Skip to content

Renovate Dashboard (codelogic) #2

Open
Open
Renovate Dashboard (codelogic)#2
@renovate

Description

@renovate
renovate
bot
opened on Mar 2, 2026

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Deprecations / Replacements

Warning

The following dependencies are either deprecated or have replacements available.

Datasource Package Replacement PR?
maven org.hibernate:hibernate-jcache Available

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

  • Pin dependencies (actions/checkout, actions/setup-java, actions/upload-artifact)
  • Update dependency asm:asm to v3.3.1
  • Update dependency asm:asm-commons to v3.3.1
  • Update dependency com.broadleafcommerce:broadleaf-boot-starter-hsql-database to v3.0.4-GA
  • Update dependency com.icegreen:greenmail to v2.1.8
  • Update dependency commons-logging:commons-logging to v1.3.6
  • Update dependency commons-validator:commons-validator to v1.10.1
  • Update dependency io.netty:netty-all to v4.2.14.Final
  • Update dependency org.apache.groovy:groovy-all to v4.0.32
  • Update dependency org.apache.maven.plugins:maven-enforcer-plugin to v3.6.3
  • Update dependency org.apache.zookeeper:zookeeper to v3.9.5
  • Update dependency org.apache.zookeeper:zookeeper-jute to v3.9.5
  • Update dependency org.aspectj:aspectjweaver to v1.9.25.1
  • Update dependency org.broadleafcommerce:admin to v7.0.7-GA
  • Update dependency org.broadleafcommerce:broadleaf-common-presentation to v2.0.3-GA
  • Update dependency org.broadleafcommerce:core to v7.0.7-GA
  • Update dependency org.codehaus.jettison:jettison to v1.5.5
  • Update dependency org.eclipse.jetty:jetty-io to v12.1.9
  • Update dependency org.jacoco:jacoco-maven-plugin to v0.8.14
  • Update dependency org.projectlombok:lombok to v1.18.46
  • Update dependency org.quartz-scheduler:quartz to v2.5.2
  • Update dependency org.slf4j:slf4j-api to v2.0.18
  • Update dependency org.springframework.ldap:spring-ldap-core to v3.3.7
  • Update jakarta-xml.version (jakarta.xml.ws:jakarta.xml.ws-api, jakarta.xml.bind:jakarta.xml.bind-api)
  • Update jaxb-ri monorepo to v4.0.8 (org.glassfish.jaxb:jaxb-runtime, com.sun.xml.bind:jaxb-ri)
  • Update logback monorepo to v1.5.32 (ch.qos.logback:logback-classic, ch.qos.logback:logback-core)
  • Update spock monorepo to v2.4-groovy-5.0 (org.spockframework:spock-spring, org.spockframework:spock-core)
  • Update spring boot to v3.5.14 (org.springframework.boot:spring-boot-autoconfigure, org.springframework.boot:spring-boot-starter-test, org.springframework.boot:spring-boot-test)
  • Update spring core to v6.2.18 (org.springframework:spring-test, org.springframework:spring-aop, org.springframework:spring-oxm, org.springframework:spring-orm, org.springframework:spring-jms, org.springframework:spring-context-support, org.springframework:spring-context, org.springframework:spring-beans, org.springframework:spring-web, org.springframework:spring-webmvc, org.springframework:spring-core)
  • Update spring security to v6.5.10 (org.springframework.security:spring-security-config, org.springframework.security:spring-security-ldap, org.springframework.security:spring-security-taglibs, org.springframework.security:spring-security-web, org.springframework.security:spring-security-core, org.springframework.security:spring-security-acl, org.springframework.security:spring-security-oauth2-client)
  • Update dependency cglib:cglib-nodep to v2.2.2
  • Update dependency com.google.code.gson:gson to v2.14.0
  • Update dependency com.google.guava:guava to v33.6.0-jre
  • Update dependency com.google.protobuf:protobuf-java to v4.35.0
  • Update dependency com.nimbusds:nimbus-jose-jwt to v10.9
