Bump the maven group across 1 directory with 10 updates

[dependabot]

Bumps the maven group with 10 updates in the / directory:

Package	From	To
com.google.errorprone:error_prone_core	2.45.0	2.46.0
org.sonatype.central:central-publishing-maven-plugin	0.9.0	0.10.0
org.apache.maven.plugins:maven-release-plugin	3.3.0	3.3.1
com.github.siom79.japicmp:japicmp-maven-plugin	0.24.2	0.25.4
com.google.errorprone:error_prone_annotations	2.45.0	2.46.0
org.junit:junit-bom	6.0.1	6.0.2
com.android.tools:r8	8.13.17	8.13.19
org.codehaus.mojo:exec-maven-plugin	3.6.2	3.6.3
com.google.protobuf:protobuf-java	4.33.1	4.33.4
io.github.ascopes:protobuf-maven-plugin	4.0.3	4.1.2

Updates com.google.errorprone:error_prone_core from 2.45.0 to 2.46.0

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.46.0

Changes:

• The javac flag -XDaddTypeAnnotationsToSymbol=true is now required for Error Prone invocations on JDK 21, to enable the javac fix for JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries. See google/error-prone#5426 for details.
• Remove deprecated value attribute from @IncompatibleModifiers and @RequiredModifiers (google/error-prone#2122)
• Error Prone API changes to encapsulate references to internal javac APIs for end position handling (EndPosTable, DiagnosticPosition) (google/error-prone@5440bb4, google/error-prone@06c2905, google/error-prone@f3915ec)

New checks:

• DuplicateAssertion: detect duplicated assertion lines where the argument to assertThat is pure
• IfChainToSwitch: suggest converting chains of if-statements into arrow switches
• ScannerUseDelimiter: discourage Scanner.useDelimiter("\\A")
• AddNullMarkedToClass: refactoring to add @NullMarked annotation to top level classes

Commits

• 471d512 Release Error Prone 2.46.0
• 2601319 Unignore a passing test.
• ad2ec70 simplify the wording of the MissingDefault summary
• 6c96e8e Implement a NullArgumentForNonNullParameter TODO related to JDK-8225377
• 5b768ff Require -XDaddTypeAnnotationsToSymbol=true, and remove workaround for JDK-8...
• 0e004e5 Fix a crash in DuplicateAssertion
• 8cfa4e5 Add a regression test for b/472686687
• 18a63d2 Avoid getDeclarationAndTypeAttributes in ClassAndMethod
• 14b6481 Make CacheLoaderNull check for more kinds of null returns.
• d3a8c00 Handle sealed and non-sealed in SuggestedFixes.
• Additional commits viewable in compare view

Updates org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0

Commits

• See full diff in compare view

Updates org.apache.maven.plugins:maven-release-plugin from 3.3.0 to 3.3.1

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.3.1

💥 Breaking changes

• Revert inclusion of ci skip in release commit msg (#1445) @​rvesse

🐛 Bug Fixes

• Revert inclusion of ci skip in release commit msg (#1445) @​rvesse

📦 Dependency updates

• Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1444) @dependabot[bot]

Commits

• 7e8ebac [maven-release-plugin] prepare release maven-release-3.3.1
• f0f28e5 Revert inclusion of ci skip in release commit msg
• 2a82901 Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1444)
• c8613d2 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.github.siom79.japicmp:japicmp-maven-plugin from 0.24.2 to 0.25.4

Commits

• 5f39c6f [maven-release-plugin] prepare release japicmp-base-0.25.4
• e46397f upgraded version in *.md files to 0.25.4
• 37b88f2 Add release notes for version 0.25.4
• b849c4e Merge pull request #491 from bradleylarrick/annotation-exclusion-error
• 49627e6 Modified getCompileArtifacts() to use reactor to resolve project artifact.
• c8e56a6 Merge pull request #490 from siom79/release-v0.25.3
• e841014 Merge remote-tracking branch 'origin/release-v0.25.3' into release-v0.25.3
• bddc410 update README.md
• 8bc64d1 [maven-release-plugin] prepare for next development iteration
• 390b1fa [maven-release-plugin] prepare release japicmp-base-0.25.3
• Additional commits viewable in compare view

Updates com.google.errorprone:error_prone_annotations from 2.45.0 to 2.46.0

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.46.0

Changes:

• The javac flag -XDaddTypeAnnotationsToSymbol=true is now required for Error Prone invocations on JDK 21, to enable the javac fix for JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries. See google/error-prone#5426 for details.
• Remove deprecated value attribute from @IncompatibleModifiers and @RequiredModifiers (google/error-prone#2122)
• Error Prone API changes to encapsulate references to internal javac APIs for end position handling (EndPosTable, DiagnosticPosition) (google/error-prone@5440bb4, google/error-prone@06c2905, google/error-prone@f3915ec)

New checks:

• DuplicateAssertion: detect duplicated assertion lines where the argument to assertThat is pure
• IfChainToSwitch: suggest converting chains of if-statements into arrow switches
• ScannerUseDelimiter: discourage Scanner.useDelimiter("\\A")
• AddNullMarkedToClass: refactoring to add @NullMarked annotation to top level classes

Commits

• 471d512 Release Error Prone 2.46.0
• 2601319 Unignore a passing test.
• ad2ec70 simplify the wording of the MissingDefault summary
• 6c96e8e Implement a NullArgumentForNonNullParameter TODO related to JDK-8225377
• 5b768ff Require -XDaddTypeAnnotationsToSymbol=true, and remove workaround for JDK-8...
• 0e004e5 Fix a crash in DuplicateAssertion
• 8cfa4e5 Add a regression test for b/472686687
• 18a63d2 Avoid getDeclarationAndTypeAttributes in ClassAndMethod
• 14b6481 Make CacheLoaderNull check for more kinds of null returns.
• d3a8c00 Handle sealed and non-sealed in SuggestedFixes.
• Additional commits viewable in compare view

Updates org.junit:junit-bom from 6.0.1 to 6.0.2

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.0.2 = Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.1...r6.0.2

Commits

• c5c5de5 Release 6.0.2
• 98b6f78 Add missing checkout step
• 732dc27 Finalize 6.0.2 release notes
• 6a25736 Finalize 5.14.2 release notes
• 33e66bf Move release notes for #5238 entry to 6.1.0-M2
• 11f0f82 Update copyright headers
• 6ce1265 Consistently add license header to all java source files
• 4d454ee Update dependency @​antora/lunr-extension to v1.0.0-alpha.12
• faf4a58 Use --since feature of Javadoc
• 5cc8b05 Mark new recommended APIs as "maintained" rather than "experimental"
• Additional commits viewable in compare view

Updates com.android.tools:r8 from 8.13.17 to 8.13.19

Updates org.codehaus.mojo:exec-maven-plugin from 3.6.2 to 3.6.3

Release notes

Sourced from org.codehaus.mojo:exec-maven-plugin's releases.

3.6.3

📝 Documentation updates

• Document thread group isolation limitation in java goal (#503) @copilot-swe-agent[bot]

👻 Maintenance

• JUnit 5 best practices (#505) @​slachiewicz
• Move ExecJavaMojoTest, ExecMojoTest to JUnit 5 (#502) @​slawekjaranowski
• Add support for JEP 512 for for package-private static main method (#499) @​anuragagarwal561994
• Move to JUnit 5 (#501) @​slawekjaranowski

📦 Dependency updates

• Bump asm.version from 9.9 to 9.9.1 (#509) @dependabot[bot]
• Bump org.apache.commons:commons-exec from 1.5.0 to 1.6.0 (#508) @dependabot[bot]

Commits

• fe1fa8c [maven-release-plugin] prepare release 3.6.3
• 5b3feca Bump asm.version from 9.9 to 9.9.1
• efc7faa Bump org.apache.commons:commons-exec from 1.5.0 to 1.6.0
• cdaf267 JUnit 5 best practices (#505)
• f3f5997 Move ExecJavaMojoTest, ExecMojoTest to JUnit 5
• 03b87b5 Document thread group isolation limitation in java goal (#503)
• 7a66c3e Add support for JEP 512 for for package-private static main methods with and ...
• a6d01ef Move to JUnit 5
• 88d5961 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.google.protobuf:protobuf-java from 4.33.1 to 4.33.4

Commits

• See full diff in compare view

Updates io.github.ascopes:protobuf-maven-plugin from 4.0.3 to 4.1.2

Release notes

Sourced from io.github.ascopes:protobuf-maven-plugin's releases.

v4.1.2

• Configure JVM-based protoc plugins to use ParallelGC by default unless overridden, since this is optimal for short-lived processes.
• Fixes to internal CDI scoping.
• Add missing metadata to internal CDI components.
• Optimisations for path-based executable discovery on both Windows and POSIX-compliant systems.
• Adjusted license headers for 2026 and beyond.
• Dependency updates for internals including com.google.protobuf:protobuf-bom and org.json:json.
• Build on Maven 3.9.12 and Maven 4.0.0-rc-5.

v4.1.1

• Reworked plugin resolution to be able to run in parallel.
• Consistent generation of plugin ID naming is now enforced across all protoc plugin kinds.
• JVM plugin executable generation is now abstracted, internal paths have changed slightly so users may want to run mvn clean on projects when updating to ensure any old files are cleaned up.
• plugins specification order is now retained internally. This does not influence execution order (which is what the order param is to be used for by consumers), but does influence the naming of internally generated files. This leads to stronger buildvconsistency guarantees when updating this Maven plugin in the future.
• Removed some incorrectly documented attributes from documentation that did not exist for certain protoc plugin variants.

v4.1.0

This release implements a new way of specifying protoc plugins. Whilst the old mechanism still works, it is now deprecated for removal in v5.0.

Plugins are now specified as a discriminated list with a kind attribute.

For example:

<plugin>
  <groupId>io.github.ascopes</groupId>
  <artifactId>protobuf-maven-plugin</artifactId>
  <version>4.1.0</version>
<configuration>
<plugins>
<plugin kind="binary-maven">
...
</plugin>
</plugins>
</configuration>
</plugin>

See https://ascopes.github.io/protobuf-maven-plugin/using-protoc-plugins.html for full details of usage, with examples.

This paves the way for cleaning up some ugly parts of the API in v5.0, as well as supporting consistency with GH-877 which aims to allow eventually using WASM distributions of protoc as an optional alternative to platform-specific binaries.

Commits

• b96e886 [maven-release-plugin] prepare release v4.1.2
• 048e1f5 Merge pull request #910 from ascopes/dependabot/maven/protobuf-maven-plugin/s...
• 6ab42b9 Merge pull request #909 from ascopes/dependabot/maven/main/org.json-json-2025...
• 12e99cb Bump io.grpc:grpc-bom in /protobuf-maven-plugin/src/it/setup
• df79ab7 Bump org.json:json from 20250517 to 20251224
• 0749801 Fix logger in AbstractGenerateMojo
• 42d5555 Inline constants in AbstractGenerateMojo
• 364f374 Update Maven to 3.9.12 and 4.0.0-rc-5
• ffea51d Merge pull request #907 from ascopes/task/tune-protoc-plugin-gc
• 9054445 Further tune protoc plugins in nested JVMs to use parallel GC
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions