Bump the minor-updates group with 10 updates

[dependabot[bot]]

Bumps the minor-updates group with 10 updates:

Package	From	To
ch.qos.logback:logback-classic	1.4.11	1.4.14
org.mockito:mockito-core	5.5.0	5.8.0
org.apache.maven.plugins:maven-javadoc-plugin	3.6.0	3.6.2
com.fasterxml.jackson.core:jackson-databind	2.15.2	2.16.0
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor	2.15.2	2.16.0
com.fasterxml.jackson.dataformat:jackson-dataformat-smile	2.15.2	2.16.0
com.fasterxml.jackson.dataformat:jackson-dataformat-ion	2.15.2	2.16.0
com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf	2.15.2	2.16.0
com.fasterxml.jackson.dataformat:jackson-dataformat-avro	2.15.2	2.16.0
com.alibaba:fastjson	2.0.40	2.0.42

Updates ch.qos.logback:logback-classic from 1.4.11 to 1.4.14

Commits

• 407f935 prepare release 1.4.14
• 7018a36 fix missing deseialization filter init call, enable commented out test case
• 8a746eb start work on 1.4.14-SNAPSHOT
• 7ee000a prepare release 1.4.13
• 867bf58 remove superflus system.out call
• 88abf59 prepare release 1.4.12
• 2cd8cab cater for array size marked with -1
• 9c782b4 prevent DOS attacks using on malicious serialized input
• f6d690d further support for Virtual threads, issues 737
• 9a1fc44 add support for Virtual threads
• Additional commits viewable in compare view

Updates org.mockito:mockito-core from 5.5.0 to 5.8.0

Release notes

Sourced from org.mockito:mockito-core's releases.

v5.8.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.8.0

• 2023-12-01 - 15 commit(s) by Andreas Turban, Mikaël Francoeur, dependabot[bot], jfrantzius
• #3000: fix ArrayIndexOutOfBoundsException [(#3190)](mockito/mockito#3190)
• Bump com.diffplug.spotless from 6.23.1 to 6.23.2 [(#3188)](mockito/mockito#3188)
• Bump com.diffplug.spotless from 6.23.0 to 6.23.1 [(#3186)](mockito/mockito#3186)
• Bump actions/setup-java from 3 to 4 [(#3185)](mockito/mockito#3185)
• Apply spotless to all java projects [(#3184)](mockito/mockito#3184)
• Bump com.diffplug.spotless from 6.22.0 to 6.23.0 [(#3182)](mockito/mockito#3182)
• Fixes #3179 : Add module for Java 21 tests. [(#3180)](mockito/mockito#3180)
• Need separate module for java 21 tests [(#3179)](mockito/mockito#3179)
• Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.20 to 1.9.21 [(#3176)](mockito/mockito#3176)
• Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.20 to 1.9.21 [(#3175)](mockito/mockito#3175)
• Bump versions.bytebuddy from 1.14.9 to 1.14.10 [(#3174)](mockito/mockito#3174)
• Fixes #3160 : Fix interference between spies when spying on records. [(#3173)](mockito/mockito#3173)
• Bump com.github.ben-manes.versions from 0.49.0 to 0.50.0 [(#3172)](mockito/mockito#3172)
• Bump versions.junitJupiter from 5.10.0 to 5.10.1 [(#3169)](mockito/mockito#3169)
• Bump org.junit.platform:junit-platform-launcher from 1.10.0 to 1.10.1 [(#3168)](mockito/mockito#3168)
• Deep Stubs Incompatible With Mocking Enum [(#3167)](mockito/mockito#3167)
• Annotation-based spying on a generic class breaks existing final/inline Spies [(#3160)](mockito/mockito#3160)
• ArrayIndexOutOfBoundsException with Version 5.3.1 [(#3000)](mockito/mockito#3000)
• Deep Stubs Incompatible With Mocking Enum [(#2984)](mockito/mockito#2984)

v5.7.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.7.0

• 2023-11-02 - 15 commit(s) by Stefan M, Tim van der Lippe, Valery Yatsynovich, Vladimir Glinskikh, ascopes, dependabot[bot]
• Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.10 to 1.9.20 [(#3166)](mockito/mockito#3166)
• Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.10 to 1.9.20 [(#3165)](mockito/mockito#3165)
• Attempt to detect system property mangling prior to loading ByteBuddy. [(#3164)](mockito/mockito#3164)
• Handle Termux in InlineDelegateByteBuddyMockMaker.java [(#3158)](mockito/mockito#3158)
• Bump versions.errorprone from 2.22.0 to 2.23.0 [(#3153)](mockito/mockito#3153)
• Fix license url according to spdx license spec [(#3152)](mockito/mockito#3152)
• Remove checks for unsupported Java version from unit tests [(#3150)](mockito/mockito#3150)
• Add CodeCov token to upload coverage report [(#3149)](mockito/mockito#3149)
• Migrate to JaCoCo 0.8.11 [(#3147)](mockito/mockito#3147)
• Add Java 21 to CI build matrix [(#3145)](mockito/mockito#3145)
• Feat: add generic-inferred methods for constructing ArgumentCaptors [(#3144)](mockito/mockito#3144)
• Bump gradle from 8.2 to 8.4 [(#3142)](mockito/mockito#3142)
• Bump com.github.ben-manes.versions from 0.48.0 to 0.49.0 [(#3139)](mockito/mockito#3139)
• Bump versions.bytebuddy from 1.14.8 to 1.14.9 [(#3138)](mockito/mockito#3138)
• Bump biz.aQute.bnd.builder from 6.4.0 to 7.0.0 [(#3135)](mockito/mockito#3135)

v5.6.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.6.0

... (truncated)

Commits

• aecf6b5 Handle mismatch of number of type arguments (#3190)
• d742cc8 Bump com.diffplug.spotless from 6.23.1 to 6.23.2 (#3188)
• 12ac4d6 Bump com.diffplug.spotless from 6.23.0 to 6.23.1 (#3186)
• d187f7b Bump actions/setup-java from 3 to 4 (#3185)
• 74633b8 Throw error when mocking sealed abstract enum (#3167)
• 290a8e1 Apply spotless to all java projects (#3184)
• b6554b2 Fix interference between spies when spying on records (#3173)
• bfee15d Bump com.diffplug.spotless from 6.22.0 to 6.23.0 (#3182)
• a0cc22d Add module for Java 21 tests (#3180)
• ed10195 Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.20 to 1.9.21 (#3176)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.2

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.6.2

🐛 Bug Fixes

• [MJAVADOC-716] - Fix stale files detection failing because of the newline (#144) @​gnodet
• [MJAVADOC-713] - Skipping Javadoc reportset leaves empty Javadoc link i… (#246) @​michael-o
• [MJAVADOC-762] - don't share state between tests (#218) @​elharo
• [MJAVADOC-726] - exclude velocity (#243) @​elharo
• [MJAVADOC-726] - trivial Javadoc fixes to test state of CI (#244) @​elharo
• [MJAVADOC-774] - Mock repository should not change project sources (#241) @​slawekjaranowski
• MJAVADOC-774 create dev profile (#239) @​hboutemy
• Use a stable link in unit test (#240) @​slawekjaranowski

📦 Dependency updates

• Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#247) @​dependabot
• [MJAVADOC-777] - Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#245) @​dependabot

Commits

• 28a89f1 [maven-release-plugin] prepare release maven-javadoc-plugin-3.6.2
• 16ca43f [maven-release-plugin] prepare for next development iteration
• 88bc4a5 Align IT after MJAVADOC-716
• 4b881e8 Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0
• 45a8d29 [MJAVADOC-716] Fix stale files detection failing because of the added newline...
• afb2dee [MJAVADOC-713] Skipping Javadoc reportset leaves empty Javadoc link in site
• 4bad23f [MJAVADOC-730] Deprecate parameter "old"
• 8364883 [MJAVADOC-777] Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#245)
• 6fa9c86 [MJAVADOC-762] don't share state between tests (#218)
• 05b12e8 [MJAVADOC-726] exclude velocity (#243)
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.15.2 to 2.16.0

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 2.15.2 to 2.16.0

Commits

• af1ea24 [maven-release-plugin] prepare release jackson-dataformats-binary-2.16.0
• 883649c Prepare for 2.16.0 release
• bef6905 Fix a broken Avro unit test
• 59eba80 Minor test clean up
• 653f792 Merge a (small) subset of #409 into 2.16 (no point merging into 2.15) (#413)
• 7d5c543 Fix #410: update ion-java to 1.10.5 (#411)
• 922784d Manual merge of pom.xml
• 9084d4f Merge branch '2.15' into 2.16
• ffeb90b Clean up of Ion module (#408)
• 4dcd1ec Back to snapshot dep
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.15.2 to 2.16.0

Commits

• af1ea24 [maven-release-plugin] prepare release jackson-dataformats-binary-2.16.0
• 883649c Prepare for 2.16.0 release
• bef6905 Fix a broken Avro unit test
• 59eba80 Minor test clean up
• 653f792 Merge a (small) subset of #409 into 2.16 (no point merging into 2.15) (#413)
• 7d5c543 Fix #410: update ion-java to 1.10.5 (#411)
• 922784d Manual merge of pom.xml
• 9084d4f Merge branch '2.15' into 2.16
• ffeb90b Clean up of Ion module (#408)
• 4dcd1ec Back to snapshot dep
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-ion from 2.15.2 to 2.16.0

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf from 2.15.2 to 2.16.0

Commits

• af1ea24 [maven-release-plugin] prepare release jackson-dataformats-binary-2.16.0
• 883649c Prepare for 2.16.0 release
• bef6905 Fix a broken Avro unit test
• 59eba80 Minor test clean up
• 653f792 Merge a (small) subset of #409 into 2.16 (no point merging into 2.15) (#413)
• 7d5c543 Fix #410: update ion-java to 1.10.5 (#411)
• 922784d Manual merge of pom.xml
• 9084d4f Merge branch '2.15' into 2.16
• ffeb90b Clean up of Ion module (#408)
• 4dcd1ec Back to snapshot dep
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-avro from 2.15.2 to 2.16.0

Commits

• af1ea24 [maven-release-plugin] prepare release jackson-dataformats-binary-2.16.0
• 883649c Prepare for 2.16.0 release
• bef6905 Fix a broken Avro unit test
• 59eba80 Minor test clean up
• 653f792 Merge a (small) subset of #409 into 2.16 (no point merging into 2.15) (#413)
• 7d5c543 Fix #410: update ion-java to 1.10.5 (#411)
• 922784d Manual merge of pom.xml
• 9084d4f Merge branch '2.15' into 2.16
• ffeb90b Clean up of Ion module (#408)
• 4dcd1ec Back to snapshot dep
• Additional commits viewable in compare view

Updates com.alibaba:fastjson from 2.0.40 to 2.0.42

Release notes

Sourced from com.alibaba:fastjson's releases.

fastjson 2.0.42发布

这又是例行的BUG修复小版本，大家按需升级。

Issues

1. 修复JSONB协议反序列化读取java.time类型的NULL值报错的问题 #1855
2. 反序列化增加JSONReader.Feature.ErrorOnUnknownProperties，支持当输入非预期字段时报错 #1944
3. 修复使用兼容包的JSONPath.set不兼容的问题 #1922
4. 修复反序列化超过256位小数时报错的问题，缺省支持2048位小数 #1919
5. 修复序列化时List类型字段配置JSONField.serializeUsing无效的问题 #1948
6. 修复序列化时List类型字段配置JSONField.serializeFeatures WriteClassName无效的问题 #1947
7. 修复序列化时WriteNullNumberAsZero和WriteLongAsString组合不生效的问题 #1893
8. 修复JSONPath在连续数组访问时空值报错的问题 #1965
9. 修复不支持多行注释的问题 #1954
10. 修复输入对象类型输入空数组"[]"报错的问题（兼容）#1971
11. 修复处理JacksonAnnotation的问题 #1985
12. 修复LocalDate类型反序列化输入'Z'后缀格式UTC时区结果不对的问题 #1993

MAVEN依赖配置

<dependency>
    <groupId>com.alibaba.fastjson2</groupId>
    <artifactId>fastjson2</artifactId>
    <version>2.0.42</version>
</dependency>

• android4兼容版本

<dependency>
    <groupId>com.alibaba.fastjson2</groupId>
    <artifactId>fastjson2</artifactId>
    <version>2.0.42.android4</version>
</dependency>

• 1.x 兼容版本

<dependency>
    <groupId>com.alibaba</groupId>
    <artifactId>fastjson</artifactId>
    <version>2.0.42</version>
</dependency>

• Spring 5 extension配置

<dependency>
    <groupId>com.alibaba.fastjson2</groupId>
    <artifactId>fastjson2-extension-spring5</artifactId>
</tr></table> 

... (truncated)

Commits

• dd929b3 2.0.42 release
• 2fd5d43 add testcase for issue #1984
• fa0f55d add error info
• 3d2e622 fix process JacksonAnnation, for issue #1985
• 7fc7768 remove unused code
• 08dc9d7 fix parseLocalDate, for issue #1620 #1993
• deb84b0 add testcase for issue #1974
• 7c1afca Bump org.furyio:fury-core from 0.2.0 to 0.2.1
• ea16f37 Bump arrow.version from 13.0.0 to 14.0.0
• a3d6fca Bump org.apache.flink:flink-json from 1.17.1 to 1.18.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[wanglingsong]

@chillb0nes any idea to fix it?

[chillb0nes]

Hmm... I'm pretty sure original github actions config was copy-pasted from github documentation, so I'm surprised it does not work.

I opened https://github.com/wanglingsong/JsonSurfer/pull/95

Also you may want to rerun dependabot scanning manually after merge, check https://stackoverflow.com/a/77502174

[dependabot[bot]]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.