Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-13.4.0

Checkstyle 13.4.0 - https://checkstyle.org/releasenotes.html#Release_13.4.0

Breaking backward compatibility:

#8315 - Improve violation message of ImportOrder

New:

#17565 - Line break must be present after { of non-empty block in switch rule #18065 - New Check: IllegalSymbol to forbit emoj in code

Bug fixes:

#18228 - False-positive: Suppress indentation check when quotes start at the left margin #17137 - UnnecessaryNullCheckWithInstanceOf ignores redundant null check for complex cases. #17842 - False-negative: Member names with underscores

... (truncated)

• ad2d2d2 [maven-release-plugin] prepare release checkstyle-13.4.0
• ac969f5 doc: release notes for 13.4.0
• b96d1c3 Issue #15456: Define violation messages for JavadocTagContinuationIndentation
• d47cde5 Issue #11163: Enforce file size on InputNeedBracesTestSwitchExpression
• bbb00f9 Issue #16361: add comment on testAddException
• 601213d Issue #12721: add Buildkite CI with mvn verify
• 95cecf8 dependency: bump org.openrewrite.recipe:rewrite-migrate-java
• 92dcd3d dependency: bump pmd.version from 7.22.0 to 7.23.0
• ab7a33c Issue #16361: Refactor testNewCtor
• 70cab66 Issue #16361: Add explanatory comment for testReadResourceWithInvalidName
• Additional commits viewable in compare view

Sourced from org.javassist:javassist's releases.

Javassist 3.31.0-GA

What's Changed

• improve pom by @​oldratlee in jboss-javassist/javassist#477
• support bootstrap method coping when using code coping by @​likey3 in jboss-javassist/javassist#480
• Line numbers support by @​kuznet1 in jboss-javassist/javassist#484
• [bugfix]fix TransformCallToStatic with invokeinterface or invokedynamic by @​catsalty in jboss-javassist/javassist#486
• reduced InnerClasses propagation by @​jbellenger in jboss-javassist/javassist#491
• Fix wrong line numbers in some cases by @​kuznet1 in jboss-javassist/javassist#492
• ignoring unnecessarily generated surefire report by @​Talank in jboss-javassist/javassist#506
• Add Record and PermittedSubclasses (sealed) Attributes by @​Asbestosstar in jboss-javassist/javassist#495

New Contributors

• @​likey3 made their first contribution in jboss-javassist/javassist#480
• @​kuznet1 made their first contribution in jboss-javassist/javassist#484
• @​jbellenger made their first contribution in jboss-javassist/javassist#491
• @​Talank made their first contribution in jboss-javassist/javassist#506
• @​Asbestosstar made their first contribution in jboss-javassist/javassist#495

Full Changelog: jboss-javassist/javassist@rel_3_30_2_ga...rel_3_31_0_ga

Sourced from org.javassist:javassist's changelog.

Changes

version 3.31.0 on April 20, 2026

• GitHub PR #480, #484, #486, #491, #492, #495, #506

version 3.30.2 on December 25, 2023

• GitHub PR #473, 475, 476

version 3.30.1 on December 17, 2023

• GitHub Issue #471

version 3.30 on December 17, 2023

• GitHub PR #434, 448, 463 (Issue #462), 466, 467, 468, 469, 470,

version 3.29.2 on September 14, 2022

• GitHub Issue #427.

version 3.29.1 on August 11, 2022

• GitHub Issue #423.

• Readme.html was deleted (GitHub Issue #414).

version 3.29 on May 13, 2022

• GitHub Issue #378, PR #278, #299, #382, #383, #390, #391, #395, #399, #409.

version 3.28 on May 8, 2021

• GitHub Issue #305, #328, #339, #350, #357, and PR #363.

version 3.27 on March 19, 2020

• GitHub Issue #271 (PR #279), #280 (PR #281), #282, and PR #294.

version 3.26 on October 3, 2019

• GitHub Issue #270 (PR #272), #265 (PR #267), #271, #222, and #275.

version 3.25 on April 16, 2019

• GitHub Issue #72 (PR #231), #241, #242 (PR #243), PR #244, #246 (PR #247), PR #250, #252 (PR #253), PR #254.

version 3.24.1 on December 9, 2018

... (truncated)

• See full diff in compare view

Sourced from com.google.guava:guava's releases.

33.6.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.6.0-jre</version>
  <!-- or, for Android: -->
  <version>33.6.0-android</version>
</dependency>

Jar files

• 33.6.0-jre.jar
• 33.6.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.3.jar

Javadoc

• 33.6.0-jre
• 33.6.0-android

JDiff

• 33.6.0-jre vs. 33.5.0-jre
• 33.6.0-android vs. 33.5.0-android
• 33.6.0-android vs. 33.6.0-jre

Changelog

• Migrated some classes from finalize() to PhantomReference in preparation for the removal of finalization. (786b619dd6, 7c6b17c, aeef90988d)
• cache: Deprecated CacheBuilder APIs that use TimeUnit in favor of those that use Duration. (73f8b0bb84)
• collect: Added toImmutableSortedMap collectors that use the natural comparator. (64d70b9f94)
• collect: Changed ConcurrentHashMultiset, ImmutableMap and TreeMultiset deserialization to avoid mutating final fields. In extremely unlikely scenarios in which an instance of that type contains an object that refers back to that instance, this could lead to a broken instance that throws NullPointerException when used. (8240c7e596, 046468055f)
• graph: Removed @Beta from all APIs in the package. (dae9566b73)
• graph: Added support to Graphs.transitiveClosure() for different strategies for adding self-loops. (2e13df25b2)
• graph: Added an asNetwork() view to Graph and ValueGraph. (909c593c61)
• hash: Added BloomFilter.serializedSize(). (df9bcc251a)
• net: Added HttpHeaders.CDN_CACHE_CONTROL. (75331b5030)

• See full diff in compare view

Sourced from org.checkerframework:checker-qual's releases.

Release 4.0.0 of the Checker Framework

Version 4.0.0 (2026-04-07)

User-visible changes

To run the Checker Framework, you need to use a JDK 17 or later version of javac. That is, you need to use JDK 17 or later when compiling your code.

The Checker Framework can type-check any Java project, including projects that compile to Java 8 or 11 bytecodes and run on JRE versions 8 or 11. That is, your code can run under any release of Java, from Java 8 onward.

The type qualifiers and utility libraries in checker-qual.jar and checker-util.jar still use Java 11 bytecode. Thus, they may be used in projects that run under Java 11 or later.

Changes since version 3.0.0

Since version 3.0.0, 91 authors have made over 4500 commits and closed over 600 issues. Thanks to everyone who contributed!

New checkers include:

• The Index Checker warns about out-of-bounds accesses to arrays and strings.
• The Initialized Fields Checker warns if a constructor does not initialize a field.
• The Resource Leak Checker guarantees that every resource is closed rather than leaked. Examples of resources are a channel, executor, ExecutionControl, file, FileLock, Formatter, reader, Scanner, socket, stream, writer, etc.
• The SQL Quotes Checker helps prevent SQL injection vulnerabilities.

New command-line arguments include:

• -AskipFiles, -AonlyFiles
• -AassumeSideEffectFree, -AassumeDeterministic, -AassumePure, -AassumePureGetters
• -AuseConservativeDefaultsForUncheckedCode
• -AignoreRawTypeArguments
• -AwarnRedundantAnnotations
• -Ainfer=ajava, -AinferOutputDirectory, -AinferOutputOriginal, -AshowWpiFailedInferences
• -AshowSuppressWarningsStrings, -AwarnUnneededSuppressionsExceptions
• -AshowPrefixInWarningMessages
• -AstubNoWarnIfNotFound, -AstubWarnNote, -AmergeStubsWithSource
• -Aonelinemsg, -AdumpOnErrors, -AexceptionLineSeparator
• -ApermitMissingJdk, -AparseAllJdk
• -AslowTypecheckingSeconds
• -Aversion, -AprintGitProperties
• You can pass an option to only a particular checker (not all checkers) by using an underscore prefix.

Other improvements include thousands of enhancements and bug fixes -- too many to list here.

Implementation details

All previously-deprecated methods and classes have been removed. If your project builds upon the Checker Framework, we suggest that you upgrade to version 3.55.1, resolve all the deprecation warnings, then upgrade to version 4.0.0.

Checker Framework 3.55.1

Version 3.55.1 (2026-04-03)

No user-visible changes.

... (truncated)

Sourced from org.checkerframework:checker-qual's changelog.

Version 4.0.0 (2026-04-07)

User-visible changes

To run the Checker Framework, you need to use a JDK 17 or later version of javac. That is, you need to use JDK 17 or later when compiling your code.

The Checker Framework can type-check any Java project, including projects that compile to Java 8 or 11 bytecodes and run on JRE versions 8 or 11. That is, your code can run under any release of Java, from Java 8 onward.

The type qualifiers and utility libraries in checker-qual.jar and checker-util.jar still use Java 11 bytecode. Thus, they may be used in projects that run under Java 11 or later.

Changes since version 3.0.0

Since version 3.0.0, 91 authors have made over 4500 commits and closed over 600 issues. Thanks to everyone who contributed!

New checkers include:

• The Index Checker warns about out-of-bounds accesses to arrays and strings.
• The Initialized Fields Checker warns if a constructor does not initialize a field.
• The Resource Leak Checker guarantees that every resource is closed rather than leaked. Examples of resources are a channel, executor, ExecutionControl, file, FileLock, Formatter, reader, Scanner, socket, stream, writer, etc.
• The SQL Quotes Checker helps prevent SQL injection vulnerabilities.

New command-line arguments include:

• -AskipFiles, -AonlyFiles
• -AassumeSideEffectFree, -AassumeDeterministic, -AassumePure, -AassumePureGetters
• -AuseConservativeDefaultsForUncheckedCode
• -AignoreRawTypeArguments
• -AwarnRedundantAnnotations
• -Ainfer=ajava, -AinferOutputDirectory, -AinferOutputOriginal, -AshowWpiFailedInferences
• -AshowSuppressWarningsStrings, -AwarnUnneededSuppressionsExceptions
• -AshowPrefixInWarningMessages
• -AstubNoWarnIfNotFound, -AstubWarnNote, -AmergeStubsWithSource
• -Aonelinemsg, -AdumpOnErrors, -AexceptionLineSeparator
• -ApermitMissingJdk, -AparseAllJdk
• -AslowTypecheckingSeconds

... (truncated)

• 479d087 new release 4.0.0
• bfff757 Put the manual in the right place.
• c532f6d Put a copy of manual.pdf at top level of website as expected.
• 5e53e6c No closed issues.
• e67ae85 Prep for release.
• 4192d0d Remove file SKIP-REQUIRE-JAVADOC
• 7d6d856 Remove or update references to JDK 8-16
• b1e3761 Remove all deprecated methods
• a1b3064 Directly use Java 17 and below Javac APIs. (#7582)
• 4efdbdb Remove support for Java 8 from scripts and build scripts. (#7575)
• Additional commits viewable in compare view

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Sourced from net.bytebuddy:byte-buddy's changelog.

1. April 2026: version 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

• b71379a [publish] Releasing Byte Buddy 1.18.8
• 31cce02 [release] Release new version.
• a30791f Add nullability annotations.
• b9ed5b9 Avoid that type initializer extension adjusts exception handlers by prependin...
• 7d35c66 Fix test.
• 9b46909 Support reproducible builds.
• 9a1e34e Use GitHub HTTP URL as Maven scm url (#1887)
• 2b8cadd Flip release order to attempt making Maven release a different "latest" version.
• bf02559 Move to jdk5 versions.
• ad0abe4 Update checksums.
• Additional commits viewable in compare view

Sourced from net.bytebuddy:byte-buddy-agent's releases.

Byte Buddy 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Sourced from net.bytebuddy:byte-buddy-agent's changelog.

1. April 2026: version 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

• b71379a [publish] Releasing Byte Buddy 1.18.8
• 31cce02 [release] Release new version.
• a30791f Add nullability annotations.
• b9ed5b9 Avoid that type initializer extension adjusts exception handlers by prependin...
• 7d35c66 Fix test.
• 9b46909 Support reproducible builds.
• 9a1e34e Use GitHub HTTP URL as Maven scm url (#1887)
• 2b8cadd Flip release order to attempt making Maven release a different "latest" version.
• bf02559 Move to jdk5 versions.
• ad0abe4 Update checksums.
• Additional commits viewable in compare view

Sourced from net.bytebuddy:byte-buddy-agent's releases.

Byte Buddy 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Sourced from net.bytebuddy:byte-buddy-agent's changelog.

1. April 2026: version 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

• b71379a [publish] Releasing Byte Buddy 1.18.8
• 31cce02 [release] Release new version.
• a30791f Add nullability annotations.
• b9ed5b9 Avoid that type initializer extension adjusts exception handlers by prependin...
• 7d35c66 Fix test.
• 9b46909 Support reproducible builds.
• 9a1e34e Use GitHub HTTP URL as Maven scm url (#1887)
• 2b8cadd Flip release order to attempt making Maven release a different "latest" version.
• bf02559 Move to jdk5 versions.
• ad0abe4 Update checksums.
• Additional commits viewable in compare view

Sourced from org.apache.maven.plugins:maven-resources-plugin's releases.

3.5.0

• Cleanup deps (#463) @​cstamas

🚀 New features and improvements

• Bug: use change detecton strategies (#462) @​cstamas

👻 Maintenance

• Add IT for #444 issue (#446) @​slawekjaranowski
• Migration to JUnit 5 - avoid using AbstractMojoTestCase (#449) @​slawekjaranowski
• Migration to JUnit 5 - avoid using AbstractMojoTestCase (#447) @​slawekjaranowski

📦 Dependency updates

• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.5.0 to 3.5.1 (#461) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 45 to 47 (#459) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#457) @dependabot[bot]
• Bump mavenVersion from 3.9.11 to 3.9.12 (#452) @dependabot[bot]

• ce485a0 [maven-release-plugin] prepare release maven-resources-plugin-3.5.0
• bfadfff Use maven-filtering 3.5.0 (staged)
• 3f74ba2 Drop commons-io; unused
• caefcde Bug: use change detecton strategies (#462)
• 38534e3 Cleanup deps (#463)
• 0814ec7 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#461)
• e2f9135 Bump org.apache.maven.plugins:maven-plugins from 45 to 47 (#459)
• a050be3 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#457)
• 1825b2a Bump mavenVersion from 3.9.11 to 3.9.12 (#452)
• ad31b55 Add IT for #444 issue
• Additional commits viewable in compare view

Sourced from biz.aQute.bnd:bnd-maven-plugin's releases.

Bnd/Bndtools 7.2.3

This release fixes a mistake of previous 7.2.2. It does not contain any functional changes, but only a deprecation warning in the build if you are using the Sonatype Publishing feature. Other than that it is equal to 7.2.1

See Release Notes.

Full Changelog: bndtools/bnd@7.2.2...7.2.3

Bnd/Bndtools 7.2.2

Please ignore this release. We made a mistake, which we corrected in the next one.

See Release Notes.

Full Changelog: bndtools/bnd@7.2.1...7.2.2

• 635ffcf build: Build Release 7.2.3
• 2843b10 enable baselining again
• a71c9fa warning instead of error
• 1fd30f6 build: Build Release 7.2.3.RC1
• 8e6da4c Reapply "Add sonatype/MavenCentral repository support"
• 7c31a87 build: Build Release 7.2.2
• 9ff5041 build: Build Release 7.2.2.RC1
• 6c077e8 Revert "Add sonatype/MavenCentral repository support"
• See full diff in compare view

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.4.0

Added

• Add tableTest format type for standalone .table files. (#2880)

Changes

• Bump default tabletest-formatter version 1.0.1 -> 1.1.1, now works with Java 17+. (#2880)

Lib v3.3.1

Fixed

• GitPrePushHookInstaller didn't work on windows, now fixed. (#2562)

Lib v3.3.0

Added

• Allow specifying path to Biome JSON config file directly in biome step. Requires biome 2.x. (#2548)
• GitPrePushHookInstaller, a reusable library component for installing a Git pre-push hook that runs formatter checks. (#2553)
• Allow setting Eclipse XML config from a string, not only from files (#2361)

Changed

• Bump default gson version to latest 2.11.0 -> 2.13.1. (#2414)
• Bump default jackson version to latest 2.18.1 -> 2.19.2. (#2558)
• Bump default gherkin-utils version to latest 9.0.0 -> 9.2.0. (#2408)
• Bump default cleanthat version to latest 2.22 -> 2.23. (#2556)

Maven Plugin v3.3.0

Added

• Add tabletest-formatter support for Java and Kotlin. (#2860)

Fixed

• Fix the ability to specify a wildcard version (*) for external formatter executables, which did not work. (#2848)
• [fix] ConcurrentModificationException in expandWildcardImports (#2830)

• 708a1b0 Published maven/3.4.0
• 1cc0163 Published gradle/8.4.0
• a4cd808 Published lib/4.5.0
• 9066bf6 Add links to the changelog.
• db8dc1c Fix for illegal mutation issue with predeclareDeps (#2892)
• 0eb98a9 chore: Updated gradle plugin change
• 3f7f12e chore: Removes check for predeclare as it's not needed anymore
• 55c0c5c fix: IsolatedProjectTest.predeclaredIsUnsupported() is now actually supported...
• 47489af fix: avoid IllegalMutationException when root project uses predeclareDeps() w...
• 4010e8b test: Introduce a test harnessing predeclared deps
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions