From d31788b8209bffeaa220c4012e93c44af045b92b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 2 Feb 2026 13:45:33 +0000
Subject: [PATCH] build(deps): bump the low-risk group across 1 directory with
 25 updates

Bumps the low-risk group with 25 updates in the /api-tests directory:

| Package | From | To |
| --- | --- | --- |
| [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.13.2` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.27` |
| [io.cucumber:cucumber-java](https://github.com/cucumber/cucumber-jvm) | `7.33.0` | `7.34.2` |
| [io.cucumber:cucumber-junit-platform-engine](https://github.com/cucumber/cucumber-jvm) | `7.33.0` | `7.34.2` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.4` | `3.27.7` |
| [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.17.6` | `1.18.4` |
| [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.19.2` | `2.21.0` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.19.2` | `2.21.0` |
| com.fasterxml.jackson.core:jackson-annotations | `2.19.2` | `2.21.0` |
| [io.netty:netty-codec-http](https://github.com/netty/netty) | `4.2.8.Final` | `4.2.9.Final` |
| [io.netty:netty-codec-http2](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.9.Final` |
| [io.netty:netty-transport-native-epoll](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.9.Final` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` |
| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.38` | `1.18.42` |
| [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.5` | `5.6` |
| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.19.0` | `1.21.0` |
| [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) | `4.9.4` | `4.9.8` |
| [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.9` | `12.2.0` |
| [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.5.1` | `3.6.3` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` |
| [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` |
| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.0` | `3.15.0` |
| [au.com.dius.pact.provider:maven](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` |
| [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) | `3.27.0` | `3.28.0` |
| [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.3.2` | `4.9.8.2` |



Updates `com.google.code.gson:gson` from 2.13.1 to 2.13.2
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.13.1...gson-parent-2.13.2)

Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.27
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.18...v_1.5.27)

Updates `io.cucumber:cucumber-java` from 7.33.0 to 7.34.2
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cucumber/cucumber-jvm/compare/v7.33.0...v7.34.2)

Updates `io.cucumber:cucumber-junit-platform-engine` from 7.33.0 to 7.34.2
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cucumber/cucumber-jvm/compare/v7.33.0...v7.34.2)

Updates `io.cucumber:cucumber-junit-platform-engine` from 7.33.0 to 7.34.2
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cucumber/cucumber-jvm/compare/v7.33.0...v7.34.2)

Updates `org.assertj:assertj-core` from 3.27.4 to 3.27.7
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.4...assertj-build-3.27.7)

Updates `net.bytebuddy:byte-buddy` from 1.17.6 to 1.18.4
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.17.6...byte-buddy-1.18.4)

Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.21.0
- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.19.2...jackson-core-2.21.0)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.21.0
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.21.0

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.21.0
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.21.0

Updates `io.netty:netty-codec-http` from 4.2.8.Final to 4.2.9.Final
- [Commits](https://github.com/netty/netty/compare/netty-4.2.8.Final...netty-4.2.9.Final)

Updates `io.netty:netty-codec-http2` from 4.2.3.Final to 4.2.9.Final
- [Commits](https://github.com/netty/netty/compare/netty-4.2.3.Final...netty-4.2.9.Final)

Updates `io.netty:netty-transport-native-epoll` from 4.2.3.Final to 4.2.9.Final
- [Commits](https://github.com/netty/netty/compare/netty-4.2.3.Final...netty-4.2.9.Final)

Updates `com.google.guava:guava` from 33.4.8-jre to 33.5.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.projectlombok:lombok` from 1.18.38 to 1.18.42
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](https://github.com/projectlombok/lombok/compare/v1.18.38...v1.18.42)

Updates `org.apache.httpcomponents.client5:httpclient5` from 5.5 to 5.6
- [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt)
- [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.5...rel/v5.6)

Updates `commons-codec:commons-codec` from 1.19.0 to 1.21.0
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.19.0...rel/commons-codec-1.21.0)

Updates `com.github.spotbugs:spotbugs` from 4.9.4 to 4.9.8
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spotbugs/spotbugs/compare/4.9.4...4.9.8)

Updates `org.owasp:dependency-check-maven` from 12.1.9 to 12.2.0
- [Release notes](https://github.com/dependency-check/DependencyCheck/releases)
- [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md)
- [Commits](https://github.com/dependency-check/DependencyCheck/compare/v12.1.9...v12.2.0)

Updates `org.codehaus.mojo:exec-maven-plugin` from 3.5.1 to 3.6.3
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.5.1...3.6.3)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.3...surefire-3.5.4)

Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.3 to 3.5.4
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.3...surefire-3.5.4)

Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.15.0
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.15.0)

Updates `au.com.dius.pact.provider:maven` from 4.6.17 to 4.6.19
- [Release notes](https://github.com/pact-foundation/pact-jvm/releases)
- [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pact-foundation/pact-jvm/commits)

Updates `org.apache.maven.plugins:maven-pmd-plugin` from 3.27.0 to 3.28.0
- [Release notes](https://github.com/apache/maven-pmd-plugin/releases)
- [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.27.0...maven-pmd-plugin-3.28.0)

Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.3.2 to 4.9.8.2
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.9.3.2...spotbugs-maven-plugin-4.9.8.2)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: io.cucumber:cucumber-java
  dependency-version: 7.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: io.cucumber:cucumber-junit-platform-engine
  dependency-version: 7.34.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: io.cucumber:cucumber-junit-platform-engine
  dependency-version: 7.34.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: io.netty:netty-codec-http
  dependency-version: 4.2.9.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: io.netty:netty-codec-http2
  dependency-version: 4.2.9.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: io.netty:netty-transport-native-epoll
  dependency-version: 4.2.9.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: com.google.guava:guava
  dependency-version: 33.5.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.projectlombok:lombok
  dependency-version: 1.18.42
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: '5.6'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.github.spotbugs:spotbugs
  dependency-version: 4.9.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.owasp:dependency-check-maven
  dependency-version: 12.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-version: 3.6.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
  dependency-version: 3.5.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: au.com.dius.pact.provider:maven
  dependency-version: 4.6.19
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-pmd-plugin
  dependency-version: 3.28.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.9.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 api-tests/pom.xml | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/api-tests/pom.xml b/api-tests/pom.xml
index 4fb422a9..a805d215 100644
--- a/api-tests/pom.xml
+++ b/api-tests/pom.xml
@@ -13,12 +13,12 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <serenity.version>4.3.4</serenity.version>
     <serenity.maven.version>4.3.4</serenity.maven.version>
-    <cucumber.version>7.33.0</cucumber.version>
-    <logback.version>1.5.18</logback.version>
+    <cucumber.version>7.34.2</cucumber.version>
+    <logback.version>1.5.27</logback.version>
     <encoding>UTF-8</encoding>
     <parallel.tests>4</parallel.tests>
     <webdriver.base.url/>
-    <jackson.version>2.19.2</jackson.version>
+    <jackson.version>2.21.0</jackson.version>
     <java.version>17</java.version>
     <cucumber.filter.tags>(@Functional or @Smoke or @Performance) and not @Ignore</cucumber.filter.tags>
 
@@ -29,41 +29,41 @@
     <pact.jvm.consumer.junit.version>4.0.10</pact.jvm.consumer.junit.version>
     <pact.jvm.consumer.version>4.0.10</pact.jvm.consumer.version>
     <pact.jvm.provider.junit.version>4.0.10</pact.jvm.provider.junit.version>
-    <spotbugs.version>4.9.4</spotbugs.version>
+    <spotbugs.version>4.9.8</spotbugs.version>
     <puppycrawl-tools-checkstyle.version>11.0.0</puppycrawl-tools-checkstyle.version>
     <junit-jupiter.version>5.13.4</junit-jupiter.version>
-    <assertj.core.version>3.27.4</assertj.core.version>
+    <assertj.core.version>3.27.7</assertj.core.version>
     <hamcrest.version>3.0</hamcrest.version>
-    <byte.buddy.version>1.17.6</byte.buddy.version>
+    <byte.buddy.version>1.18.4</byte.buddy.version>
     <springfox.swagger2.version>3.0.0</springfox.swagger2.version>
     <springfox.swagger-ui.version>3.0.0</springfox.swagger-ui.version>
-    <guava.version>33.4.8-jre</guava.version>
+    <guava.version>33.5.0-jre</guava.version>
     <json.version>20250517</json.version>
-    <netty.codec.http.version>4.2.8.Final</netty.codec.http.version>
-    <netty.codec.http2.version>4.2.3.Final</netty.codec.http2.version>
-    <netty.transport.native.epoll.version>4.2.3.Final</netty.transport.native.epoll.version>
-    <httpclient5.version>5.5</httpclient5.version>
+    <netty.codec.http.version>4.2.9.Final</netty.codec.http.version>
+    <netty.codec.http2.version>4.2.9.Final</netty.codec.http2.version>
+    <netty.transport.native.epoll.version>4.2.9.Final</netty.transport.native.epoll.version>
+    <httpclient5.version>5.6</httpclient5.version>
     <xerces.version>2.12.2</xerces.version>
-    <commons.codec.version>1.19.0</commons.codec.version>
+    <commons.codec.version>1.21.0</commons.codec.version>
     <spring.web.version>6.2.9</spring.web.version>
     <freemarker.version>2.3.34</freemarker.version>
-    <gson.version>2.13.1</gson.version>
+    <gson.version>2.13.2</gson.version>
     <rest-assured.version>5.5.5</rest-assured.version>
     <net.thucydides.core.version>0.9.275</net.thucydides.core.version>
-    <org.projectlombok.version>1.18.38</org.projectlombok.version>
+    <org.projectlombok.version>1.18.42</org.projectlombok.version>
 
     <!-- Maven plugins -->
-    <spotbugs-maven-plugin.version>4.9.3.2</spotbugs-maven-plugin.version>
-    <owasp-dependency-check-plugin.version>12.1.9</owasp-dependency-check-plugin.version>
+    <spotbugs-maven-plugin.version>4.9.8.2</spotbugs-maven-plugin.version>
+    <owasp-dependency-check-plugin.version>12.2.0</owasp-dependency-check-plugin.version>
     <fmt-maven-plugin.version>2.13</fmt-maven-plugin.version>
     <maven-checkstyle-plugin.version>3.6.0</maven-checkstyle-plugin.version>
-    <maven-surefire-plugin.version>3.5.3</maven-surefire-plugin.version>
-    <maven-failsafe-plugin.version>3.5.3</maven-failsafe-plugin.version>
-    <maven-compiler-plugin.version>3.14.0</maven-compiler-plugin.version>
-    <pact.provider-plugin.version>4.6.17</pact.provider-plugin.version>
-    <maven-pmd-plugin.version>3.27.0</maven-pmd-plugin.version>
+    <maven-surefire-plugin.version>3.5.4</maven-surefire-plugin.version>
+    <maven-failsafe-plugin.version>3.5.4</maven-failsafe-plugin.version>
+    <maven-compiler-plugin.version>3.15.0</maven-compiler-plugin.version>
+    <pact.provider-plugin.version>4.6.19</pact.provider-plugin.version>
+    <maven-pmd-plugin.version>3.28.0</maven-pmd-plugin.version>
     <findbugs-maven-plugin.version>3.0.5</findbugs-maven-plugin.version>
-    <exec-maven-plugin.version>3.5.1</exec-maven-plugin.version>
+    <exec-maven-plugin.version>3.6.3</exec-maven-plugin.version>
   </properties>
 
   <dependencyManagement>