Updates 2026-01-13 by RichardSlater · Pull Request #1541 · Ensono/stacks-java

RichardSlater · 2026-01-13T11:32:14Z

📲 What:

A set of low-risk Maven dependency updates applied to the api-tests module. Changes are limited to test and build-time dependencies (no production/runtime dependency changes).

🤔 Why:

Keep development/test dependencies up-to-date to reduce transitive vulnerability exposure, improve compatibility with CI tooling, and remove noisy build warnings. Dependabot opened the updates on branch dependabot/maven/api-tests/low-risk-3dc2c2d1d4.

🛠 How:

Updated versions in the pom.xml (and any related test/build configuration) to the Dependabot-suggested versions.
No code changes to production modules; only test and tooling dependencies changed.
Merge procedure: resolve any merge conflicts on this branch, re-run CI, and merge via PR when checks pass and required approvals are present.

👀 Evidence:

Files changed: dependency version bumps in the api-tests module (see the Files Changed tab in this PR).
CI: expect unit/test and contract checks to run. Please verify results in the pipeline run attached to this PR.

🕵️ How to test:

Run module tests locally:
- cd api-tests && ./mvnw test
- Or from repo root: ./mvnw -pl api-tests test
Verify CI pipeline passes (unit tests, contract tests, static checks, dependency scans).
If conflicts were resolved manually, re-run the tests above and confirm no failures introduced by updated test dependencies.

✅ Acceptance criteria Checklist

Code peer reviewed?
Documentation has been updated to reflect the changes?
Passing all automated tests, including a successful deployment?
Passing any exploratory testing?
Rebased/merged with latest changes from development and re-tested?
Meeting the Coding Standards?

Bumps the low-risk group with 8 updates in the /java directory: | Package | From | To | | --- | --- | --- | | [com.ensono.stacks.modules:stacks-modules-parent](https://github.com/Ensono/stacks-java-module-parent) | `3.0.111` | `3.0.115` | | [org.springframework.cloud:spring-cloud-dependencies](https://github.com/spring-cloud/spring-cloud-release) | `2025.0.0` | `2025.1.0` | | [au.com.dius.pact:consumer](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` | | [com.amazonaws:aws-java-sdk-s3](https://github.com/aws/aws-sdk-java) | `1.12.788` | `1.12.797` | | [org.pitest:pitest-junit5-plugin](https://github.com/pitest/pitest-junit5-plugin) | `1.2.1` | `1.2.3` | | [au.com.dius.pact.provider:maven](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` | | [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.9` | `12.2.0` | | [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.5.1` | `3.6.3` | Updates `com.ensono.stacks.modules:stacks-modules-parent` from 3.0.111 to 3.0.115 - [Release notes](https://github.com/Ensono/stacks-java-module-parent/releases) - [Commits](Ensono/stacks-java-module-parent@v3.0.111...v3.0.115) Updates `org.springframework.cloud:spring-cloud-dependencies` from 2025.0.0 to 2025.1.0 - [Release notes](https://github.com/spring-cloud/spring-cloud-release/releases) - [Commits](spring-cloud/spring-cloud-release@v2025.0.0...v2025.1.0) Updates `au.com.dius.pact:consumer` from 4.6.17 to 4.6.19 - [Release notes](https://github.com/pact-foundation/pact-jvm/releases) - [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md) - [Commits](https://github.com/pact-foundation/pact-jvm/commits) Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.788 to 1.12.797 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-java@1.12.788...1.12.797) Updates `org.pitest:pitest-junit5-plugin` from 1.2.1 to 1.2.3 - [Release notes](https://github.com/pitest/pitest-junit5-plugin/releases) - [Commits](pitest/pitest-junit5-plugin@1.2.1...1.2.3) Updates `org.springframework.boot:spring-boot-maven-plugin` from 3.5.8 to 3.5.9 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.8...v3.5.9) Updates `au.com.dius.pact.provider:maven` from 4.6.17 to 4.6.19 - [Release notes](https://github.com/pact-foundation/pact-jvm/releases) - [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md) - [Commits](https://github.com/pact-foundation/pact-jvm/commits) Updates `org.owasp:dependency-check-maven` from 12.1.9 to 12.2.0 - [Release notes](https://github.com/dependency-check/DependencyCheck/releases) - [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](dependency-check/DependencyCheck@v12.1.9...v12.2.0) Updates `org.codehaus.mojo:exec-maven-plugin` from 3.5.1 to 3.6.3 - [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases) - [Commits](mojohaus/exec-maven-plugin@3.5.1...3.6.3) --- updated-dependencies: - dependency-name: com.ensono.stacks.modules:stacks-modules-parent dependency-version: 3.0.115 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.springframework.cloud:spring-cloud-dependencies dependency-version: 2025.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: au.com.dius.pact:consumer dependency-version: 4.6.19 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: com.amazonaws:aws-java-sdk-s3 dependency-version: 1.12.797 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.pitest:pitest-junit5-plugin dependency-version: 1.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.springframework.boot:spring-boot-maven-plugin dependency-version: 3.5.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: au.com.dius.pact.provider:maven dependency-version: 4.6.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.owasp:dependency-check-maven dependency-version: 12.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.codehaus.mojo:exec-maven-plugin dependency-version: 3.6.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the low-risk group with 23 updates in the /api-tests directory: | Package | From | To | | --- | --- | --- | | [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.13.2` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.24` | | [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.4` | `3.27.6` | | [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.17.6` | `1.18.3` | | com.fasterxml.jackson.core:jackson-core | `2.19.2` | `2.20` | | com.fasterxml.jackson.core:jackson-databind | `2.19.2` | `2.20` | | [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.19.2` | `2.20` | | [io.netty:netty-codec-http](https://github.com/netty/netty) | `4.2.8.Final` | `4.2.9.Final` | | [io.netty:netty-codec-http2](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.9.Final` | | [io.netty:netty-transport-native-epoll](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.9.Final` | | [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` | | [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.38` | `1.18.42` | | [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.5` | `5.6` | | [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.19.0` | `1.20.0` | | [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) | `4.9.4` | `4.9.8` | | [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.9` | `12.2.0` | | [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.5.1` | `3.6.3` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.0` | `3.14.1` | | [au.com.dius.pact.provider:maven](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` | | [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) | `3.27.0` | `3.28.0` | | [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.3.2` | `4.9.8.2` | Updates `com.google.code.gson:gson` from 2.13.1 to 2.13.2 - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](google/gson@gson-parent-2.13.1...gson-parent-2.13.2) Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.24 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.24) Updates `org.assertj:assertj-core` from 3.27.4 to 3.27.6 - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.4...assertj-build-3.27.6) Updates `net.bytebuddy:byte-buddy` from 1.17.6 to 1.18.3 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.17.6...byte-buddy-1.18.3) Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20 Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.20 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `io.netty:netty-codec-http` from 4.2.8.Final to 4.2.9.Final - [Commits](netty/netty@netty-4.2.8.Final...netty-4.2.9.Final) Updates `io.netty:netty-codec-http2` from 4.2.3.Final to 4.2.9.Final - [Commits](netty/netty@netty-4.2.3.Final...netty-4.2.9.Final) Updates `io.netty:netty-transport-native-epoll` from 4.2.3.Final to 4.2.9.Final - [Commits](netty/netty@netty-4.2.3.Final...netty-4.2.9.Final) Updates `com.google.guava:guava` from 33.4.8-jre to 33.5.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `org.projectlombok:lombok` from 1.18.38 to 1.18.42 - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](projectlombok/lombok@v1.18.38...v1.18.42) Updates `org.apache.httpcomponents.client5:httpclient5` from 5.5 to 5.6 - [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt) - [Commits](apache/httpcomponents-client@rel/v5.5...rel/v5.6) Updates `commons-codec:commons-codec` from 1.19.0 to 1.20.0 - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-codec@rel/commons-codec-1.19.0...rel/commons-codec-1.20.0) Updates `com.github.spotbugs:spotbugs` from 4.9.4 to 4.9.8 - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.9.4...4.9.8) Updates `org.owasp:dependency-check-maven` from 12.1.9 to 12.2.0 - [Release notes](https://github.com/dependency-check/DependencyCheck/releases) - [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](dependency-check/DependencyCheck@v12.1.9...v12.2.0) Updates `org.codehaus.mojo:exec-maven-plugin` from 3.5.1 to 3.6.3 - [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases) - [Commits](mojohaus/exec-maven-plugin@3.5.1...3.6.3) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.14.1 - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.14.1) Updates `au.com.dius.pact.provider:maven` from 4.6.17 to 4.6.19 - [Release notes](https://github.com/pact-foundation/pact-jvm/releases) - [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md) - [Commits](https://github.com/pact-foundation/pact-jvm/commits) Updates `org.apache.maven.plugins:maven-pmd-plugin` from 3.27.0 to 3.28.0 - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](apache/maven-pmd-plugin@maven-pmd-plugin-3.27.0...maven-pmd-plugin-3.28.0) Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.3.2 to 4.9.8.2 - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.3.2...spotbugs-maven-plugin-4.9.8.2) --- updated-dependencies: - dependency-name: com.google.code.gson:gson dependency-version: 2.13.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.24 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.assertj:assertj-core dependency-version: 3.27.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: net.bytebuddy:byte-buddy dependency-version: 1.18.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: '2.20' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: '2.20' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-version: '2.20' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: io.netty:netty-codec-http dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-codec-http2 dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-transport-native-epoll dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: com.google.guava:guava dependency-version: 33.5.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.projectlombok:lombok dependency-version: 1.18.42 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.httpcomponents.client5:httpclient5 dependency-version: '5.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: commons-codec:commons-codec dependency-version: 1.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.github.spotbugs:spotbugs dependency-version: 4.9.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.owasp:dependency-check-maven dependency-version: 12.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.codehaus.mojo:exec-maven-plugin dependency-version: 3.6.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-failsafe-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: au.com.dius.pact.provider:maven dependency-version: 4.6.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-version: 3.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-version: 4.9.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk ... Signed-off-by: dependabot[bot] <support@github.com>

…ae495ec89' into chore/updates-2026-01-13

Copilot

Pull request overview

This PR updates dependency versions across the Java application and API test projects to their latest compatible releases, including security scanning tools, testing frameworks, and core libraries.

Changes:

Updated parent POM version from 3.0.111 to 3.0.115
Upgraded testing and security dependencies (OWASP, Pact, JUnit plugins)
Updated cloud dependencies (Spring Cloud, AWS SDK) and utility libraries (Jackson, Guava, Netty)

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
java/pom.xml	Updates parent POM, Pact consumer/provider, AWS SDK, Spring Cloud, OWASP security plugin, and PITest versions
api-tests/pom.xml	Updates logging, serialization, testing, security scanning, and Maven plugin versions for API test suite

RichardSlater · 2026-01-13T11:35:11Z

/azp run

azure-pipelines · 2026-01-13T11:35:24Z

Azure Pipelines successfully started running 1 pipeline(s).

RichardSlater · 2026-01-13T11:41:43Z

/azp run

azure-pipelines · 2026-01-13T11:41:56Z

Azure Pipelines successfully started running 1 pipeline(s).

…m.xml; restore tests

RichardSlater · 2026-01-13T12:18:14Z

/azp run

azure-pipelines · 2026-01-13T12:18:29Z

Azure Pipelines successfully started running 1 pipeline(s).

Copilot

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

Comments suppressed due to low confidence (1)

java/src/main/java/com/amido/stacks/workloads/menu/domain/Category.java:9

Removing @Builder while keeping @AllArgsConstructor creates a breaking change. The @AllArgsConstructor annotation requires all fields to be passed to the constructor, but the items field is now initialized inline (= new ArrayList<>()). This means callers must still pass a List argument, but the field will be immediately replaced with a new ArrayList<>(), making the passed value useless. Either restore @Builder or remove @AllArgsConstructor and add @NoArgsConstructor to maintain backward compatibility.

@Data
@AllArgsConstructor

Copilot · 2026-01-13T12:18:43Z

java/src/main/java/com/amido/stacks/workloads/menu/mappers/SearchMenuResultItemMapper.java

    uses = {MapperUtils.class, CategoryMapper.class},
-    nullValueCheckStrategy = NullValueCheckStrategy.ALWAYS)
+    nullValueCheckStrategy = NullValueCheckStrategy.ALWAYS,
+    unmappedTargetPolicy = ReportingPolicy.IGNORE)


Using ReportingPolicy.IGNORE silently suppresses mapping warnings, which can hide legitimate mapping issues when the domain model evolves. Consider using ReportingPolicy.WARN instead to maintain visibility of unmapped fields during development, or document which specific unmapped fields are intentionally being ignored and why.

Suggested change

unmappedTargetPolicy = ReportingPolicy.IGNORE)

unmappedTargetPolicy = ReportingPolicy.WARN)

Copilot · 2026-01-13T12:18:44Z

api-tests/pom.xml

      <groupId>com.fasterxml.jackson.core</groupId>
      <artifactId>jackson-annotations</artifactId>
-      <version>${jackson.version}</version>
+      <!-- Version managed by Jackson BOM (correctly uses 2.20, not 2.20.1) -->


The comment states the BOM 'correctly uses 2.20, not 2.20.1' for jackson-annotations, but Jackson BOM 2.20.1 (defined in the property) should provide 2.20.1 for all Jackson modules. If version 2.20 is actually desired for jackson-annotations specifically, this discrepancy should be explained. If 2.20.1 is correct, update the comment to reflect the actual version being used.

Suggested change

RichardSlater · 2026-01-13T12:50:57Z

/azp run

azure-pipelines · 2026-01-13T12:51:11Z

Azure Pipelines successfully started running 1 pipeline(s).

sonarqubecloud · 2026-01-13T12:58:35Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot bot and others added 3 commits January 12, 2026 15:23

Merge remote-tracking branch 'origin/dependabot/maven/java/low-risk-f…

768476d

…ae495ec89' into chore/updates-2026-01-13

Copilot AI review requested due to automatic review settings January 13, 2026 11:32

Copilot AI reviewed Jan 13, 2026

View reviewed changes

RichardSlater self-assigned this Jan 13, 2026

RichardSlater added the dependencies Pull requests that update a dependency file label Jan 13, 2026

RichardSlater changed the title ~~Chore/updates 2026 01 13~~ Updates 2026-01-13 Jan 13, 2026

fix: correct jackson version mismatch (2.20.0 != 2.20)

8326038

chore: downgrade Spring Cloud to 2025.0.0; document reason in java/po…

50322e9

…m.xml; restore tests

Copilot AI review requested due to automatic review settings January 13, 2026 12:17

Copilot AI reviewed Jan 13, 2026

View reviewed changes

fix: add BASE_URL echo

1832179

	unmappedTargetPolicy = ReportingPolicy.IGNORE)
	unmappedTargetPolicy = ReportingPolicy.WARN)

	<!-- Version managed by Jackson BOM (correctly uses 2.20, not 2.20.1) -->
	<!-- Version managed by Jackson BOM -->

Conversation

RichardSlater commented Jan 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

RichardSlater commented Jan 13, 2026

Uh oh!

azure-pipelines bot commented Jan 13, 2026

Uh oh!

RichardSlater commented Jan 13, 2026

Uh oh!

azure-pipelines bot commented Jan 13, 2026

Uh oh!

RichardSlater commented Jan 13, 2026

Uh oh!

azure-pipelines bot commented Jan 13, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Copilot AI Jan 13, 2026

Choose a reason for hiding this comment

Uh oh!

Copilot AI Jan 13, 2026

Choose a reason for hiding this comment

Uh oh!

RichardSlater commented Jan 13, 2026

Uh oh!

azure-pipelines bot commented Jan 13, 2026

Uh oh!

sonarqubecloud bot commented Jan 13, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

RichardSlater commented Jan 13, 2026 •

edited

Loading