dependabot[bot] opened a new pull request, #21: URL: https://github.com/apache/maven-apache-resources/pull/21
Bumps [junit:junit](https://github.com/junit-team/junit4) from 4.5 to 4.13.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/junit-team/junit4/releases";>junit:junit's releases</a>.</em></p> <blockquote> <h2>JUnit 4.13.2</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md";>release notes</a> for details.</p> <h2>JUnit 4.13.1</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md";>release notes</a> for details.</p> <h2>JUnit 4.13</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md";>release notes</a> for details.</p> <h2>JUnit 4.13 RC 2</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit4/wiki/4.13-Release-Notes";>release notes</a> for details.</p> <h2>JUnit 4.13 RC 1</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit4/wiki/4.13-Release-Notes";>release notes</a> for details.</p> <h2>JUnit 4.13 Beta 3</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit4/wiki/4.13-Release-Notes";>release notes</a> for details.</p> <h2>JUnit 4.13 Beta 2</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit4/wiki/4.13-Release-Notes";>release notes</a> for details.</p> <h2>JUnit 4.13 Beta 1</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit4/wiki/4.13-Release-Notes";>release notes</a> for details.</p> <h2>JUnit 4.12</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md";>release notes</a> for details.</p> <h2>JUnit 4.12 Beta 3</h2> <p>Please refer to the <a href="https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md";>release notes</a> for details.</p> <h2>JUnit 4.12 Beta 2</h2> <p>No release notes provided.</p> <h2>JUnit 4.12 Beta 1</h2> <p>No release notes provided.</p> <h2>JUnit 4.11</h2> <p>No release notes provided.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md";>junit:junit's changelog</a>.</em></p> <blockquote> <h2>Summary of changes in version 4.13.2</h2> <h1>Rules</h1> <h3>[Pull request <a href="https://redirect.github.com/junit-team/junit4/issues/1687";>#1687</a>:](<a href="https://redirect.github.com/junit-team/junit/pull/1687";>junit-team/junit#1687</a>) Mark ThreadGroups created by FailOnTimeout as daemon groups</h3> <p>In JUnit 4.13 ([pull request <a href="https://redirect.github.com/junit-team/junit4/issues/1517";>#1517</a>](<a href="https://redirect.github.com/junit-team/junit4/pull/1517";>junit-team/junit4#1517</a>)) an attempt was made to fix leakage of the <code>ThreadGroup</code> instances created when a test is run with a timeout. That change explicitly destroyed the <code>ThreadGroup</code> that was created for the time-limited test. Numerous people reported problems that were caused by explicitly destroying the <code>ThreadGroup</code>.</p> <p>In this change, the code was updated to call <code>ThreadGroup.setDaemon(true)</code> instead of destroying the ThreadGroup.</p> <h3><a href="https://redirect.github.com/junit-team/junit/pull/1691";>Pull request $1691:</a> Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.</h3> <p>In JUnit 4.12 ([pull request <a href="https://redirect.github.com/junit-team/junit4/issues/742";>#742</a>](<a href="https://redirect.github.com/junit-team/junit4/pull/742";>junit-team/junit4#742</a>)) the <code>Timeout</code> Rule was updated to optionally display the stacktrace of the thread that appears to be stuck (enabled on an opt-in basis by passing <code>true</code> to <code>Timeout.Builder.lookForStuckThread(boolean)</code>). When that change was made, time-limited tests were changed to start the new thread in a new <code>ThreadGroup</code>, even if the test did not call <code>lookForStuckThread()</code>. This subtle change in behavior resulted in visible behavior changes to some tests (for example, tests of code that uses <code>java.beans.ThreadGroupContext</code>).</p> <p>In this change, the code is updated to only create a new <code>ThreadGroup</code> if the caller calls <code>Timeout.Builder.lookForStuckThread(true)</code>. Tests with timeouts that do not make this call will behave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This unfortunately could result in visible changes of tests written or updated since the 4.12 release. If this change adversely affects your tests, you can create the <code>Timeout</code> rule via the builder and call <code>Timeout.Builder.lookForStuckThread(true)</code>.</p> <h1>Exceptions</h1> <h3>[Pull request <a href="https://redirect.github.com/junit-team/junit4/issues/1654";>#1654</a>:](<a href="https://redirect.github.com/junit-team/junit/pull/1654";>junit-team/junit#1654</a>) Fix for issue <a href="https://redirect.github.com/junit-team/junit4/issues/1192";>#1192</a>: NotSerializableException with AssumptionViolatedException</h3> <p>This change fixes an issue where <code>AssumptionViolatedException</code> instances could not be serialized if they were created with a constructor that takes in an <code>org.hamcrest.Matcher</code> instance (these constructors are used if you use one of the <code>assumeThat()</code> methods in <code>org.junit.Assume</code>).</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/junit-team/junit4/commits/r4.13.2";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
