Bumps the gradle-dependencies group with 5 updates in the / directory:

Updates commons-io:commons-io from 2.21.0 to 2.22.0

Updates org.junit.jupiter:junit-jupiter from 5.14.3 to 5.14.4

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.14.4 = Platform 1.14.4 + Jupiter 5.14.4 + Vintage 5.14.4

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.3...r5.14.4

• 096fd69 Release 5.14.4
• 11fd02b Remove JDK 24 (EOL)
• 5b7f023 Fix integration tests on JDK 27
• 18f842a Test against JDK 26 (GA) and JDK 27 (EA)
• a5bf336 Polish 5.14.4 release notes
• 7667c14 Fix race condition in NodeTestTask (#5427)
• ac01f2d Include full display name in legacy XML reports (#5524)
• fbd4a8e Include class template invocation index in legacy reporting names
• 7d6f0c0 Only check PDF for GA releases
• 14f534d Test 5.14.x against JDK 25 ga (#5623)
• Additional commits viewable in compare view

Updates com.networknt:json-schema-validator from 1.5.9 to 2.0.1

Sourced from com.networknt:json-schema-validator's releases.

2.0.1- 2025-12-11

Added

Changed

• Skip processing of properties keyword if not an object (#1217) Thanks @​justin-tay
• Allow for default dialect id not to be specified and throw an exception (#1212) Thanks @​justin-tay
• Fix multipleOf error message for fractional digits greater than 3 (#1210) Thanks @​justin-tay

2.0.0- 2025-10-25

Added

Changed

• Fix ref with sibling id from 2019-09 (#1203) Thanks @​justin-tay
• Refactor walk and update docs (#1202) Thanks @​justin-tay
• Fix matching of $ when there are trailing newlines (#1201) Thanks @​justin-tay
• Refactor evaluation context out from validator state (#1199) Thanks @​justin-tay
• Main refactor for 2.x (#1198) Thanks @​justin-tay
• Refactor set to list in execution context (#1197) Thanks @​justin-tay
• Refactor and remove validation message handler (#1196) Thanks @​justin-tay
• Add benchmark for performance regression testing (#1195) Thanks @​justin-tay

Sourced from com.networknt:json-schema-validator's changelog.

Change Log

All notable changes to this project will be documented in this file.

This format is based on Keep a Changelog.

This project does not adhere to Semantic Versioning and minor version changes can have incompatible API changes. These incompatible API changes will largely affect those who have custom validator or walker implementations. Those who just use the library to validate using the standard JSON Schema Draft specifications may not need changes.

[Unreleased]

Added

Changed

Changed

3.0.2- 2026-04-14

Added

Changed

• Upgrade Jackson from 3.1.0 to 3.1.1 to fix CWE-770 (#1236) Thanks @​cjun-coveo
• Support handling of non-finite numbers if present (#1241) Thanks @​justin-tay

3.0.1- 2026-03-10

Added

Changed

• Upgrade Jackson from 3.0.3 to 3.1.0 to fix CVE-2026-29062 (#1236) Thanks @​AhsanSheraz
• Fix minimum maximum validators with type array (#1227) Thanks @​justin-tay
• Add method to SpecificationVersion to determine from schema node (#1221) Thanks @​justin-tay
• update contributor list in README.md

3.0.0- 2025-12-13

Added

Changed

• Upgrade to Jackson 3 and JDK 17 (#1219) Thanks @​justin-tay

2.0.1- 2025-12-11

Added

Changed

... (truncated)

• ad0f41b Merge branch 'master' of github.com:networknt/json-schema-validator
• 54d1b71 upgrade to 2.0.1 and update changelog
• b044361 Skip processing of properties keyword if not an object (#1217)
• cbc4caa Allow for default dialect id not to be specified and throw an exception (#1212)
• 3f419f4 Fix multipleOf error message for fractional digits greater than 3 (#1210)
• 0dde00c upgrade to 2.0.0 and update changelog
• b4abbc2 Fix ref with sibling id from 2019-09 (#1203)
• 7bebfeb Refactor walk and update docs (#1202)
• 4dbdc9f Fix matching of $ when there are trailing newlines (#1201)
• 9527f4a Refactor evaluation context out from validator state (#1199)
• Additional commits viewable in compare view

Updates com.google.code.gson:gson from 2.13.2 to 2.14.0

Sourced from com.google.code.gson:gson's releases.

Gson 2.14.0

What's Changed

• Add type adapters for java.time classes by @​eamonnmcmanus in google/gson#2948

  When the java.time API is available, Gson automatically can read and write instances of classes like Instant and Duration. The format it uses essentially freezes the JSON representation that ReflectiveTypeAdapterFactory established by default, based on the private fields of java.time classes. That's not a great representation, but it is understandable. Changing it to anything else would break compatibility with systems that are expecting the current format.

  With this change, Gson no longer tries to access private fields of these classes using reflection. So it is no longer necessary to run with --add-opens for these classes on recent JDKs.

• Remove com.google.gson.graph by @​eamonnmcmanus in google/gson#2990.

  This package was not part of any released artifact and depended on Gson internals in potentially problematic ways.

• Validate that strings being parsed as integers consist of ASCII characters by @​eamonnmcmanus in google/gson#2995

  Previously, strings could contain non-ASCII Unicode digits and still be parsed as integers. That's inconsistent with how JSON numbers are treated.

• Fix duplicate key detection when first value is null by @​andrewstellman in google/gson#3006

  This could potentially break code that was relying on the incorrect behaviour. For example, this JSON string was previously accepted but will no longer be: {"foo": null, "foo": bar}.

• Remove Serializable from internal Type implementation classes. by @​eamonnmcmanus in google/gson#3011

  The nested classes ParameterizedTypeImpl, GenericArrayTypeImpl, and WildcardTypeImpl in GsonTypes are implementations of the corresponding types (without Impl) in java.lang.reflect. For some reason, they were serializable, even though the java.lang.reflect implementations are not. Having unnecessarily serializable classes could conceivably have been a security problem if they were part of a larger exploit using serialization. (We do not consider this a likely scenario and do not suggest that you need to update Gson just to get this change.)

• Add LegacyProtoTypeAdapterFactory. by @​eamonnmcmanus in google/gson#3014

  This is not part of any released artifact, but may be of use when trying to fix code that is currently accessing the internals of protobuf classes via reflection.

• Make AppendableWriter do flush and close if delegation object supports by @​MukjepScarlet in google/gson#2925

Other less visible changes

• Add default capacity to EnumTypeAdapter maps by @​MukjepScarlet in google/gson#2959
• refactor: move derived adapters from Gson to TypeAdapters by @​MukjepScarlet in google/gson#2951
• Optimize new Gson() by @​MukjepScarlet in google/gson#2864

New Contributors

• @​ThirdGoddess made their first contribution in google/gson#2944
• @​lmj798 made their first contribution in google/gson#2988
• @​Eng-YasminKotb made their first contribution in google/gson#3005
• @​andrewstellman made their first contribution in google/gson#3006

Full Changelog: google/gson@gson-parent-2.13.2...gson-parent-2.14.0

• 3ff35d6 [maven-release-plugin] prepare release gson-parent-2.14.0
• a3024fd Bump the maven group with 13 updates (#3002)
• 5689ffe Bump the github-actions group across 1 directory with 3 updates (#3018)
• 48db33c Add LegacyProtoTypeAdapterFactory. (#3014)
• 53d703e Update outdated comment regarding serializable types (#3012)
• 0189b72 Remove Serializable from internal Type implementation classes. (#3011)
• f4d371d Fix duplicate key detection when first value is null (#3006)
• 27d9ba1 Fix typo in README (JPMS dependencies section) (#3005)
• 1fa9b7a Validate that strings being parsed as integers consist of ASCII characters (#...
• b7d5954 Add iterator fail-fast tests for LinkedTreeMap.clear() (#2992)
• Additional commits viewable in compare view

Updates com.gradle.plugin-publish from 2.1.0 to 2.1.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions