BAU: Bump the gradle-most-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the gradle-most-dependencies group with 8 updates in the / directory:

Package	From	To
io.cucumber:cucumber-bom	7.32.0	7.33.0
software.amazon.awssdk:bom	2.39.2	2.40.12
software.amazon.awssdk:apigateway	2.39.2	2.40.12
org.apache.commons:commons-text	1.14.0	1.15.0
org.bouncycastle:bcpkix-jdk18on	1.82	1.83
org.springframework.security:spring-security-crypto	7.0.0	7.0.2
io.rest-assured:rest-assured	5.5.6	6.0.0
org.sonarqube	7.1.0.6387	7.2.2.6593

Updates io.cucumber:cucumber-bom from 7.32.0 to 7.33.0

Release notes

Sourced from io.cucumber:cucumber-bom's releases.

v7.33.0

Added

• [Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

• [Core] Upload Cucumber Reports with Gzip encoding (#3115)
• [Core] Render the empty tag expression as an empty string (#222)
• [Core] Update dependency io.cucumber:html-formatter to v22.2.0
• [Core] Update dependency io.cucumber:tag-expressions to v8.1.0
• [Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

• [Core] Improve error message for missing operands in tag expressions (#221)
• [Core] Include empty scenarios and backgrounds in json report (#34)

Changelog

Sourced from io.cucumber:cucumber-bom's changelog.

[7.33.0] - 2025-12-09

Added

• [Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

• [Core] Upload Cucumber Reports with Gzip encoding (#3115)
• [Core] Render the empty tag expression as an empty string (#222)
• [Core] Update dependency io.cucumber:html-formatter to v22.2.0
• [Core] Update dependency io.cucumber:tag-expressions to v8.1.0
• [Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

• [Core] Improve error message for missing operands in tag expressions (#221)
• [Core] Include empty scenarios and backgrounds in json report (#34)

Commits

• 4224e67 Prepare release v7.33.0
• c2037cb Update CHANGELOG
• eda8a9b fix(deps): update dependency io.cucumber:cucumber-json-formatter to v0.3.2
• 8282a7c Link to Maven and Gradle starters and example projects
• b5c47fc Apply spotless
• b9c6865 Add documentation about localized transformers (#3125)
• 00e1ff0 Add default implementation to TestCaseState.getLanguage
• 33f6196 Apply spotless
• 94c99d2 Add default implementation to TestCase.getLanguage
• 5a7a317 Fix/naming within junit test (#3126)
• Additional commits viewable in compare view

Updates software.amazon.awssdk:bom from 2.39.2 to 2.40.12

Updates software.amazon.awssdk:apigateway from 2.39.2 to 2.40.12

Updates software.amazon.awssdk:apigateway from 2.39.2 to 2.40.12

Updates org.apache.commons:commons-text from 1.14.0 to 1.15.0

Changelog

Sourced from org.apache.commons:commons-text's changelog.

Apache Commons Text 1.15.0 Release Notes

The Apache Commons Text team is pleased to announce the release of Apache Commons Text 1.15.0.

Apache Commons Text is a set of utility functions and reusable components for processing and manipulating text in a Java environment.

Release 1.15.0. This is a feature and maintenance release. Java 8 or later is required.

New features

•        Add experimental CycloneDX VEX file [#683](https://github.com/apache/commons-text/issues/683). Thanks to Piotr P. Karwasz, Gary Gregory.
  

• TEXT-235: Add Damerau-Levenshtein distance #687. Thanks to LorgeN, Gary Gregory.

•        Add unit tests to increase coverage [#719](https://github.com/apache/commons-text/issues/719). Thanks to Michael Hausegger, Gary Gregory.
  

•        Add new test for CharSequenceTranslator#with() [#725](https://github.com/apache/commons-text/issues/725). Thanks to Michael Hausegger, Gary Gregory.
  

•        Add tests and assertions to org.apache.commons.text.similarity to get to 100% code coverage [#727](https://github.com/apache/commons-text/issues/727), [#728](https://github.com/apache/commons-text/issues/728). Thanks to Michael Hausegger.
  

Fixed Bugs

•        Fix exception message typo in XmlStringLookup.XmlStringLookup(Map, Path...). Thanks to Gary Gregory.
  

• TEXT-236: Inserting at the end of a TextStringBuilder throws a StringIndexOutOfBoundsException. Thanks to Pierre Post, Sumit Bera, Alex Herbert, Gary Gregory.

•        Fix TextStringBuilderTest.testAppendToCharBuffer() to use proper argument type [#724](https://github.com/apache/commons-text/issues/724). Thanks to Michael Hausegger.
  

•        Fix Apache RAT plugin console warnings. Thanks to Gary Gregory.
  

•        Fix site XML to use version 2.0.0 XML schema. Thanks to Gary Gregory.
  

•        Removed unreachable threshold verification code in src/main/java/org/apache/commons/text/similarity [#730](https://github.com/apache/commons-text/issues/730). Thanks to Michael Hausegger.
  

•        Enable secure processing for the XML parser in XmlStringLookup in case the underlying JAXP implementation doesn't [#729](https://github.com/apache/commons-text/issues/729). Thanks to 김민재 (minjas0507), Gary Gregory, Piotr Karwasz.
  

Changes

•        Bump org.apache.commons:commons-parent from 85 to 93 [#704](https://github.com/apache/commons-text/issues/704), [#723](https://github.com/apache/commons-text/issues/723), [#726](https://github.com/apache/commons-text/issues/726). Thanks to Gary Gregory.
  

•        Bump commons.bytebuddy.version from 1.17.6 to 1.18.2 [#696](https://github.com/apache/commons-text/issues/696), [#722](https://github.com/apache/commons-text/issues/722). Thanks to Gary Gregory.
  

•        Bump graalvm.version from 24.2.2 to 25.0.1 [#703](https://github.com/apache/commons-text/issues/703), [#716](https://github.com/apache/commons-text/issues/716). Thanks to Gary Gregory, Dependabot.
  

•        Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.20.0. Thanks to Gary Gregory.
  

•        Bump commons-io:commons-io from 2.20.0 to 2.21.0. Thanks to Gary Gregory.
  

Historical list of changes: https://commons.apache.org/proper/commons-text/changes.html

For complete information on Apache Commons Text, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Text website:

https://commons.apache.org/proper/commons-text

Download page: https://commons.apache.org/proper/commons-text/download_text.cgi

... (truncated)

Commits

• 04e9374 Prepare for the release candidate 1.15.0 RC1
• 502c4c4 Prepare for the next release candidate
• c6e17ec Use direct access
• 58e1e12 Simplify XML FSP (#731)
• b5052c9 Bump actions/setup-java from 5.0.0 to 5.1.0
• 2e2d4bc Revert "Bump actions/setup-java from 5.0.0 to 5.1.0"
• b0ddbd1 Bump actions/setup-java from 5.0.0 to 5.1.0
• 1c2d382 Add tests with external DTD
• ed3df4b Internal clean up
• bb508f3 Bump actions/checkout from 6.0.0 to 6.0.1
• Additional commits viewable in compare view

Updates org.bouncycastle:bcpkix-jdk18on from 1.82 to 1.83

Changelog

Sourced from org.bouncycastle:bcpkix-jdk18on's changelog.

2.1.1 Version Release: 1.84 Date:      TBD

2.2.1 Version Release: 1.83 Date:      2025, November 27th.

... (truncated)

Commits

• See full diff in compare view

Updates org.springframework.security:spring-security-crypto from 7.0.0 to 7.0.2

Release notes

Sourced from org.springframework.security:spring-security-crypto's releases.

7.0.2

🪲 Bug Fixes

• AuthorizationWebProxyConfiguration should only be active when both spring-security-web and spring-webmvc are on the classpath #18315

7.0.1

⭐ New Features

• Stop deploying JavaDoc outside of Antora #18200

🪲 Bug Fixes

• An unexpected dependency appeared for spring-security-config of spring-security-web #18307
• Fix "typ" header value in NimbusJwtEncoder-encoded JWT #18270
• Fix broken link to Spring Boot docs #18236
• Fix documentation resource server sample title #18231
• Fix MyCustomDsl to use csrf(Customizer) instead of removed csrf().disabled() #18223
• Fix typo in AnnotationTemplateExpressionDefaults documentation #18255
• Fix typos in documentation depenendencies->dependencies #18209
• NimbusJwtEncoder produces JWT with wrong "typ" header value #18269
• OAuth2AuthorizationEndpointFilter should be applied after AuthorizationFilter #18251
• Remove requireProofKey warning for non-auth-code flows #18221
• Remove throws from MyCustomDsl in docs #18224

🔨 Dependency Upgrades

• Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 #18214
• Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 #18311
• Bump com.fasterxml.jackson:jackson-bom from 2.20.0 to 2.20.1 #18245
• Bump com.unboundid:unboundid-ldapsdk from 7.0.3 to 7.0.4 #18262
• Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 #18189
• Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 #18277
• Bump io.mockk:mockk from 1.14.6 to 1.14.7 #18274
• Bump io.projectreactor:reactor-bom from 2025.0.0 to 2025.0.1 #18289
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.13 #18187
• Bump org-aspectj from 1.9.24 to 1.9.25 #18186
• Bump org.apache.kerby:kerb-simplekdc from 2.1.0 to 2.1.1 #18215
• Bump org.junit:junit-bom from 6.0.0 to 6.0.1 #18188
• Bump org.springframework.data:spring-data-bom from 2025.1.0 to 2025.1.1 #18312
• Bump org.springframework:spring-framework-bom from 7.0.0 to 7.0.1 #18213
• Bump org.springframework:spring-framework-bom from 7.0.1 to 7.0.2 #18310
• Bump tools.jackson:jackson-bom from 3.0.1 to 3.0.2 #18212
• Bump tools.jackson:jackson-bom from 3.0.2 to 3.0.3 #18244

🔩 Build Updates

• Add Test for ServletRequestPathUtils.parseAndCache(method=null) #18166
• Bump antora from 3.2.0-alpha.10 to 3.2.0-alpha.11 in /docs #18238

❤️ Contributors

... (truncated)

Commits

• 9d08114 Release 7.0.2
• 0155d4a Restore Check for DispatcherServlet on Classpath
• 29ad1e6 Next development version
• 8651868 Release 7.0.1
• 5732f39 Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22
• 8bfa849 Bump org.springframework.data:spring-data-bom from 2025.1.0 to 2025.1.1
• e033086 Bump org.springframework:spring-framework-bom from 7.0.1 to 7.0.2
• 964fcac Polish Tests
• 1d1b3ff Fix "typ" header value in NimbusJwtEncoder-encoded JWT
• c8898f9 Test NimbusJwtEncoder & NimbusJwtDecoder symmetrically
• Additional commits viewable in compare view

Updates io.rest-assured:rest-assured from 5.5.6 to 6.0.0

Changelog

Sourced from io.rest-assured:rest-assured's changelog.

Changelog 6.0.0 (2025-12-12)

• spring-mock-mvc module now supports Spring 7.x
• spring-web-test-client now supports Spring 7.x
• Upgraded commons-lang3 from 3.18.0 to 3.19.0
• The spring modules now required Spring 5.3+ (previously 5.1 was required)
• New minimum Java baseline is now 17
• New minimum Groovy base is now 5.x
• Support for Jackson 3 object mapping
• Support for Yasson 3 object mapping
• Support for jakarta JsonB/Johnzon 3 object mapping
• Migrate json-path fully to Java, bypass GroovyShell for evaluation (#1844) (thanks to Michael Edgar for PR)
  • This fixed some nasty memory leaks when using JsonPath heavily in long running processes
• Stop resetting ResponseParserRegistrar during build (#1759, #1505, #1207 & #978) (thanks to Marc Easen for PR)
• Skip Null filters in FilterContextImpl (#1834) (thanks to Boyarshinov Alexander for PR)
• Upgraded Kotlin extension module to use Kotlin 2.2.21

Commits

• 0b3a0d9 [maven-release-plugin] prepare release rest-assured-6.0.0
• bd55281 [ci skip] Add exclusions for jackson3-example and spring7-mvc-webapp in pom.xml
• eb141e2 [maven-release-plugin] prepare for next development iteration
• 4c1a241 [maven-release-plugin] prepare release rest-assured-6.0.0
• 2f11520 Using newer version of dokka and using stdlib for kotlin instead of jdk8
• 6d9362c Ability to exclude osgi-tests in release
• 24380db Revert osgi-tests back to JUnit 4
• 9c12601 Upgraded Kotlin extension module to use Kotlin 2.2.21
• 4b1ff78 [ci skip] Prepare and perform release in single step
• 931f421 [ci skip] Removed explicit javadoc path workaround for JDK 8
• Additional commits viewable in compare view

Updates org.sonarqube from 7.1.0.6387 to 7.2.2.6593

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.