From 57e40d5b0c4114e4a4531da2b53e490e2eaa19db Mon Sep 17 00:00:00 2001
From: Alex Imenes <132364326+aleximenes@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:36:35 +0100
Subject: [PATCH 01/23] Allow zero as value to certain tracking parameters
 (#362)

---
 .../matomo/java/tracking/MatomoRequest.java   | 12 ++---
 .../java/tracking/QueryCreatorTest.java       | 53 ++++++++++++++++++-
 servlet-javax/pom.xml                         |  2 +-
 3 files changed, 59 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/org/matomo/java/tracking/MatomoRequest.java b/core/src/main/java/org/matomo/java/tracking/MatomoRequest.java
index d9349836..42ef0c29 100644
--- a/core/src/main/java/org/matomo/java/tracking/MatomoRequest.java
+++ b/core/src/main/java/org/matomo/java/tracking/MatomoRequest.java
@@ -355,7 +355,7 @@ public class MatomoRequest {
   /**
    * The grand total for the ecommerce order (required when tracking an ecommerce order).
    */
-  @TrackingParameter(name = "revenue")
+  @TrackingParameter(name = "revenue", min = 0)
   private Double ecommerceRevenue;
 
   /**
@@ -433,7 +433,7 @@ public class MatomoRequest {
   /**
    * Some numeric value that represents the event value.
    */
-  @TrackingParameter(name = "e_v")
+  @TrackingParameter(name = "e_v", min = 0)
   private Double eventValue;
 
   /**
@@ -476,25 +476,25 @@ public class MatomoRequest {
   /**
    * The subtotal of the order; excludes shipping.
    */
-  @TrackingParameter(name = "ec_st")
+  @TrackingParameter(name = "ec_st", min = 0)
   private Double ecommerceSubtotal;
 
   /**
    * Tax amount of the order.
    */
-  @TrackingParameter(name = "ec_tx")
+  @TrackingParameter(name = "ec_tx", min = 0)
   private Double ecommerceTax;
 
   /**
    * Shipping cost of the order.
    */
-  @TrackingParameter(name = "ec_sh")
+  @TrackingParameter(name = "ec_sh", min = 0)
   private Double ecommerceShippingCost;
 
   /**
    * Discount offered.
    */
-  @TrackingParameter(name = "ec_dt")
+  @TrackingParameter(name = "ec_dt", min = 0)
   private Double ecommerceDiscount;
 
   /**
diff --git a/core/src/test/java/org/matomo/java/tracking/QueryCreatorTest.java b/core/src/test/java/org/matomo/java/tracking/QueryCreatorTest.java
index 8611d106..a4e87e5b 100644
--- a/core/src/test/java/org/matomo/java/tracking/QueryCreatorTest.java
+++ b/core/src/test/java/org/matomo/java/tracking/QueryCreatorTest.java
@@ -550,4 +550,55 @@ void tracksEvent() {
     assertThat(query).isEqualTo("idsite=42&token_auth=876de1876fb2cda2816c362a61bfc712&rec=1&apiv=1&_id=112210f47de98115&e_c=Event+Category&e_a=Event+Action&e_n=Event+Name&e_v=23.456&send_image=0&rand=random-value");
   }
 
-}
+  @Test
+  void allowsZeroForEventValue() {
+    matomoRequestBuilder.eventName("Event Name")
+                        .eventValue(0.0)
+                        .eventAction("Event Action")
+                        .eventCategory("Event Category");
+
+    whenCreatesQuery();
+
+    assertThat(query)
+        .isEqualTo("idsite=42&" +
+            "token_auth=876de1876fb2cda2816c362a61bfc712&" +
+            "rec=1&" +
+            "apiv=1&" +
+            "_id=112210f47de98115&" +
+            "e_c=Event+Category&" +
+            "e_a=Event+Action&" +
+            "e_n=Event+Name&" +
+            "e_v=0.0&" +
+            "send_image=0&" +
+            "rand=random-value"
+        );
+  }
+
+  @Test
+  void allowsZeroForEcommerceValues() {
+    matomoRequestBuilder
+        .ecommerceRevenue(0.0)
+        .ecommerceSubtotal(0.0)
+        .ecommerceTax(0.0)
+        .ecommerceShippingCost(0.0)
+        .ecommerceDiscount(0.0);
+
+    whenCreatesQuery();
+
+    assertThat(query)
+        .isEqualTo("idsite=42&" +
+            "token_auth=876de1876fb2cda2816c362a61bfc712&" +
+            "rec=1&" +
+            "apiv=1&" +
+            "_id=112210f47de98115&" +
+            "revenue=0.0&" +
+            "ec_st=0.0&" +
+            "ec_tx=0.0&" +
+            "ec_sh=0.0&" +
+            "ec_dt=0.0&" +
+            "send_image=0&" +
+            "rand=random-value"
+        );
+  }
+
+}
\ No newline at end of file
diff --git a/servlet-javax/pom.xml b/servlet-javax/pom.xml
index 26c169b5..7e76f0a5 100644
--- a/servlet-javax/pom.xml
+++ b/servlet-javax/pom.xml
@@ -53,7 +53,7 @@
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-servlet</artifactId>
-            <version>11.0.0</version>
+            <version>10.0.24</version>
             <scope>test</scope>
         </dependency>
         <dependency>

From 970e2f043e49c544dc796bb0d532f55fa45f8d36 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:51:18 +0100
Subject: [PATCH 02/23] build(deps): bump
 org.apache.maven.plugins:maven-clean-plugin from 3.4.0 to 3.4.1 (#351)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index d28931b9..ee204290 100644
--- a/pom.xml
+++ b/pom.xml
@@ -127,7 +127,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-clean-plugin</artifactId>
-                    <version>3.4.0</version>
+                    <version>3.5.0</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>

From 40fe3f0e34aba0c7dae9440fb67e0d8182aebe9d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:51:30 +0100
Subject: [PATCH 03/23] build(deps): bump
 com.github.spotbugs:spotbugs-annotations from 4.9.0 to 4.9.3 (#355)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index ee204290..e481ba3d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -71,7 +71,7 @@
             <dependency>
                 <groupId>com.github.spotbugs</groupId>
                 <artifactId>spotbugs-annotations</artifactId>
-                <version>4.9.0</version>
+                <version>4.9.8</version>
                 <scope>provided</scope>
             </dependency>
             <dependency>

From fec2e5fbe9f8a880abf7fd57a61881c4a1dfaebf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:51:45 +0100
Subject: [PATCH 04/23] build(deps): bump
 com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.6 to 4.9.3.0 (#356)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index e481ba3d..3aac5f84 100644
--- a/pom.xml
+++ b/pom.xml
@@ -354,7 +354,7 @@
             <plugin>
                 <groupId>com.github.spotbugs</groupId>
                 <artifactId>spotbugs-maven-plugin</artifactId>
-                <version>4.8.6.6</version>
+                <version>4.9.8.2</version>
             </plugin>
             <plugin>
                 <groupId>org.owasp</groupId>

From bea60d5289fe5a1047c5c6c6f4a2644ebb1af851 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:51:59 +0100
Subject: [PATCH 05/23] build(deps): bump org.owasp:dependency-check-maven from
 12.0.2 to 12.1.1 (#357)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 3aac5f84..28e7248d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -359,7 +359,7 @@
             <plugin>
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
-                <version>12.0.2</version>
+                <version>12.2.0</version>
                 <configuration>
                     <failOnError>true</failOnError>
                 </configuration>

From 2143624c829f046ed32edabc3ed5d93a198c1b2f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:52:13 +0100
Subject: [PATCH 06/23] build(deps-dev): bump org.wiremock:wiremock from 3.11.0
 to 3.13.0 (#359)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 java11/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java11/pom.xml b/java11/pom.xml
index 677f0c18..fb03eedf 100644
--- a/java11/pom.xml
+++ b/java11/pom.xml
@@ -48,7 +48,7 @@
         <dependency>
             <groupId>org.wiremock</groupId>
             <artifactId>wiremock</artifactId>
-            <version>3.11.0</version>
+            <version>3.13.2</version>
             <scope>test</scope>
         </dependency>
         <dependency>

From b66ef234580703a36aa7002ee92cdd35b1b18b45 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 09:59:34 +0100
Subject: [PATCH 07/23] build(deps): bump org.assertj:assertj-core from 3.27.3
 to 3.27.7 (#363)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 28e7248d..6d23254f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -94,7 +94,7 @@
             <dependency>
                 <groupId>org.assertj</groupId>
                 <artifactId>assertj-core</artifactId>
-                <version>3.27.3</version>
+                <version>3.27.7</version>
                 <scope>test</scope>
             </dependency>
             <dependency>

From 5700bf42ee8688f8ee26a2ca2840c0064e15e1cb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Mar 2026 10:00:53 +0100
Subject: [PATCH 08/23] build(deps): bump madrapps/jacoco-report from 1.7.1 to
 1.7.2 (#360)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 607838f4..d8f4898a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -21,7 +21,7 @@ jobs:
           distribution: 'temurin'
           cache: maven
       - run: mvn -B verify
-      - uses: madrapps/jacoco-report@v1.7.1
+      - uses: madrapps/jacoco-report@v1.7.2
         with:
           paths: ${{ github.workspace }}/target/site/jacoco/jacoco.xml
           token: ${{ secrets.GITHUB_TOKEN }}

From 60cee9f757c4c2046fb8913920c7fd11e03d0fa8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:37:25 +0100
Subject: [PATCH 09/23] build(deps): bump actions/setup-java from 4 to 5 (#373)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/build.yml           | 2 +-
 .github/workflows/codeql-analysis.yml | 2 +-
 .github/workflows/release.yml         | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d8f4898a..aaad7c01 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ jobs:
       contents: read
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/setup-java@v5
         with:
           java-version: '17'
           distribution: 'temurin'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index f6ad8c52..d1cf4457 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/setup-java@v5
         with:
           java-version: '17'
           distribution: 'temurin'
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 69ce43c6..ea458515 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -6,7 +6,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/setup-java@v5
         with:
           java-version: '17'
           distribution: 'temurin'

From c0ad294136ffd45cfb850d0a98ed03e3a4bdcec5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:38:12 +0100
Subject: [PATCH 10/23] build(deps): bump
 org.apache.maven.plugins:maven-failsafe-plugin from 3.5.2 to 3.5.5 (#368)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 6d23254f..cafc547d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -202,7 +202,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-failsafe-plugin</artifactId>
-                <version>3.5.2</version>
+                <version>3.5.5</version>
                 <executions>
                     <execution>
                         <goals>

From e67ebdf681e15d7fd593300aaeb4c771663cfd7e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:38:28 +0100
Subject: [PATCH 11/23] build(deps-dev): bump
 org.apache.maven.plugins:maven-deploy-plugin from 3.1.3 to 3.1.4 (#367)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cafc547d..75c7f967 100644
--- a/pom.xml
+++ b/pom.xml
@@ -132,7 +132,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-deploy-plugin</artifactId>
-                    <version>3.1.3</version>
+                    <version>3.1.4</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>

From d25bcd97a22cb05aa924f07179bc54a84c43ee29 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:38:47 +0100
Subject: [PATCH 12/23] build(deps-dev): bump
 org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.3.1 (#364)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 75c7f967..f1ba8c43 100644
--- a/pom.xml
+++ b/pom.xml
@@ -162,7 +162,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-release-plugin</artifactId>
-                    <version>3.1.1</version>
+                    <version>3.3.1</version>
                     <configuration>
                         <autoVersionSubmodules>true</autoVersionSubmodules>
                         <useReleaseProfile>false</useReleaseProfile>

From e42028d26211b5a5159b9d2a46f44efcbb508c01 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:40:49 +0100
Subject: [PATCH 13/23] build(deps-dev): bump
 org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.15.0 (#365)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index f1ba8c43..b9bea5ff 100644
--- a/pom.xml
+++ b/pom.xml
@@ -117,7 +117,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.13.0</version>
+                    <version>3.15.0</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>

From 160228ef4c3801b084f10902062836358f516a25 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:41:09 +0100
Subject: [PATCH 14/23] build(deps-dev): bump org.jacoco:jacoco-maven-plugin
 from 0.8.12 to 0.8.14 (#366)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b9bea5ff..14a14d62 100644
--- a/pom.xml
+++ b/pom.xml
@@ -290,7 +290,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.12</version>
+                <version>0.8.14</version>
                 <executions>
                     <execution>
                         <id>prepare-agent</id>

From 0a4521f38b45ca181f83122131c597b3cb23ea37 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:41:39 +0100
Subject: [PATCH 15/23] build(deps): bump scacap/action-surefire-report from
 1.9.0 to 1.9.1 (#369)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index aaad7c01..fc160921 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -27,4 +27,4 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           min-coverage-overall: 80
           min-coverage-changed-files: 80
-      - uses: scacap/action-surefire-report@v1.9.0
\ No newline at end of file
+      - uses: scacap/action-surefire-report@v1.9.1
\ No newline at end of file

From daeaf00605d34a11856daa3d1bd95802e00c2a35 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:41:50 +0100
Subject: [PATCH 16/23] build(deps): bump actions/upload-pages-artifact from 3
 to 4 (#370)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/gh-pages.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml
index dcad339d..c9d5cbf8 100644
--- a/.github/workflows/gh-pages.yml
+++ b/.github/workflows/gh-pages.yml
@@ -20,7 +20,7 @@ jobs:
         with:
           source: ./
           destination: ./_site
-      - uses: actions/upload-pages-artifact@v3
+      - uses: actions/upload-pages-artifact@v4
   deploy:
     environment:
       name: github-pages

From 5362c0a0e350fb8c6add571b28d7d2a239668074 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:43:33 +0100
Subject: [PATCH 17/23] build(deps): bump github/codeql-action from 3 to 4
 (#371)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/codeql-analysis.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index d1cf4457..cc940fba 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -29,8 +29,8 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
           cache: maven
-      - uses: github/codeql-action/init@v3
+      - uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
-      - uses: github/codeql-action/autobuild@v3
-      - uses: github/codeql-action/analyze@v3
+      - uses: github/codeql-action/autobuild@v4
+      - uses: github/codeql-action/analyze@v4

From 3064425ab9115264a18768bc00616ec838227174 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Mar 2026 09:43:44 +0100
Subject: [PATCH 18/23] build(deps): bump actions/checkout from 4 to 6 (#372)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/build.yml           | 2 +-
 .github/workflows/codeql-analysis.yml | 2 +-
 .github/workflows/gh-pages.yml        | 2 +-
 .github/workflows/release.yml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index fc160921..1711ae4b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -14,7 +14,7 @@ jobs:
       checks: write
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/setup-java@v5
         with:
           java-version: '17'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index cc940fba..c00ed329 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -23,7 +23,7 @@ jobs:
         language: [ 'java' ]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/setup-java@v5
         with:
           java-version: '17'
diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml
index c9d5cbf8..ace69696 100644
--- a/.github/workflows/gh-pages.yml
+++ b/.github/workflows/gh-pages.yml
@@ -14,7 +14,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/configure-pages@v5
       - uses: actions/jekyll-build-pages@v1
         with:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ea458515..1697b03b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,7 +5,7 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/setup-java@v5
         with:
           java-version: '17'

From 2640b7464560fbebe0567aa263e08d5864aae9b8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 17 Mar 2026 10:17:43 +0100
Subject: [PATCH 19/23] build(deps): bump release-drafter/release-drafter from
 6 to 7 (#379)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1697b03b..3ab20fb0 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -28,7 +28,7 @@ jobs:
           OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
           GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-      - uses: release-drafter/release-drafter@v6
+      - uses: release-drafter/release-drafter@v7
         with:
           version: ${{ steps.version.outputs.version }}
           publish: true

From 16b153779ffe3ead1ce8d8a3b8bd80a055d4429a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 17 Mar 2026 10:17:58 +0100
Subject: [PATCH 20/23] build(deps): bump
 org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 (#378)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 14a14d62..570fdffc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -174,7 +174,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-gpg-plugin</artifactId>
-                    <version>3.2.7</version>
+                    <version>3.2.8</version>
                     <executions>
                         <execution>
                             <id>sign-artifacts</id>

From 12dbcb9fcc28134acfdcd42e08a085a68f8087e5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 17 Mar 2026 10:18:08 +0100
Subject: [PATCH 21/23] build(deps-dev): bump
 org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.5 (#376)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 570fdffc..bb102d9b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -157,7 +157,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-surefire-plugin</artifactId>
-                    <version>3.5.2</version>
+                    <version>3.5.5</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>

From 433ed938fd8c5bb286f4035d3e8db9ce4fd6aeaf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 17 Mar 2026 10:18:26 +0100
Subject: [PATCH 22/23] build(deps): bump slf4j.version from 2.0.16 to 2.0.17
 (#377)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index bb102d9b..79fd170e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -63,7 +63,7 @@
         <maven.compiler.target>1.8</maven.compiler.target>
         <delombok.output>${project.build.outputDirectory}/delombok</delombok.output>
         <lombok.version>1.18.36</lombok.version>
-        <slf4j.version>2.0.16</slf4j.version>
+        <slf4j.version>2.0.17</slf4j.version>
     </properties>
 
     <dependencyManagement>

From 267b9cffbb0e62e79306bbd4e5af462f7a5f4608 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 17 Mar 2026 10:18:40 +0100
Subject: [PATCH 23/23] build(deps-dev): bump
 org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.5.0 (#375)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 79fd170e..f4c62914 100644
--- a/pom.xml
+++ b/pom.xml
@@ -147,7 +147,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-resources-plugin</artifactId>
-                    <version>3.3.1</version>
+                    <version>3.5.0</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>