  • Update dependency com.twelvemonkeys.imageio:imageio-jpeg to v3.13.1
  • Update dependency commons-cli:commons-cli to v1.11.0
  • Update dependency commons-codec:commons-codec to v1.22.0
  • Update dependency commons-io:commons-io to v2.22.0
  • Update dependency jakarta.servlet:jakarta.servlet-api to v6.1.0
  • Update dependency jakarta.validation:jakarta.validation-api to v3.1.1
  • Update dependency org.apache.commons:commons-dbcp2 to v2.14.0
  • Update dependency org.apache.commons:commons-exec to v1.6.0
  • Update dependency org.apache.commons:commons-text to v1.15.0
  • Update dependency org.apache.httpcomponents.client5:httpclient5 to v5.6.1
  • Update dependency org.apache.logging.log4j:log4j-bom to v2.26.0
  • Update dependency org.apache.maven.plugins:maven-clean-plugin to v2.6.1
  • Update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.15.0
  • Update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.2.8
  • Update dependency org.apache.maven.plugins:maven-jar-plugin to v3.5.0
  • Update dependency org.apache.maven.plugins:maven-release-plugin to v3.3.1
  • Update dependency org.apache.maven.plugins:maven-source-plugin to v3.4.0
  • Update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.5.5
  • Update dependency org.apache.maven.plugins:maven-war-plugin to v3.5.1
  • Update dependency org.apache.maven.surefire:surefire-junit-platform to v3.5.5
  • Update dependency org.apache.maven.surefire:surefire-testng to v3.5.5
  • Update dependency org.apache.solr:solr-solrj to v9.10.1
  • Update dependency org.apache.tika:tika-core to v3.3.0
  • Update dependency org.codehaus.gmavenplus:gmavenplus-plugin to v4.3.1
  • Update dependency org.codehaus.mojo:build-helper-maven-plugin to v3.6.1
  • Update dependency org.codehaus.mojo:license-maven-plugin to v2.7.1
  • Update dependency org.easymock:easymock to v5.6.0
  • Update dependency org.ehcache:ehcache to v3.12.0
  • Update dependency org.javassist:javassist to v3.31.0-GA
  • Update dependency org.jboss.logging:jboss-logging to v3.6.3.Final
  • Update dependency org.junit.vintage:junit-vintage-engine to v5.14.4
  • Update dependency org.owasp:dependency-check-maven to v12.2.2
  • Update dependency org.testng:testng to v7.12.0
  • Update jackson monorepo to v2.21.3 (com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider, com.fasterxml.jackson.dataformat:jackson-dataformat-smile, com.fasterxml.jackson.dataformat:jackson-dataformat-xml, com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations)
  • Update actions/checkout action to v6
  • Update actions/setup-java action to v5
  • Update actions/upload-artifact action to v7
  • Update dependency cglib:cglib-nodep to v3
  • Update dependency com.tngtech.archunit:archunit to v1
  • Update dependency jakarta.annotation:jakarta.annotation-api to v3
  • Update dependency org.apache.groovy:groovy-all to v5
  • Update dependency org.apache.maven.plugins:maven-clean-plugin to v3
  • Update dependency org.junit.vintage:junit-vintage-engine to v6
  • Update dependency org.springframework.ldap:spring-ldap-core to v4
  • Update spring boot to v4 (org.springframework.boot:spring-boot-autoconfigure, org.springframework.boot:spring-boot-starter-test, org.springframework.boot:spring-boot-test)
  • Update spring security to v7 (org.springframework.security:spring-security-config, org.springframework.security:spring-security-ldap, org.springframework.security:spring-security-taglibs, org.springframework.security:spring-security-web, org.springframework.security:spring-security-core, org.springframework.security:spring-security-acl, org.springframework.security:spring-security-oauth2-client)
  • 🔐 Create all pending approval PRs at once 🔐

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

  • Update dependency org.apache.solr:solr-solrj to v10
  • Update spring core to v7 (org.springframework:spring-test, org.springframework:spring-aop, org.springframework:spring-oxm, org.springframework:spring-orm, org.springframework:spring-jms, org.springframework:spring-context-support, org.springframework:spring-context, org.springframework:spring-beans, org.springframework:spring-web, org.springframework:spring-webmvc, org.springframework:spring-core)

Warning

Renovate failed to look up the following dependencies: Failed to look up maven package jakarta.cache:jakarta.cache-api: no-result.

Files affected: common/pom.xml

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

Detected Dependencies

github-actions (1)
.github/workflows/ci.yml (3)
  • actions/checkout v4 → [Updates: v6, v4]
  • actions/setup-java v4 → [Updates: v5, v4]
  • actions/upload-artifact v4 → [Updates: v7, v4]
maven (13)
admin/broadleaf-admin-functional-tests/pom.xml (1)
  • org.broadleafcommerce:admin 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
admin/broadleaf-admin-module/pom.xml (1)
  • org.broadleafcommerce:admin 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
admin/broadleaf-contentmanagement-module/pom.xml (1)
  • org.broadleafcommerce:admin 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
admin/broadleaf-open-admin-platform/pom.xml (1)
  • org.broadleafcommerce:admin 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
admin/pom.xml
common/pom.xml (4)
  • com.sun.xml.bind:jaxb-ri 4.0.2 → [Updates: 4.0.8]
  • org.apache.commons:commons-beanutils2 2.0.0-M2
  • org.apache.commons:commons-exec 1.3 → [Updates: 1.6.0]
  • jakarta.cache:jakarta.cache-api 3.0.0
core/broadleaf-framework-web/pom.xml (1)
  • org.broadleafcommerce:core 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
core/broadleaf-framework/pom.xml (3)
  • org.broadleafcommerce:core 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
  • org.apache.zookeeper:zookeeper 3.9.4 → [Updates: 3.9.5]
  • org.apache.zookeeper:zookeeper-jute 3.9.4 → [Updates: 3.9.5]
core/broadleaf-profile-web/pom.xml (1)
  • org.broadleafcommerce:core 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
core/broadleaf-profile/pom.xml (1)
  • org.broadleafcommerce:core 7.0.7-SNAPSHOT → [Updates: 7.0.7-GA]
core/pom.xml
integration/pom.xml (5)
  • org.apache.maven.surefire:surefire-testng 3.2.5 → [Updates: 3.5.5]
  • org.apache.maven.surefire:surefire-junit-platform 3.2.5 → [Updates: 3.5.5]
  • org.apache.maven.plugins:maven-clean-plugin 2.4.1 → [Updates: 2.6.1, 3.5.0]
  • org.testng:testng 7.8.0 → [Updates: 7.12.0]
  • com.tngtech.archunit:archunit 0.23.1 → [Updates: 1.4.2]
pom.xml (121)
  • com.google.javascript:closure-compiler-unshaded v20240317
  • org.springframework.boot:spring-boot-test 3.5.6 → [Updates: 3.5.14, 4.0.6]
  • org.broadleafcommerce:broadleaf-common-presentation 2.0.2-GA → [Updates: 2.0.3-GA]
  • org.springframework:spring-test 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework.boot:spring-boot-test 3.5.6 → [Updates: 3.5.14, 4.0.6]
  • org.spockframework:spock-spring 2.4-M4-groovy-4.0 → [Updates: 2.4-groovy-5.0]
  • org.springframework.boot:spring-boot-starter-test 3.5.6 → [Updates: 3.5.14, 4.0.6]
  • com.broadleafcommerce:broadleaf-boot-starter-hsql-database 3.0.3-GA → [Updates: 3.0.4-GA]
  • org.apache.maven.plugins:maven-compiler-plugin 3.14.0 → [Updates: 3.15.0]
  • org.zeroturnaround:jrebel-maven-plugin 1.2.1
  • org.codehaus.mojo:build-helper-maven-plugin 3.4.0 → [Updates: 3.6.1]
  • org.apache.maven.plugins:maven-surefire-plugin 3.2.1 → [Updates: 3.5.5]
  • org.apache.maven.plugins:maven-war-plugin 3.4.0 → [Updates: 3.5.1]
  • org.apache.maven.plugins:maven-jar-plugin 3.4.2 → [Updates: 3.5.0]
  • org.apache.maven.plugins:maven-deploy-plugin 3.1.4
  • org.codehaus.gmavenplus:gmavenplus-plugin 4.2.0 → [Updates: 4.3.1]
  • org.apache.maven.plugins:maven-release-plugin 3.1.1 → [Updates: 3.3.1]
  • org.codehaus.mojo:license-maven-plugin 2.4.0 → [Updates: 2.7.1]
  • org.jacoco:jacoco-maven-plugin 0.8.13 → [Updates: 0.8.14]
  • org.apache.maven.plugins:maven-enforcer-plugin 3.6.2 → [Updates: 3.6.3]
  • org.projectlombok:lombok 1.18.42 → [Updates: 1.18.46]
  • org.owasp:dependency-check-maven 12.1.9 → [Updates: 12.2.2]
  • org.apache.maven.plugins:maven-gpg-plugin 3.1.0 → [Updates: 3.2.8]
  • org.apache.maven.plugins:maven-javadoc-plugin 3.12.0
  • jakarta.interceptor:jakarta.interceptor-api 2.2.0
  • org.apache.maven.plugins:maven-source-plugin 3.3.1 → [Updates: 3.4.0]
  • org.hibernate:hibernate-envers-jakarta 5.6.15.Final
  • org.jboss.logging:jboss-logging 3.4.3.Final → [Updates: 3.6.3.Final]
  • org.hibernate:hibernate-core-jakarta 5.6.15.Final
  • org.hibernate:hibernate-jcache 5.6.15.Final → [Updates: 7.3.5.Final]
  • commons-validator:commons-validator 1.10.0 → [Updates: 1.10.1]
  • org.apache.commons:commons-collections4 4.5.0
  • commons-logging:commons-logging 1.3.5 → [Updates: 1.3.6]
  • commons-beanutils:commons-beanutils 1.11.0
  • commons-cli:commons-cli 1.5.0 → [Updates: 1.11.0]
  • commons-fileupload:commons-fileupload 1.6.0
  • com.twelvemonkeys.imageio:imageio-jpeg 3.12.0 → [Updates: 3.13.1]
  • com.github.depsypher:pngtastic 1.8
  • commons-io:commons-io 2.20.0 → [Updates: 2.22.0]
  • org.apache.commons:commons-dbcp2 2.9.0 → [Updates: 2.14.0]
  • commons-codec:commons-codec 1.16.1 → [Updates: 1.22.0]
  • org.apache.commons:commons-lang3 3.20.0
  • org.apache.commons:commons-text 1.13.1 → [Updates: 1.15.0]
  • org.apache.logging.log4j:log4j-bom 2.25.2 → [Updates: 2.26.0]
  • org.slf4j:slf4j-api 2.0.17 → [Updates: 2.0.18]
  • ch.qos.logback:logback-core 1.5.26 → [Updates: 1.5.32]
  • ch.qos.logback:logback-classic 1.5.26 → [Updates: 1.5.32]
  • jakarta.mail:jakarta.mail-api 2.1.5
  • org.eclipse.angus:jakarta.mail 2.0.5
  • jakarta.annotation:jakarta.annotation-api 2.1.1 → [Updates: 3.0.0]
  • jakarta.xml.bind:jakarta.xml.bind-api 4.0.0 → [Updates: 4.0.5]
  • jakarta.xml.ws:jakarta.xml.ws-api 4.0.0 → [Updates: 4.0.3]
  • org.apache.xmlbeans:xmlbeans 5.3.0
  • com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations 2.20.0 → [Updates: 2.21.3]
  • com.fasterxml.jackson.dataformat:jackson-dataformat-xml 2.20.0 → [Updates: 2.21.3]
  • com.fasterxml.jackson.dataformat:jackson-dataformat-smile 2.20.0 → [Updates: 2.21.3]
  • com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider 2.20.0 → [Updates: 2.21.3]
  • org.apache.geronimo.specs:geronimo-jms_1.1_spec 1.1.1
  • jakarta.servlet:jakarta.servlet-api 6.0.0 → [Updates: 6.1.0]
  • com.icegreen:greenmail 2.1.0-alpha-1 → [Updates: 2.1.8]
  • junit:junit 4.13.2
  • org.junit.vintage:junit-vintage-engine 5.10.2 → [Updates: 5.14.4, 6.1.0]
  • org.easymock:easymock 5.2.0 → [Updates: 5.6.0]
  • org.easymock:easymockclassextension 3.2
  • org.apache.groovy:groovy-all 4.0.20 → [Updates: 4.0.32, 5.0.6]
  • org.gebish:geb-core 7.0
  • org.gebish:geb-spock 7.0
  • org.spockframework:spock-core 2.4-M4-groovy-4.0 → [Updates: 2.4-groovy-5.0]
  • org.apache.solr:solr-solrj 9.9.0 → [Updates: 9.10.1, 10.0.0]
  • org.eclipse.jetty.http2:http2-parent 11.0.26
  • org.eclipse.jetty:jetty-io 12.1.2 → [Updates: 12.1.9]
  • io.netty:netty-all 4.2.6.Final → [Updates: 4.2.14.Final]
  • cglib:cglib-nodep 2.1_3 → [Updates: 2.2.2, 3.3.0]
  • asm:asm 3.3 → [Updates: 3.3.1]
  • asm:asm-commons 3.3 → [Updates: 3.3.1]
  • org.javassist:javassist 3.29.2-GA → [Updates: 3.31.0-GA]
  • org.quartz-scheduler:quartz 2.5.0 → [Updates: 2.5.2]
  • org.mvel:mvel2 2.5.2.Final
  • jakarta-regexp:jakarta-regexp 1.4
  • jakarta.jms:jakarta.jms-api 3.1.0
  • org.ehcache:ehcache 3.10.8 → [Updates: 3.12.0]
  • org.springframework:spring-core 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-webmvc 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-web 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-beans 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-context 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-context-support 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-jms 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-orm 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-oxm 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-aop 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework:spring-test 6.2.11 → [Updates: 6.2.18, 7.0.7]
  • org.springframework.boot:spring-boot-autoconfigure 3.5.6 → [Updates: 3.5.14, 4.0.6]
  • org.springframework.security:spring-security-oauth2-client 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • com.nimbusds:nimbus-jose-jwt 10.0.2 → [Updates: 10.9]
  • org.springframework.security:spring-security-acl 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • org.springframework.security:spring-security-core 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • org.springframework.security:spring-security-web 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • org.springframework.security:spring-security-taglibs 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • org.springframework.ldap:spring-ldap-core 3.3.3 → [Updates: 3.3.7, 4.0.3]
  • org.springframework.security:spring-security-ldap 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • org.springframework.security:spring-security-config 6.5.5 → [Updates: 6.5.10, 7.0.5]
  • commons-pool:commons-pool 1.6
  • org.hsqldb:hsqldb 2.7.4
  • org.glassfish.jaxb:jaxb-runtime 4.0.2 → [Updates: 4.0.8]
  • org.aspectj:aspectjweaver 1.9.19 → [Updates: 1.9.25.1]
  • org.apache.tika:tika-core 3.2.3 → [Updates: 3.3.0]
  • org.owasp.antisamy:antisamy 1.7.8
  • org.apache.httpcomponents.client5:httpclient5 5.5.1 → [Updates: 5.6.1]
  • org.owasp.esapi:esapi 2.7.0.0
  • org.apache.httpcomponents:httpclient 4.5.14
  • jakarta.validation:jakarta.validation-api 3.0.2 → [Updates: 3.1.1]
  • de.jkeylockmanager:jkeylockmanager 2.1.0
  • org.codehaus.jettison:jettison 1.5.4 → [Updates: 1.5.5]
  • com.yahoo.platform.yui:yuicompressor 2.4.8
  • com.google.javascript:closure-compiler-unshaded v20240317
  • com.google.guava:guava 33.5.0-jre → [Updates: 33.6.0-jre]
  • com.google.protobuf:protobuf-java 4.32.0 → [Updates: 4.35.0]
  • com.google.code.gson:gson 2.13.2 → [Updates: 2.14.0]
  • com.google.code.findbugs:jsr305 3.0.2
  • com.googlecode.htmlcompressor:htmlcompressor 1.5.2
  • Check this box to trigger a request for Renovate to run again on this repository

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions