Bump the maven group across 1 directory with 7 updates

[dependabot]

Bumps the maven group with 7 updates in the / directory:

Package	From	To
com.puppycrawl.tools:checkstyle	6.19	8.29
commons-net:commons-net	3.6	3.9.0
org.apache.commons:commons-compress	1.16.1	1.26.0
org.apache.hadoop:hadoop-common	2.6.0	3.4.0
junit:junit	4.12	4.13.1
org.apache.sshd:sshd-core	0.8.0	2.14.0
org.apache.mina:mina-core	2.0.7	2.0.27

Updates com.puppycrawl.tools:checkstyle from 6.19 to 8.29

Release notes

Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-8.29

https://checkstyle.org/releasenotes.html#Release_8.29

checkstyle-8.28

https://checkstyle.org/releasenotes.html#Release_8.28

checkstyle-8.27

https://checkstyle.org/releasenotes.html#Release_8.27

checkstyle-8.26

https://checkstyle.org/releasenotes.html#Release_8.26

checkstyle-8.25

https://checkstyle.org/releasenotes.html#Release_8.25

checkstyle-8.24

https://checkstyle.org/releasenotes.html#Release_8.24

checkstyle-8.23

https://checkstyle.org/releasenotes.html#Release_8.23

checkstyle-8.22

https://checkstyle.org/releasenotes.html#Release_8.22

checkstyle-8.21

https://checkstyle.org/releasenotes.html#Release_8.21

checkstyle-8.20

https://checkstyle.org/releasenotes.html#Release_8.20

checkstyle-8.19

https://checkstyle.org/releasenotes.html#Release_8.19

checkstyle-8.18

https://checkstyle.org/releasenotes.html#Release_8.18

checkstyle-8.17

https://checkstyle.org/releasenotes.html#Release_8.17

checkstyle-8.16

https://checkstyle.org/releasenotes.html#Release_8.16

checkstyle-8.15

https://checkstyle.org/releasenotes.html#Release_8.15

checkstyle-8.14

http://checkstyle.sourceforge.net/releasenotes.html#Release_8.14

checkstyle-8.13

http://checkstyle.sourceforge.net/releasenotes.html#Release_8.13

... (truncated)

Commits

• 8933d03 [maven-release-plugin] prepare release checkstyle-8.29
• bd45909 Issue #7487: refactor code to use DetailAST.hasChildren()
• 317e51f Issue #7487: add method hasChildren() to DetailAST
• 89b4dcd Issue #3238: Java 8 Grammar: annotations on arrays and varargs
• 252cd89 dependency: bump junit-pioneer from 0.5.1 to 0.5.2
• 2ee2615 dependency: bump junit.version from 5.5.2 to 5.6.0
• 4ed7cb8 minor: add space before xml comment end '-->' to ease reading and make links ...
• c46a16d Issue #7468: disable 'external-parameter-entities' feature by default
• dfed794 minor: add missing test case to SuperCloneCheckTest
• 24e7bdf dependency: bump antlr4.version from 4.7.2 to 4.8-1
• Additional commits viewable in compare view

Updates commons-net:commons-net from 3.6 to 3.9.0

Updates org.apache.commons:commons-compress from 1.16.1 to 1.26.0

Updates org.apache.hadoop:hadoop-common from 2.6.0 to 3.4.0

Updates junit:junit from 4.12 to 4.13.1

Release notes

Sourced from junit:junit's releases.

JUnit 4.13.1

Please refer to the release notes for details.

JUnit 4.13

Please refer to the release notes for details.

JUnit 4.13 RC 2

Please refer to the release notes for details.

JUnit 4.13 RC 1

Please refer to the release notes for details.

JUnit 4.13 Beta 3

Please refer to the release notes for details.

JUnit 4.13 Beta 2

Please refer to the release notes for details.

JUnit 4.13 Beta 1

Please refer to the release notes for details.

Commits

• 1b683f4 [maven-release-plugin] prepare release r4.13.1
• ce6ce3a Draft 4.13.1 release notes
• c29dd82 Change version to 4.13.1-SNAPSHOT
• 1d17486 Add a link to assertThrows in exception testing
• 543905d Use separate line for annotation in Javadoc
• 510e906 Add sub headlines to class Javadoc
• 610155b Merge pull request from GHSA-269g-pwp5-87pp
• b6cfd1e Explicitly wrap float parameter for consistency (#1671)
• a5d205c Fix GitHub link in FAQ (#1672)
• 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
• Additional commits viewable in compare view

Updates org.apache.sshd:sshd-core from 0.8.0 to 2.14.0

Release notes

Sourced from org.apache.sshd:sshd-core's releases.

SSHD 2.14.0

Full Changelog: apache/mina-sshd@sshd-2.13.2...sshd-2.14.0

Bug Fixes

• GH-524 Performance improvements
• GH-533 Fix multi-step authentication
• GH-582 Fix filtering in NamedFactory
• GH-587 Prevent NullPointerExceptionon closed channel in NettyIoSession
• GH-590 Better support for FIPS
• GH-597 Pass on Charset in ClientSession.executeRemoteCommand()

New Features

• New utility methods SftpClient.put(Path localFile, String remoteFileName) and SftpClient.put(InputStream in, String remoteFileName) facilitate SFTP file uploading.

GH-590 Better support for FIPS

Besides fixing a bug with bc-fips (the RandomGenerator class exists in normal Bouncy Castle, but not in the FIPS version, but Apache MINA sshd referenced it even if only bc-fips was present), support was improved for running in an environment restricted by FIPS.

There is a new system property org.apache.sshd.security.fipsEnabled. If set to true, a number of crypto-algorithms not approved by FIPS 140 are disabled:

• key exchange methods sntrup761x25519-sha512, sntrup761x25519-sha512@​openssh.com, curve25519-sha256, curve25519-sha256@​libssh.org, curve448-sha512.
• the chacha20-poly1305 cipher.
• the bcrypt KDF used in encrypted private key files in OpenSSH format.
• all ed25519 keys and signatures.

Additionally, the new "SunJCEWrapper" SecurityProviderRegistrar (see below) and the EdDSASecurityProviderRegistrar are disabled, and the BouncyCastleScurityProviderRegistrar looks only for the "BCFIPS" security provider, not for the normal "BC" provider.

If the system property is not set to true, FIPS mode can be enabled programmatically by calling SecurityUtils.setFipsMode() before any other call to Apache MINA sshd.

Potential compatibility issues

New security provider registrar

There is a new SecurityProviderRegistrar that is registered by default if there is a SunJCE security provider. It uses the AES and HmacSHA* implementations from SunJCE even if Bouncy Castle is also registered. SunJCE has native implementations, whereas Bouncy Castle may not.

The new registrar has the name "SunJCEWrapper" and can be configured like any other registrar. It can be disabled via the system property org.apache.sshd.security.provider.SunJCEWrapper.enabled=false. It is also

... (truncated)

Changelog

Sourced from org.apache.sshd:sshd-core's changelog.

Version 2.13.2 to 2.14.0

Planned for next version

Bug Fixes

• GH-618 Fix reading an OpenSshCertificate from a Buffer
• GH-626 Enable Streaming.Async for ChannelDirectTcpip
• GH-628 SFTP: fix reading directories with trailing blanks in the name
• GH-636 Fix handling of unsupported key types in known_hosts file

New Features

• GH-606 Support ML-KEM PQC hybrid key exchanges

Potential compatibility issues

Major Code Re-factoring

Commits

• 1cc0c0c [maven-release-plugin] prepare release sshd-2.14.0
• 566445f Fix sshd-benchmark pom for release
• 633f0a3 Remove unneeded managed dependency (#610)
• 1fa773c Bump grpc.version from 1.65.1 to 1.66.0
• 8fc559f Bump pmd.version from 7.4.0 to 7.5.0
• 90872df Use a global SecureRandom instance
• 2fff9b4 Remove logback-test.xml from sshd-common test jar (fix #595)
• 01289ce RunBenchmarks: fix command line options
• a1a2d8f Bump com.github.mwiede:jsch from 0.2.18 to 0.2.19
• 684b204 Bump spring.version from 5.3.37 to 5.3.39
• Additional commits viewable in compare view

Updates org.apache.mina:mina-core from 2.0.7 to 2.0.27

Commits

• 1caf6f6 [maven-release-plugin] prepare release 2.0.27
• 39608dd Fixed some links; Reverted to maven source plugin 3.2.1;
• dfbd915 Added a info in the files' header indicating that those classes are from comm...
• 508de9d added the missing cyclonedx plugin to generate the SBOM
• 8343963 Addded some controls on classes that can be deserialized; Bumped up some plug...
• e1eaa67 Bumped up the spring dependency to a more recent version
• ee40760 Bumped up plugins versions
• 75121d6 Added some javadoc clarification on the IoSession#read() method
• 3b0dd75 Applied fix for DIRMINA-777
• 6e51c56 Fixed some maven site issues
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.