uPortal v5.17.8

Patch release on top of v5.17.7, completing uPortal core's side of the resource-server consolidation. Swaps every internal /ResourceServingWebapp/ reference in skin descriptors, admin JSPs, and chrome assets onto /resource-server/, and trims a set of 2008–2015 utility-lib webjar dependencies that are either CVE-prone or native-replaceable on modern browsers.

Refactor

• Consolidate skin + JSP onto /resource-server/ (#2983)

  Moves uPortal core's skin descriptors, admin JSPs, and chrome-asset references off the legacy /ResourceServingWebapp/ context onto /resource-server/. Drops a bundle of 2008–2015 utility libraries (lodash 4.17.4, modernizr 2.6.2, normalize.css 2.1.2, four polyfill webjars) that were either CVE-prone, native-replaceable on modern browsers, or both. Also removes dead <rs:compressJs> taglib wrappers (already a no-op upstream now that minification has moved to esbuild).

  Two commits land together: the main consolidation (~30 files: JSP cleanup, SCSS path swaps, tango/famfamfam icon URL swaps, dead webjar deps removed) and a finishing touch in respondr/common/common_skin.xml for the three resource="true" entries (underscore, backbone, jquery-plugins/rating) that the first pass missed. All three libs are served at byte-identical relative paths under the modern overlay.

Docs

• Prefer keys.openpgp.org over keyserver.ubuntu.com (#2984)

  Brings the release-guide keyserver instructions in line with the Maven ecosystem release guide. The Central Publisher Portal queries keys.openpgp.org first when validating signatures; a key only on keyserver.ubuntu.com will fail signature validation non-deterministically. Includes the email-confirmation caveat for identity packets and a per-session verification curl.

• Manual NOTICE/license review step pre-Testing (#2985)

  Adds a "Review NOTICE and License Headers" section to the release guide between "Review Dependencies" and "Testing". Cross-links to the Maven release guide's automated equivalent (which Gradle uPortal lacks today) and provides a quick grep heuristic for missing Apache license headers on changed files.

Upgrade notes

• Deployers running uPortal-start ≤ 5.17.7: drop-in replacement. /ResourceServingWebapp/ is no longer requested by uPortal core, but the path itself is still served by the overlay until resource-server 1.5.4 ships and uPortal-start retires ResourceServingWebapp. Browsers will see network requests cleanly addressed to /resource-server/.
• Deployers tracking the resource-server consolidation: this release is the uPortal-side complement of the Wave 1 portlet releases shipped today (SimpleContentPortlet 3.4.3, FeedbackPortlet 1.3.2, NewsReaderPortlet 5.1.5). With v5.17.8 in place, all core and portlet consumers are aligned for the upcoming resource-server 1.5.4 release where the legacy JS bundles ship.
• Skin overlays with custom paths: if your deployment skin references the dropped utility-lib webjars (lodash 4.17.4, modernizr 2.6.2, normalize.css 2.1.2, fetch/promise/array.from/url-search-params polyfills), declare them explicitly in your overlay's pom.xml/gradle.properties. The defaults no longer pull them in.

uPortal v5.17.7

Single-fix patch on top of v5.17.5. Supersedes v5.17.6, which was a botched version-bump-only release (no functional changes from v5.17.5); deployers should skip 5.17.6 and consume 5.17.7 instead.

Fixes

• Deprecate the LESS pipeline in the respondr skin (#2982)

  uPortal-webapp/src/main/webapp/media/skins/respondr/common/common.less still pulled in five sub-files — variables.less, mixins.less, regions.less, gallery.less, tags.less — that were removed during the Bootstrap 5 / SCSS migration. Any consumer running compileLess against this skin failed with "file not found" on the first dropped import, blocking uPortal-start's quickstart build (the symptom that surfaced this was compileLess0 failing on uPortal-start PR #694).

  This change comments out the five orphaned @import lines, swaps the Bootstrap LESS import for the compiled bootstrap.css (so the file still produces usable CSS), and tags each entry with a DEPRECATED banner pointing at the SCSS pipeline as the supported path forward. The file itself is kept rather than deleted so any skin overlay still referencing it continues to compile during the deprecation window.

Upgrade notes

No configuration or deployment changes required. Drop-in replacement for v5.17.5. The respondr LESS pipeline remains compiled but is now formally deprecated — new skin work should target the SCSS pipeline.

uPortal v5.17.5

Single-fix patch on top of v5.17.4.

Fixes

• Drop duplicate Bootstrap 5 includes from the respondr skin (#2980)

  respondr/common/common_skin.xml declared the Bootstrap 5 CSS bundle and the JS bundle three times each: a <… included=\"plain\"> variant, a <… included=\"aggregated\"> variant, and a third unqualified entry that matched both render modes. The unqualified entry caused bootstrap.bundle.min.js to load twice in the browser, attaching two delegated click handlers per dropdown toggle. A single user click on a portlet's Options menu toggled the menu open then immediately back to closed, so every UX flow gated on opening that menu — favorites add/remove, rate-this-portlet, edit-mode entry, return-to-dashboard from a maximized portlet — appeared silently broken across the welcome page and every other dashboard.

  The fix is the deletion of the two unqualified entries; the included=\"plain\" / included=\"aggregated\" pair already covers every render mode.

  The duplication originally landed during the Bootstrap 5 migration when two contributors added the same asset from different mental models — unconditional include and mode-qualified include. Both were applied; neither was removed.

Upgrade notes

No configuration or deployment changes required. Drop-in replacement for v5.17.4.

uPortal 5.17.4

Patch release on top of v5.17.3.

Fix

The obsolete ch.qos.logback.classic.selector.servlet.ContextDetachingSCL listener has been removed from uPortal-webapp/src/main/webapp/WEB-INF/web.xml (PR #2976). The class was part of Logback's J2EE selector machinery and was removed in Logback 1.3.x.

Unlike NotificationPortlet (which still bundles Logback 1.1.11), uPortal core itself bundles Logback 1.5.32 today — so this listener was an active bug, not a latent one. It was a known tripwire across the fleet during the 2026-05 wave: every portlet that bumped Logback to 1.3+ via uportal-portlet-parent v51 hit ClassNotFoundException at context startup with this exact listener. The same fix landed across the fleet (Announcements 2.5.3, Calendar 2.7.2, JasigWidget 2.4.2, NewsReader 5.1.4, SimpleContent 3.4.2, Notification 4.8.3).

The listener also has no functional value here — Logback's modern auto-cleanup handles classloader GC and JMX deregistration without needing this hook.

Dependency bumps

Routine Renovate-driven patch bumps in established libraries:

• commons-cli → 1.11.0 (#2967)
• commons-codec → 1.22.0 (#2968)
• commons-io → 2.22.0 (#2971)
• commons-pool2 → 2.13.1 (#2974)
• tika-core → 3.3.0 (#2975)
• jsoup → 1.22.2 (#2978)
• easymock → 5.6.0 (#2977)

Docs

• Drop the Docker demo publish step from RELEASE.md (#2970).
• Backfill v5.17.2 + v5.17.3 in CHANGES and HISTORY.md (#2969).

Compatibility

• Drop-in upgrade for any deployment running v5.17.3.
• No schema changes, no API contract changes.
• Java 11, Tomcat 8.5/9.x as before.

v5.17.3

uPortal 5.17.3

This is a maintenance release of uPortal. The headline change is a substantial frontend modernization that's been in flight for a long time finally landing — Bootstrap 3 → 5, jQuery 4, LESS → SCSS, and removal of Fluid Infusion across the respondr skin. The release also folds in security updates (commons-lang3, commons-beanutils, guava, hsqldb), refactor work on the LimitingTee output stream, and the routine Renovate dependency-hygiene cycle.

Thanks to @Naenyn (Bill Smith) for owning the frontend modernization end-to-end, and to all the contributors who made this release possible — including the Renovate and Dependabot bots whose dep-hygiene PRs accumulated to a meaningful chunk of the changeset.

Changes Affecting Deployments

• Frontend modernization in #2915: Bootstrap upgraded from 3 → 5, jQuery upgraded to 4, LESS migrated to SCSS, and Fluid Infusion removed from the respondr skin. Customized skins will need updating. Review your overrides under uPortal-webapp/src/main/webapp/media/skins/ for:
  • .less files (now .scss)
  • Bootstrap 3/4 class names (replaced by their BS5 equivalents)
  • Any direct uses of the Fluid library (replaced with vanilla JS components for layout preferences, tab manager, group admin, entity selector, permissions, customize/gallery, and flyout)

Features / Refactors

• Frontend modernization (#2915) — see Changes Affecting Deployments above.
• Refactor LimitingTee callbacks from Function<T,?> to Consumer<T> (#2945) and silence the corresponding ErrorProne CheckReturnValue (#2943).
• Pin Spring/Hibernate majors in the Renovate config (#2948) so major-bump PRs that won't be merged stop being proposed.

Fixes

• Exclude Spring from resource-server-utils transitive deps to avoid version pinning conflicts (#2944).
• Fix off-by-21 in LimitingTeeOutputStreamTest (latent bug surfaced by the commons-io 2.22 bounds tightening, folded into #2964).
• Pin commons-compress in the uPortal-webapp buildscript classpath to avoid a commons-lang3 split between Gradle's bundled version and the version transitively pulled in via resource-server (folded into #2964).

Documentation

• Align AGENTS.md with the project's actual Java 11 baseline, replacing inaccurate "ban Java 9+" wording (#2947).

Security Updates

• org.hsqldb:hsqldb → 2.7.1 (#2671) and 2.7.4 (#2949)
• commons-beanutils:commons-beanutils → 1.11.0 (#2934)
• org.apache.commons:commons-lang3 → 3.18.0 (#2936) and 3.20.0 (#2951)
• com.google.guava:guava → v32 (#2939)

Other Dependency Updates

• org.jasig.resourceserver:resource-server → 1.5.3 (#2964)
• Routine Renovate / Dependabot updates: aws-java-sdk-s3, joda-time, ant, lombok, spotbugs, groovy, jackson, logback-classic, codenarc, prettier, errorprone plugin, immutable. PRs: #2946, #2952, #2953, #2954, #2955, #2956, #2957, #2958, #2959, #2960, #2962, #2963.

Full Changelog: v5.17.2...v5.17.3

v5.17.2

What's Changed

Fixes

• fix: handle IllegalArgumentException for stale portlet URLs by @bjagg in #2924
• fix(deps): correct jacksonVersion to 2.21.2 by @bjagg in #2928
• fix(deps): split jacksonAnnotationsVersion from jacksonVersion by @bjagg in #2928
• fix(deps): downgrade logback to 1.3.14 for SLF4J 1.7 compatibility by @bjagg in #2930
• fix: migrate publishing from OSSRH to Central Publisher Portal by @bjagg in #2932
• fix: resolve Central Portal deployment validation errors (POM packaging + orphaned .jar.asc) by @bjagg

Dependency Updates

• fix(deps): update jackson monorepo to v2.21.2 by @renovate in #2892
• fix(deps): update aspectj to v1.9.25.1 by @renovate in #2904
• fix(deps): update jadira usertype to v3.2.0.ga by @renovate in #2541
• fix(deps): update Apache Tika to 3.2.3 by @bjagg in #2922
• fix(deps): update lucene to v8.11.4 by @renovate
• fix(deps): update groovy to v3.0.24 by @renovate
• fix(deps): update lombok to v1.18.38 by @renovate
• fix(deps): update jsoup to v1.20.1 by @renovate
• fix(deps): update commons-io to v2.19.0 by @renovate
• fix(deps): update joda-time to v2.14.0 by @renovate
• fix(deps): update spotbugs to v4.9.3 by @renovate
• fix(deps): update findsecbugs-plugin to v1.14.0 by @renovate
• fix(deps): update aws-java-sdk-s3 to v1.12.783 by @renovate
• chore(deps): update plugin net.ltgt.errorprone to v4.2.0 by @renovate
• chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by @dependabot
• chore(deps-dev): bump flatted from 3.3.1 to 3.4.2 by @dependabot
• chore(deps-dev): bump minimatch from 3.1.2 to 3.1.5 by @dependabot
• chore(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by @dependabot
• chore(deps-dev): bump mdast-util-to-hast from 13.1.0 to 13.2.1 by @dependabot

Chores

• chore: update Node.js from 20 to 24 by @bjagg in #2912
• chore: add test summaries to Gradle by @bjagg in #2910
• chore: add AGENTS.md and .sdkmanrc by @bjagg in #2931

Documentation

• docs: add subsystem analysis for uPortal 6/7 modernization by @bjagg in #2917
• docs: create AGENTS.md by @bjagg
• docs: consolidate CLAUDE.md architecture docs into AGENTS.md by @bjagg in #2933
• docs: document preview versions, playwright tests, and java switching by @bjagg
• docs: clean up badges and top links of README.md by @bjagg

Tests

• test: add change risk anti-pattern report by @bjagg in #2913

Release Infrastructure

• Migrated publishing from legacy OSSRH (oss.sonatype.org, sunset June 2025) to the Central Publisher Portal's OSSRH Staging API compatibility service
• Updated RELEASE.md with new portal workflow, token auth, and manual staging upload step

Full Changelog: v5.17.1...v5.17.2

v5.17.1

What's Changed

Chores

• chore: change two log lines to debug by @bjagg in #2893

Dependency Updates

• chore(deps): update plugin com.github.node-gradle.node to v7.1.0 by @renovate in #2856
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.777 by @renovate in #2865
• fix(deps): update groovy to v3.0.23 by @renovate in #2866
• chore(deps): update plugin net.ltgt.errorprone to v4.1.0 by @renovate in #2867
• fix(deps): update dependency org.json:json to v20250107 by @renovate in #2870
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.781 by @renovate in #2871
• fix(deps): update dependency org.jsoup:jsoup to v1.18.3 by @renovate in #2872
• fix(deps): update dependency com.thoughtworks.xstream:xstream to v1.4.21 by @renovate in #2875
• fix(deps): update dependency spotbugs to v4.9.1 by @renovate in #2891
• fix(deps): update dependency org.webjars.npm:core-js-bundle to v3.40.0 by @renovate in #2890
• fix(deps): update dependency org.easymock:easymock to v5.5.0 by @renovate in #2889
• fix(deps): update dependency commons-io:commons-io to v2.18.0 by @renovate in #2888
• fix(deps): update dependency commons-beanutils:commons-beanutils to v1.10.1 by @renovate in #2886
• fix(deps): update dependency commons-codec:commons-codec to v1.18.0 by @renovate in #2887
• fix(deps): update dependency codenarc to v3.6.0 by @renovate in #2884
• fix(deps): update dependency org.projectlombok:lombok to v1.18.36 by @renovate in #2878
• fix(deps): update dependency org.apache.commons:commons-pool2 to v2.12.1 by @renovate in #2877
• fix(deps): update dependency joda-time:joda-time to v2.13.1 by @renovate in #2876
• chore(deps): update dependency eslint-config-prettier to v10 by @renovate in #2873
• chore(deps): update dependency prettier to ~3.5.0 by @renovate in #2881
• chore(deps): update plugin net.researchgate.release to v3.1.0 by @renovate in #2882
• fix(deps): update dependency org.webjars.npm:jstree to v3.3.17 by @renovate in #2879

Documentation

• Added CachingPersonAttributeDaoImpl bean and myunivCachingPersonDbJdbcAttributeSource bean to the User Attributes docs by @555vedant in #2858
• Added Import/Export page in the uP5 Manual (#1241) by @555vedant in #2859

New Contributors

• @555vedant made their first contribution in #2858

Full Changelog: v5.17.0...v5.17.1

v5.17.0

What's Changed

• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.639 by @renovate in #2743
• fix(deps): update dependency joda-time:joda-time to v2.12.6 by @renovate in #2744
• fix(deps): update dependency spotbugs to v4.8.3 by @renovate in #2745
• fix(deps): update dependency codenarc to v3.4.0 by @renovate in #2746
• fix(deps): update dependency org.apache.commons:commons-compress to v1.25.0 by @renovate in #2748
• fix(deps): update dependency org.jsoup:jsoup to v1.17.2 by @renovate in #2750
• fix(deps): update dependency org.apache.commons:commons-lang3 to v3.14.0 by @renovate in #2749
• fix(deps): update dependency commons-io:commons-io to v2.15.1 by @renovate in #2747
• chore(deps): update plugin com.github.node-gradle.node to v7.0.2 by @renovate in #2752
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.654 by @renovate in #2753
• chore(deps): update gradle/wrapper-validation-action action to v2 by @renovate in #2760
• fix(deps): update dependency org.json:json to v20240205 by @renovate in #2755
• chore(deps): update dependency eslint-plugin-unicorn to v51 by @renovate in #2756
• chore(deps): update dependency prettier to ~3.2.0 by @renovate in #2754
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.664 by @renovate in #2762
• fix(deps): update dependency commons-codec:commons-codec to v1.16.1 by @renovate in #2763
• fix(deps): update dependency joda-time:joda-time to v2.12.7 by @renovate in #2764
• chore(deps): update dependency eslint-plugin-sonarjs to ^0.24.0 by @renovate in #2765
• fix(deps): update dependency org.webjars.npm:webcomponents__webcomponentsjs to v2.8.0 by @renovate in #2767
• fix(deps): update groovy to v3.0.20 by @renovate in #2768
• fix(deps): update dependency org.apache.commons:commons-compress to v1.26.0 by @renovate in #2766
• chore: Increasing Test Coverage by @HimanshiVerma05 in #2769
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.684 by @renovate in #2770
• fix(deps): update dependency org.apache.commons:commons-compress to v1.26.1 by @renovate in #2771
• fix(deps): update dependency org.projectlombok:lombok to v1.18.32 by @renovate in #2772
• fix(deps): update groovy to v3.0.21 by @renovate in #2773
• chore(deps): update remark (major) by @renovate in #2774
• fix(deps): update dependency org.json:json to v20240303 by @renovate in #2775
• fix(deps): update dependency com.h3xstream.findsecbugs:findsecbugs-plugin to v1.13.0 by @renovate in #2776
• chore: Minor code refactoring changes by @HimanshiVerma05 in #2778
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.687 by @renovate in #2779
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.702 by @renovate in #2782
• chore: update gradle wrapper to new namespace by @ChristianMurphy in #2784
• chore(deps): update dependency eslint-plugin-sonarjs to ^0.25.0 by @renovate in #2785
• chore(deps): update dependency eslint-plugin-unicorn to v52 by @renovate in #2787
• chore(deps): update remark (major) by @renovate in #2791
• fix(deps): update dependency commons-cli:commons-cli to v1.7.0 by @renovate in #2789
• fix(deps): update dependency commons-io:commons-io to v2.16.1 by @renovate in #2790
• fix(deps): update dependency spotbugs to v4.8.4 by @renovate in #2788
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.716 by @renovate in #2792
• fix(deps): update dependency spotbugs to v4.8.5 - autoclosed by @renovate in #2793
• fix(deps): update dependency org.xmlunit:xmlunit-legacy to v2.10.0 by @renovate in #2794
• chore: upgrade to ESLint 9, migrate configuration file to flat format by @ChristianMurphy in #2796
• fix(deps): update dependency commons-codec:commons-codec to v1.17.0 by @renovate in #2797
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.732 by @renovate in #2798
• fix/issue-#2800: Fix bug with favorites getting deleted when a favori… by @groybal in #2801
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.746 by @renovate in #2803
• fix(deps): update dependency spotbugs to v4.8.6 - autoclosed by @renovate in #2804
• chore(deps): update dependency eslint-plugin-unicorn to v54 by @renovate in #2805
• chore(deps): update dependency prettier to ~3.3.0 by @renovate in #2806
• fix(deps): update dependency org.easymock:easymock to v5.3.0 by @renovate in #2807
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.761 by @renovate in #2808
• fix(deps): update dependency commons-codec:commons-codec to v1.17.1 by @renovate in #2809
• fix(deps): update dependency org.projectlombok:lombok to v1.18.34 by @renovate in #2811
• fix(deps): update dependency codenarc to v3.5.0 by @renovate in #2812
• fix(deps): update dependency org.apache.commons:commons-compress to v1.26.2 by @renovate in #2810
• fix(deps): update dependency org.jsoup:jsoup to v1.18.1 - autoclosed by @renovate in #2813
• fix(deps): update dependency org.skyscreamer:jsonassert to v1.5.3 by @renovate in #2814
• fix(deps): update dependency commons-cli:commons-cli to v1.8.0 by @renovate in #2815
• chore: update node to latest long term support by @ChristianMurphy in #2816
• fix(deps): update dependency org.webjars.npm:jstree to v3.3.16 by @renovate in #2780
• fix(deps): update groovy to v3.0.22 by @renovate in #2817
• fix(deps): update dependency org.apache.commons:commons-lang3 to v3.15.0 by @renovate in #2820
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.763 - autoclosed by @renovate in #2819
• chore(deps): update dependency eslint-plugin-unicorn to v55 by @renovate in #2821
• chore(deps): update plugin net.ltgt.errorprone to v4 by @renovate in #2823
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.765 by @renovate in #2822
• fix(deps): update dependency org.easymock:easymock to v5.4.0 by @renovate in #2826
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.767 by @renovate in #2825
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.769 by @renovate in #2827
• fix(deps): update dependency commons-cli:commons-cli to v1.9.0 by @renovate in #2828
• fix(deps): update dependency org.apache.commons:commons-compress to v1.27.0 by @renovate in #2829
• fix(deps): update dependency org.apache.commons:commons-lang3 to v3.16.0 - autoclosed by @renovate in #2830
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.770 by @renovate in https://github.com/uPo...

v5.16.1

What's Changed

• chore: spelling fixes by @ChristianMurphy in #2735
• Fix flaky test: testStylesheetDescriptor40ImportExport by @KiruthikaJanakiraman in #2732
• chore(deps): update actions/setup-java action to v4 by @renovate in #2739
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.606 by @renovate in #2740
• chore(deps): update dependency prettier to ~3.1.0 by @renovate in #2741
• fix: move .active CSS back in correct order by @bjagg in #2742
• Fix under-determined test: testWithParam by @KiruthikaJanakiraman in #2737

Full Changelog: v5.16.0...v5.16.1

v5.16.0

What's Changed

• Update plugin net.ltgt.errorprone to v3.1.0 by @renovate in #2669
• Update dependency org.webjars.npm:core-js-bundle to v3.30.1 by @renovate in #2659
• Update dependency codenarc to v3.3.0 by @renovate in #2688
• Update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.522 by @renovate in #2687
• UPSE-387: Update portlets.json REST endpoint to allow filtering by user's portlet permission and favorite/unfavorite by @groybal in #2689
• Update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.525 by @renovate in #2690
• Update dependency commons-codec:commons-codec to v1.16.0 by @renovate in #2691
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.534 by @renovate in #2692
• Update dependency org.apache.ant:ant to v1.10.14 by @renovate in #2693
• docs: issue form and issue configuration by @ChristianMurphy in #2697
• Update actions/checkout action to v4 by @renovate in #2700
• fix(deps): update dependency org.jsoup:jsoup to v1.16.2 by @renovate in #2702
• fix(deps): update dependency org.easymock:easymock to v5.2.0 by @renovate in #2705
• chore(deps): update plugin com.github.node-gradle.node to v7 by @renovate in #2706
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.574 by @renovate in #2701
• fix(deps): update dependency org.projectlombok:lombok to v1.18.30 by @renovate in #2703
• chore: update node js, less, and gradle node version by @ChristianMurphy in #2696
• docs: update links to contributing guide by @ChristianMurphy in #2716
• feat: add tab name and portlet info to analytics events by @bjagg in #2694
• feat/AnalyticsEventUpdate add new features to AnalyticsPortalEvent an… by @mgillian in #2695
• fix(deps): update dependency org.apache.commons:commons-pool2 to v2.12.0 by @renovate in #2714
• fix(deps): update dependency org.apache.commons:commons-lang3 to v3.13.0 by @renovate in #2713
• fix(deps): update dependency org.apache.commons:commons-compress to v1.24.0 by @renovate in #2712
• fix(deps): update dependency commons-cli:commons-cli to v1.6.0 by @renovate in #2710
• fix(deps): update dependency org.json:json to v20231013 by @renovate in #2707
• build(deps-dev): bump postcss from 8.4.20 to 8.4.31 by @dependabot in #2698
• fix(deps): update dependency org.webjars.npm:jstree to v3.3.15 by @renovate in #2683
• fix(deps): update jaxb to v2.3.9 by @renovate in #2651
• fix(deps): update jacksonversion to v2.15.3 by @renovate in #2709
• fix(deps): update dependency com.fasterxml.staxmate:staxmate to v2.4.1 by @renovate in #2708
• chore: disable javdoc (for now) by @bjagg in #2717
• Add new 'uPortal-session' submodule which adds support for session cl… by @groybal in #2699
• chore(deps): update dependency prettier to v3 by @renovate in #2680
• Fix flaky tests: JSON comparison by @KiruthikaJanakiraman in #2718
• unit test implemented by @snehit221 in #2715
• chore: use version range in github actions by @ChristianMurphy in #2721
• Fix flaky test testExternalUrl using LinkedHashMap by @KiruthikaJanakiraman in #2719
• fix(deps): update dependency commons-io:commons-io to v2.15.0 by @renovate in #2711
• ci: simplify cross platform testing, option 1 by @ChristianMurphy in #2722
• fix(deps): update groovy to v3.0.19 by @renovate in #2650
• chore: upgrade release plugin by @bjagg in #2724
• chore: upgrade lint tools by @ChristianMurphy in #2720
• fix(deps): update dependency spotbugs to v4.8.1 by @renovate in #2729
• fix(deps): update dependency org.webjars.npm:regenerator-runtime to v0.14.0 by @renovate in #2728
• fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.586 by @renovate in #2727
• fix(deps): update aspectj to v1.9.20.1 by @renovate in #2725
• chore: upgrade to servlet 3.1.0 by @bjagg in #2731

New Contributors

• @KiruthikaJanakiraman made their first contribution in #2718
• @snehit221 made their first contribution in #2715

Full Changelog: v5.15.1...v5.16.0