Bump the dev-dependencies group across 1 directory with 14 updates

[dependabot]

Bumps the dev-dependencies group with 14 updates in the / directory:

Package	From	To
com.sun.xml.bind:jaxb-impl	2.2	4.0.0
com.sun.xml.bind:jaxb-xjc	2.2	4.0.0
commons-io:commons-io	2.17.0	2.18.0
org.glassfish.jaxb:jaxb-runtime	2.3.5	4.0.0
net.sf.saxon:Saxon-HE	9.4	12.0
gov.nasa.pds:pds3-product-tools	4.4.0	4.4.2
org.apache.solr:solr-core	9.7.0	9.8.0
org.apache.solr:solr-solrj	9.7.0	9.8.0
org.json:json	20240303	20250107
org.apache.tika:tika-core	2.8.0	3.0.0
org.springframework:spring-core	6.1.14	6.2.2
org.springframework:spring-context	6.1.14	6.2.2
com.sun.xml.bind:jaxb-core	2.3.0	4.0.0
org.apache.logging.log4j:log4j-core	2.24.0	2.24.3

Updates com.sun.xml.bind:jaxb-impl from 2.2 to 4.0.0

Updates com.sun.xml.bind:jaxb-xjc from 2.2 to 4.0.0

Updates commons-io:commons-io from 2.17.0 to 2.18.0

Updates org.glassfish.jaxb:jaxb-runtime from 2.3.5 to 4.0.0

Updates net.sf.saxon:Saxon-HE from 9.4 to 12.0

Updates gov.nasa.pds:pds3-product-tools from 4.4.0 to 4.4.2

Changelog

Sourced from gov.nasa.pds:pds3-product-tools's changelog.

v4.4.2 (2024-11-25)

Full Changelog

v4.4.1 (2024-10-15)

Full Changelog

Commits

• af182c7 Update changelog
• 4b39cb1 Update requirements
• ca98d66 Update changelog
• d4cdf9d Merge pull request #75 from NASA-PDS/dependabot/maven/org.apache.logging.log4...
• 652c6bb Setting snapshot version for 4.5.1-SNAPSHOT
• d76f7dd Committing poms for stable release
• b095102 Update changelog
• 4114f40 Update requirements
• 910ca25 Bump org.apache.logging.log4j:log4j-core from 2.24.0 to 2.24.1
• 3c67881 Update changelog
• Additional commits viewable in compare view

Updates org.apache.solr:solr-core from 9.7.0 to 9.8.0

Updates org.apache.solr:solr-solrj from 9.7.0 to 9.8.0

Updates org.json:json from 20240303 to 20250107

Release notes

Sourced from org.json:json's releases.

20250107

Pull Request	Description
#930	pre-release-20250107: updates for next release
#929	restore moditect in pom.xml

20241224

Pull Request	Description
#924	pre-release-20241224: updates for next release
#907	Fix a bug when calling JSONArray.addAll() with Collection as Object
#894	update jsonpath from 2.4.0 to 2.9.0
#889	Fixed non-idempotent unit tests in JSONObjectTest
#879	Extend syntax error information
#877, #886, #888, #911, #921	Strict mode opt-in feature
#876	Remove jsonparserconfig ctor- just use withOverwriteDuplicateKey
#867	Improve performance in toString()

Changelog

Sourced from org.json:json's changelog.

Release history:

JSON-java releases can be found by searching the Maven repository for groupId "org.json" and artifactId "json". For example: https://search.maven.org/search?q=g:org.json%20AND%20a:json&core=gav

20250107....Restore moditect in pom.xml
20241224....Strict mode opt-in feature, and recent commits. This release does not contain module-info.class.

It is not recommended if you need this feature.

Commits

• See full diff in compare view

Updates org.apache.tika:tika-core from 2.8.0 to 3.0.0

Changelog

Sourced from org.apache.tika:tika-core's changelog.

Release 4.0.0-BETA1 - ??? BREAKING CHANGES

• Headers are no longer injected into the body/content of MSG files (TIKA-4345). Please open a ticket if you need this behavior across email formats.

Release 3.1.0 - ??

• Allow users to turn off the injection of some headers into the content stream of MSG files (TIKA-4345).

• Add a wrapper for Google's magika detector (TIKA-4344).

• Add support for MachO via Alexey Pelykh (TIKA-4309).

• Add logic to inject spaces in XPS files based on font widths via Ruairidh Williamson (TIKA-4315).

• Mime type "application/json" is now a sub class of "text/javascript" not "application/javascript" (TIKA-4336)

• Remove tagsoup from the project entirely. Note that some of the tags produced by the SourceCodeParser are slightly different (TIKA-4338)

Release 3.0.0 - 10/15/2024

• Fix regression in TextAndCSVParser (TIKA-4278).

Release 3.0.0-BETA2 - 07/09/2024

BREAKING CHANGES

• Updated PST parser to use standard Message metadata keys and improved handling of embedded files (TIKA-4248).

• Convenience methods for XML readers were moved from ParseContext to XMLReaderUtils (TIKA-4259).

Other Changes

• Add GRPC server (TIKA-4181).

• Improved configurability in tika-pipes (TIKA-4243).

• Add optional PST parser based on libpst/readpst (TIKA-4250).

Release 3.0.0-BETA - 12/01/2023

BREAKING CHANGES

• Require Java 11 (TIKA-4128).

... (truncated)

Commits

• 9bcb38d [maven-release-plugin] prepare release 3.0.0-rc1
• 8397293 revert for another release attempt
• a6858b4 [maven-release-plugin] prepare for next development iteration
• 3f8a029 [maven-release-plugin] prepare release 3.0.0-rc1
• 3bde500 add jetty from solr emitter
• 578e3e9 rollback for another release attempt.
• 1cfc313 [maven-release-plugin] prepare for next development iteration
• 7ffaf12 [maven-release-plugin] prepare release 3.0.0-rc1
• 0a548d6 rollback for another release attempt.
• d6ce501 Merge remote-tracking branch 'origin/main'
• Additional commits viewable in compare view

Updates org.springframework:spring-core from 6.1.14 to 6.2.2

Release notes

Sourced from org.springframework:spring-core's releases.

v6.2.2

⭐ New Features

• Track only qualifier annotations in BeanOverrideHandler #34260
• Remove @FunctionalInterface declaration from BeanOverrideProcessor #34259
• Refine default filtered headers for web data binding #34182
• Improve query params in uri KeyValue with HTTP interface client #34176
• Refine location checks for PathResource #34167
• Avoid virtual thread pinning in procedure calling #34133
• Type-level constraint violation should result in ParameterErrors #34105
• Avoid logger serialization behind shared EntityManager proxy #34084
• Improve PathMatcher to PathPatternParser migration in mvc XML configuration #34064
• Support @MockitoBean at the type level on test classes #33925

🐞 Bug Fixes

• HttpHeadersAssert#doesNotContainsHeaders has a typo #34263
• Deadlock with background EntityManager bootstrap due to locking in getSingletonFactoryBeanForTypeCheck #34247
• ApplicationListener no longer invoked for double generic ApplicationEvent with 6.2.1 #34234
• Nested transaction savepoints are broken in SQL Server #34233
• Error handling override in DefaultResponseErrorHandler ignored after upgrade to 6.2.0 #34231
• FileNotFoundException is thrown when using ConfigurationPropertiesScan with Spring Context 6.2.1 #34216
• BindException declared but not handled by ExceptionHandler #34214
• @TestBean factory method resolution is incorrect within class hierarchy #34204
• Bean Override in superclass takes precedence over Bean Override in subclass #34194
• Ensure AsyncListener#onError does not return until dispatch completes #34192
• BeanNotOfRequiredTypeException during transaction qualifier resolution in 6.2.1 #34187
• BeanCurrentlyInCreationException is thrown when multiple threads simultaneously try to create bean #34186
• DataBinder throws IndexOutOfBoundsException when indexed parameter uses nonconsecutive indices #34145
• NullPointerException is thrown if WebClient is used with Apache Httpclient and cookies are disabled #34132
• Wrong parentId tracking in FlightRecorderApplicationStartup #34128
• PathMatchingResourcePatternResolver is not able to resolve file in SpringBoot Packaged JAR #34126
• Placeholder resolution no longer considers exact match before resolving the placeholder key #34124
• DataBinder throws StringIndexOutOfBoundsException for indexed property without nested property path #34121
• Dependency injection matches wildcards too leniently with 6.2.1 #34119
• PathMatchingResourcePatternResolver throws FileNotFoundException caused by wrong cache path #34111
• SpEL fails to invoke MethodHandle function reference accepting only varargs #34109
• Generic with a base type is no longer resolved to its base if the generic is unresolved #34086
• DataBinder throws StringIndexOutOfBoundsException for map property without nested property path #34043
• Fix implicit variable resolution in JSP EvalTag #33945

📔 Documentation

• Fix inaccuracy in RequestHeaderArgumentResolver Javadoc #34230
• Document that http.client.requests measure the entire HTTP exchange #34201
• Misuse of em dash in "Basic Concept" section #34165
• Fix typo in link #34149
• Broken syntax in xml sample of "Reference to Other Beans" section #34148
• Fix minor typo in reference documentation for Kotlin annotations #34134
• Clarify documentation for the default uri client request observation metric #34116

... (truncated)

Commits

• d5da602 Release v6.2.2
• 384d274 Polishing in HttpServiceMethod
• 5150a9a Polishing contribution
• a8c5885 Fix wrong document about RequestHeaderArgumentResolver
• 7d84427 Upgrade to Jetty 12.0.16, Netty 4.1.117, Protobuf 4.29.3, Checkstyle 10.21.1
• 70ceb3a Refer to local Consumer type instead of Kotlin test type
• 9181cce Support @⁠MockitoBean at the type level on test classes
• 8b6523a Cross reference @⁠NestedTestConfiguration for Bean Overrides
• e7f3493 Merge pull request #34086 from rPraml
• fe5f5d5 Polish "Resolve base type in parameterized type if necessary"
• Additional commits viewable in compare view

Updates org.springframework:spring-context from 6.1.14 to 6.2.2

Release notes

Sourced from org.springframework:spring-context's releases.

v6.2.2

⭐ New Features

• Track only qualifier annotations in BeanOverrideHandler #34260
• Remove @FunctionalInterface declaration from BeanOverrideProcessor #34259
• Refine default filtered headers for web data binding #34182
• Improve query params in uri KeyValue with HTTP interface client #34176
• Refine location checks for PathResource #34167
• Avoid virtual thread pinning in procedure calling #34133
• Type-level constraint violation should result in ParameterErrors #34105
• Avoid logger serialization behind shared EntityManager proxy #34084
• Improve PathMatcher to PathPatternParser migration in mvc XML configuration #34064
• Support @MockitoBean at the type level on test classes #33925

🐞 Bug Fixes

• HttpHeadersAssert#doesNotContainsHeaders has a typo #34263
• Deadlock with background EntityManager bootstrap due to locking in getSingletonFactoryBeanForTypeCheck #34247
• ApplicationListener no longer invoked for double generic ApplicationEvent with 6.2.1 #34234
• Nested transaction savepoints are broken in SQL Server #34233
• Error handling override in DefaultResponseErrorHandler ignored after upgrade to 6.2.0 #34231
• FileNotFoundException is thrown when using ConfigurationPropertiesScan with Spring Context 6.2.1 #34216
• BindException declared but not handled by ExceptionHandler #34214
• @TestBean factory method resolution is incorrect within class hierarchy #34204
• Bean Override in superclass takes precedence over Bean Override in subclass #34194
• Ensure AsyncListener#onError does not return until dispatch completes #34192
• BeanNotOfRequiredTypeException during transaction qualifier resolution in 6.2.1 #34187
• BeanCurrentlyInCreationException is thrown when multiple threads simultaneously try to create bean #34186
• DataBinder throws IndexOutOfBoundsException when indexed parameter uses nonconsecutive indices #34145
• NullPointerException is thrown if WebClient is used with Apache Httpclient and cookies are disabled #34132
• Wrong parentId tracking in FlightRecorderApplicationStartup #34128
• PathMatchingResourcePatternResolver is not able to resolve file in SpringBoot Packaged JAR #34126
• Placeholder resolution no longer considers exact match before resolving the placeholder key #34124
• DataBinder throws StringIndexOutOfBoundsException for indexed property without nested property path #34121
• Dependency injection matches wildcards too leniently with 6.2.1 #34119
• PathMatchingResourcePatternResolver throws FileNotFoundException caused by wrong cache path #34111
• SpEL fails to invoke MethodHandle function reference accepting only varargs #34109
• Generic with a base type is no longer resolved to its base if the generic is unresolved #34086
• DataBinder throws StringIndexOutOfBoundsException for map property without nested property path #34043
• Fix implicit variable resolution in JSP EvalTag #33945

📔 Documentation

• Fix inaccuracy in RequestHeaderArgumentResolver Javadoc #34230
• Document that http.client.requests measure the entire HTTP exchange #34201
• Misuse of em dash in "Basic Concept" section #34165
• Fix typo in link #34149
• Broken syntax in xml sample of "Reference to Other Beans" section #34148
• Fix minor typo in reference documentation for Kotlin annotations #34134
• Clarify documentation for the default uri client request observation metric #34116

... (truncated)

Commits

• d5da602 Release v6.2.2
• 384d274 Polishing in HttpServiceMethod
• 5150a9a Polishing contribution
• a8c5885 Fix wrong document about RequestHeaderArgumentResolver
• 7d84427 Upgrade to Jetty 12.0.16, Netty 4.1.117, Protobuf 4.29.3, Checkstyle 10.21.1
• 70ceb3a Refer to local Consumer type instead of Kotlin test type
• 9181cce Support @⁠MockitoBean at the type level on test classes
• 8b6523a Cross reference @⁠NestedTestConfiguration for Bean Overrides
• e7f3493 Merge pull request #34086 from rPraml
• fe5f5d5 Polish "Resolve base type in parameterized type if necessary"
• Additional commits viewable in compare view

Updates com.sun.xml.bind:jaxb-core from 2.3.0 to 4.0.0

Updates org.apache.logging.log4j:log4j-core from 2.24.0 to 2.24.3

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
net.sf.saxon:Saxon-HE	[>= 12.3.a, < 12.4]
net.sf.saxon:Saxon-HE	[>= 12.a, < 13]
org.apache.solr:solr-core	[>= 9.4.a, < 9.5]
org.apache.solr:solr-solrj	[>= 9.4.a, < 9.5]
net.sf.saxon:Saxon-HE	[>= 11.a, < 12]
net.sf.saxon:Saxon-HE	[>= 10.a, < 11]
org.apache.tika:tika-core	[>= 2.9.a, < 2.10]
com.sun.xml.bind:jaxb-xjc	[>= 4.a, < 5]
com.sun.xml.bind:jaxb-impl	[>= 4.a, < 5]
com.sun.xml.bind:jaxb-core	[>= 4.a, < 5]
org.glassfish.jaxb:jaxb-runtime	[>= 4.a, < 5]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.