from 1.6.0 to 1.7.0

Release notes

Sourced from org.codehaus.mojo:flatten-maven-plugin's releases.

1.7.0

🚀 New features and improvements

• Bind :clean to 'clean' phase by default (#435) @​pzygielo
• Feature/extended interpolate (#384) @​SergeDemoulinGebit

🐛 Bug Fixes

• Fix Issue#377 Regression: parent dependencies missing in flattened pom (#417) @​hkampbjorn

📦 Dependency updates

• Bump org.codehaus.mojo:mojo-parent from 86 to 87 (#437) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.2 to 3.27.3 (#434) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.1 to 3.27.2 (#433) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 (#432) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.26.3 to 3.27.0 (#431) @dependabot[bot]
• Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#430) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 85 to 86 (#425) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2 (#428) @dependabot[bot]
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#427) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#421) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 84 to 85 (#424) @dependabot[bot]
• Bump org.eclipse.sisu:org.eclipse.sisu.inject from 0.9.0.M2 to 0.9.0.M3 (#418) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 82 to 84 (#420) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#416) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-xml from 3.0.0 to 3.0.1 (#415) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 81 to 82 (#414) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 80 to 81 (#413) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (#411) @dependabot[bot]
• Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#410) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 78 to 80 (#406) @dependabot[bot]
• Bump commons-io:commons-io from 2.15.1 to 2.16.0 (#409) @dependabot[bot]
• Bump apache/maven-gh-actions-shared from 3 to 4 (#407) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.25.2 to 3.25.3 (#404) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.25.1 to 3.25.2 (#402) @dependabot[bot]

👻 Maintenance

• Avoid using deprecated items (#439) @​slawekjaranowski
• Remove Maven wrapper configuration (#438) @​slawekjaranowski
• Remove no-overwrite-3.6.2-before IT (#436) @​pzygielo

Commits

• f9ad1f7 [maven-release-plugin] prepare release 1.7.0
• 8061369 Avoid using deprecated items
• 28c7cb0 Bump org.codehaus.mojo:mojo-parent from 86 to 87
• 3800f8b Remove Maven wrapper configuration
• b622639 Fix Issue#377 Regression: parent dependencies missing in flattened pom
• 600e7a0 Bump org.assertj:assertj-core from 3.27.2 to 3.27.3
• bb80610 Remove no-overwrite-3.6.2-before IT
• 78bac9e Bind :clean to 'clean' phase by default
• 8bd8956 Bump org.assertj:assertj-core from 3.27.1 to 3.27.2
• 0e461a2 Bump org.assertj:assertj-core from 3.27.0 to 3.27.1
• Additional commits viewable in compare view

Updates co.elastic.clients:elasticsearch-java from 8.17.1 to 8.17.3

Release notes

Sourced from co.elastic.clients:elasticsearch-java's releases.

v8.17.3

What's Changed

Full Changelog: elastic/elasticsearch-java@v8.17.2...v8.17.3

v8.17.2

What's Changed

Full Changelog: elastic/elasticsearch-java@v8.17.1...v8.17.2

Commits

• 500de42 [codegen] update to latest spec
• 788d688 [codegen] update to latest spec
• 30b3efe [codegen] update to latest spec
• e90330f bump version
• f46b8b0 [codegen] update to latest spec
• a3ee856 [codegen] update to latest spec
• 8d1f785 bump version
• See full diff in compare view

Updates com.itextpdf:itext-core from 9.0.0 to 9.1.0

Release notes

Sourced from com.itextpdf:itext-core's releases.

iText Core/Community 9.1.0

To celebrate both iText’s 25th anniversary and Valentine’s Day, we bring you iText Core version 9.1. There’s a lot of to love about this release, with a huge performance increase in table creation, massively extended SVG support, and further Digital Signing goodies.

Extended SVG Support

Many additions and enhancements have been made to our in-house implementation since it was introduced, with coverage of the specification steadily increasing to meet customer needs. This release sees our biggest leap yet with over 40 tickets being closed – full marks to our incredible dev team!

Newly added are support for text clipping paths, 'marker-mid' properties, text decoration, and passing markers from elements to children. We’ve improved general font handling, while some other improvements to draw attention to are in the support for relative size attributes, text positioning, 'direction' properties, stroke opacity, and dash patterns.

There's also improved support for CSS-specific SVG, which you can find more details on in the pdfHTML release notes. However, we'll call out the improved support for different CSS origins in SVG and referencing external resources with the @importurl() rule.

To top it off we’ve significantly improved the SVG module’s usage of the advanced typography features enabled by the pdfCalligraph add-on. See the example PDF on our Knowledge Base for a demonstration!

Increased Table Performance

With iText Core 9.1 the table rendering code has been highly-optimized, particularly when it comes to tagged tables. This is especially noticable for tables with many rows, or when tagging tables. See more details

Digital Signatures

We’re continually working on iText’s digital signing and validation capabilities to provide a unique breadth of support in the market. MAC integrity protection support is extended to support two-step signing. There’s also new code examples for signing with the Cloud Signing Consortium (CSC) API, which we recently wrote about in Part V of our Digital Signing with iText series. You can find these in the GitHub samples repositories linked below.

Alongside that, we’ve made some general improvements (if you know, you know) to signing and validation. In particular, the workaround for certificates where the pathLength parameter is set to 0 for the basicConstraints extension is no longer required.

PDF/UA-2

Our PDF/UA-2 implementation is improved, specifically, when using the Annot tag for content elements in PDF 2.0 documents.Don’t tell anyone, but our team is preparing further PDF/UA-2 goodies for our next release.

Pull Requests

For this release, we’d like to thank Stefan Bechtold for submitting a PR adding support for styling tables with nth-last pseudo class selectors. Thanks also to Artyom Skrobov for squashing a bug when decoding an empty PdfString, and finally Zuzu-Typ for fixes to the kernel PDF encryption constants documentation.

Bug Fixes and Miscellaneous

There’s an update for merge handling when remote and embedded go-to actions are present, and we resolved a customer issue related to decoding Xref streams with missing bytes.

Many bugs have been resolved for SVG rendering and CSS layout. In addition, general bugfixes have been made to font and text handling, form fields, signing and validation, and more.

Other Stuff

If you use iText for digital signing, you may be interested in the Digital Signatures Hub which contains a ton of useful resources and examples. In particular, we have a new chapter to our Digital Signing with iText series. In Part V, we take you through the steps of signing PDFs with Java via a remote signing service offering CSC API access.

Don’t forget that in addition to the resources on our Knowledge Base, on our GitHub you can find a ton of useful up-to-date samples in the following repos:

Java

• https://github.com/itext/itext-publications-examples-java
• https://github.com/itext/itext-publications-book-java
• https://github.com/itext/itext-publications-signing-examples-java
• https://github.com/itext/itext-publications-signatures-java
• https://github.com/itext/itext-publications-highlevel-java

... (truncated)

Commits

• 6d43eb7 [RELEASE] iText 9.1.0
• a80ad00 [RELEASE] 9.1.0
• 1ffa4d5 Fix behavior for svg containing elements with zero or negative stroke-width
• 457ddde SVG: don't draw rect with negative or zero height or width
• 586e3e3 SVG: add tests for text-decoration inheritance
• 862fac8 SVG: Fix currentColor handling
• 903b8df SVG: fix preserveAspectRatio on image
• d49afc6 Fix rgba alpha channel parsing
• 07a241a Support display:none and visibility:hidden for svg elements except text
• 69e07f1 Add missing AES_GCM encryption references
• Additional commits viewable in compare view

Updates com.itextpdf:cleanup from 5.0.0 to 5.0.1

Updates org.mariadb.jdbc:mariadb-java-client from 3.5.1 to 3.5.2

Release notes

Sourced from org.mariadb.jdbc:mariadb-java-client's releases.

MariaDB Connector/Java 3.5.2

3.5.2 (Feb 2025)

Full Changelog

Bugs Fixed

• CONJ-1216 Resolved a performance issue that occurred when batch processing on MySQL and older MariaDB (pre-10.2) servers
• CONJ-1218 Incorrect behavior where XA connections are closed when regular connections are terminated - this is against specifications
• CONJ-1217 The trustCertificateKeyStorePassword alias parameter isn’t taken into account
• CONJ-1221 DatabaseMetadata.getTypeInfo() is missing the data types UUID and VECTOR
• CONJ-1225 System throws an exception prematurely without checking all available connections
• CONJ-1228 result-set.getObject() on BLOB type returns Blob in place of byte[]
• CONJ-660 new disconnectOnExpiredPasswords connection option that controls client behavior when connecting with an expired password. When set to true (default), the client disconnects if it detects an expired password. When false, the client maintains the connection and allows setting a new password.
• CONJ-1229 Permit executeQuery commands to not return a result-set

Changelog

Sourced from org.mariadb.jdbc:mariadb-java-client's changelog.

3.5.2 (Feb 2025)

Full Changelog

Bugs Fixed

• CONJ-1216 Resolved a performance issue that occurred when batch processing on MySQL and older MariaDB (pre-10.2) servers
• CONJ-1218 Incorrect behavior where XA connections are closed when regular connections are terminated - this is against specifications
• CONJ-1217 The trustCertificateKeyStorePassword alias parameter isn’t taken into account
• CONJ-1221 DatabaseMetadata.getTypeInfo() is missing the data types UUID and VECTOR
• CONJ-1225 System throws an exception prematurely without checking all available connections
• CONJ-1228 result-set.getObject() on BLOB type returns Blob in place of byte[]
• CONJ-660 new disconnectOnExpiredPasswords connection option that controls client behavior when connecting with an expired password. When set to true (default), the client disconnects if it detects an expired password. When false, the client maintains the connection and allows setting a new password.
• CONJ-1229 Permit executeQuery commands to not return a result-set

Commits

• 16ffe8e [misc] removing metadata getTypeInfo listing BOOL to BOOLEAN change to avoid ...
• 9e53e68 [misc] changelog update
• 3331508 [CONJ-1229] Permit executeQuery commands to not return a result-set
• b2d3f59 [misc] ensure test stability sith mysql servers
• 79cefb8 [CONJ-660] support expired password
• 63991b7 [misc] code style correction
• 39ee017 [CONJ-1228] result-set.getObject() on BLOB type returns Blob by default in pl...
• a86e330 [misc] improve no cache benchmark
• b3a3735 [misc] correcting javadoc
• 6ce18d5 [misc] update copyright header
• Additional commits viewable in compare view

Updates org.apache.tika:tika-core from 3.0.0 to 3.1.0

Changelog

Sourced from org.apache.tika:tika-core's changelog.

Release 4.0.0-BETA1 - ??? BREAKING CHANGES

• Headers are no longer injected into the body/content of MSG files (TIKA-4345). Please open a ticket if you need this behavior across email formats.

OTHER CHANGES

• Fix concurrency bug in TikaToXMP (TIKA-4393)

Release 3.1.0 - ??

• Allow users to turn off the injection of some headers into the content stream of MSG files (TIKA-4345).

• Add a wrapper for Google's magika detector (TIKA-4344).

• Add support for MachO via Alexey Pelykh (TIKA-4309).

• Add logic to inject spaces in XPS files based on font widths via Ruairidh Williamson (TIKA-4315).

• Mime type "application/json" is now a sub class of "text/javascript" not "application/javascript" (TIKA-4336)

• Remove tagsoup from the project entirely. Note that some of the tags produced by the SourceCodeParser are slightly different (TIKA-4338)

Release 3.0.0 - 10/15/2024

• Fix regression in TextAndCSVParser (TIKA-4278).

Release 3.0.0-BETA2 - 07/09/2024

BREAKING CHANGES

• Updated PST parser to use standard Message metadata keys and improved handling of embedded files (TIKA-4248).

• Convenience methods for XML readers were moved from ParseContext to XMLReaderUtils (TIKA-4259).

Other Changes

• Add GRPC server (TIKA-4181).

• Improved configurability in tika-pipes (TIKA-4243).

• Add optional PST parser based on libpst/readpst (TIKA-4250).

Release 3.0.0-BETA - 12/01/2023

... (truncated)

Commits

• 2561927 [maven-release-plugin] prepare release tika-3.1.0-rc1
• f371a7d update CHANGES.txt for rc1