chore: Configure Renovate

[svc-secops]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 Renovate will begin keeping your dependencies up-to-date only once you merge or close this Pull Request.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to .github/renovate.json5 in this branch. Renovate will update the Pull Request description the next time it runs.

---

Detected Package Files

• .github/workflows/build.yml (github-actions)
• .github/workflows/deploy-javadoc.yml (github-actions)
• .github/workflows/deploy-snapshots.yml (github-actions)
• .github/workflows/release-drafter.yml (github-actions)
• .github/workflows/release.yml (github-actions)
• .github/workflows/scorecard.yml (github-actions)
• pom.xml (maven)
• .mvn/wrapper/maven-wrapper.properties (maven-wrapper)
• mvnw (maven-wrapper)
• mvnw.cmd (maven-wrapper)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Apply Apollo's centralized, default Renovate configuration
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title
• Show all Merge Confidence badges for pull requests.
• Pin dependency versions for development dependencies and retain SemVer ranges for others.

---

What to Expect

With your current configuration, Renovate will create 51 Pull Requests:

fix(deps): update dependency org.bouncycastle:bcprov-jdk18on to v1.84 [security]

• Branch name: renovate/bcprov-jdk18on.version
• Merge into: main
• Upgrade org.bouncycastle:bcprov-jdk18on to 1.84

chore(deps): update dependency maven to v3.9.16

• Schedule: ["at any time"]
• Branch name: renovate/maven-3.x
• Merge into: main
• Upgrade maven to 3.9.16

chore(deps): update dependency maven-wrapper to v3.3.4

• Schedule: ["at any time"]
• Branch name: renovate/maven-wrapper-3.x
• Merge into: main
• Upgrade maven-wrapper to 3.3.4

chore(deps): update dependency org.apache.maven.plugins:maven-failsafe-plugin to v3.5.6

• Schedule: ["at any time"]
• Branch name: renovate/maven-failsafe-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-failsafe-plugin to 3.5.6

chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.2.8

• Schedule: ["at any time"]
• Branch name: renovate/maven-gpg-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-gpg-plugin to 3.2.8

chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.5.6

• Schedule: ["at any time"]
• Branch name: renovate/maven-surefire-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-surefire-plugin to 3.5.6

chore(deps): update dependency org.jacoco:jacoco-maven-plugin to v0.8.15

• Schedule: ["at any time"]
• Branch name: renovate/jacoco-maven-plugin.version
• Merge into: main
• Upgrade org.jacoco:jacoco-maven-plugin to 0.8.15

chore(deps): update dependency org.spdx:spdx-maven-plugin to v1.0.3

• Schedule: ["at any time"]
• Branch name: renovate/spdx-maven-plugin.version
• Merge into: main
• Upgrade org.spdx:spdx-maven-plugin to 1.0.3

chore(deps): update ossf/scorecard-action action to v2.4.3

• Schedule: ["at any time"]
• Branch name: renovate/ossf-scorecard-action-2.x
• Merge into: main
• Upgrade ossf/scorecard-action to 4eaacf0543bb3f2c246792bd56e8cdeffafb205a

fix(deps): update dependency ch.qos.logback:logback-classic to v1.5.34

• Schedule: ["at any time"]
• Branch name: renovate/logback-monorepo
• Merge into: main
• Upgrade ch.qos.logback:logback-classic to 1.5.34

fix(deps): update dependency com.github.luben:zstd-jni to v1.5.7-10

• Schedule: ["at any time"]
• Branch name: renovate/zstd-jni.version
• Merge into: main
• Upgrade com.github.luben:zstd-jni to 1.5.7-10

fix(deps): update dependency io.github.classgraph:classgraph to v4.8.184

• Schedule: ["at any time"]
• Branch name: renovate/classgraph.version
• Merge into: main
• Upgrade io.github.classgraph:classgraph to 4.8.184

fix(deps): update dependency org.slf4j:slf4j-api to v2.0.18

• Schedule: ["at any time"]
• Branch name: renovate/slf4j-monorepo
• Merge into: main
• Upgrade org.slf4j:slf4j-api to 2.0.18

fix(deps): update dependency org.wiremock:wiremock-standalone to v3.13.2

• Schedule: ["at any time"]
• Branch name: renovate/wiremock.version
• Merge into: main
• Upgrade org.wiremock:wiremock-standalone to 3.13.2

fix(deps): update testcontainers-java monorepo to v1.21.4

• Schedule: ["at any time"]
• Branch name: renovate/testcontainers-java-monorepo
• Merge into: main
• Upgrade org.testcontainers:testcontainers to 1.21.4
• Upgrade org.testcontainers:junit-jupiter to 1.21.4

chore(deps): update actions/checkout action to v4.3.1

• Schedule: ["at any time"]
• Branch name: renovate/actions-checkout-4.x
• Merge into: main
• Upgrade actions/checkout to 34e114876b0b11c390a56381ad16ebd13914f8d5

chore(deps): update actions/setup-java action to v4.8.0

• Schedule: ["at any time"]
• Branch name: renovate/actions-setup-java-4.x
• Merge into: main
• Upgrade actions/setup-java to c1e323688fd81a25caa38c78aa6df2d33d3e20d9

chore(deps): update codecov/codecov-action action to v5.5.5

• Schedule: ["at any time"]
• Branch name: renovate/codecov-codecov-action-5.x
• Merge into: main
• Upgrade codecov/codecov-action to 0fb7174895f61a3b6b78fc075e0cd60383518dac

chore(deps): update dependency com.diffplug.spotless:spotless-maven-plugin to v2.46.1

• Schedule: ["at any time"]
• Branch name: renovate/spotless-maven-plugin.version
• Merge into: main
• Upgrade com.diffplug.spotless:spotless-maven-plugin to 2.46.1

chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.15.0

• Schedule: ["at any time"]
• Branch name: renovate/maven-compiler-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-compiler-plugin to 3.15.0

chore(deps): update dependency org.apache.maven.plugins:maven-enforcer-plugin to v3.6.3

• Schedule: ["at any time"]
• Branch name: renovate/maven-enforcer-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-enforcer-plugin to 3.6.3

chore(deps): update dependency org.apache.maven.plugins:maven-jar-plugin to v3.5.0

• Schedule: ["at any time"]
• Branch name: renovate/maven-jar-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-jar-plugin to 3.5.0

chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.12.0

• Schedule: ["at any time"]
• Branch name: renovate/maven-javadoc-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-javadoc-plugin to 3.12.0

chore(deps): update dependency org.apache.maven.plugins:maven-release-plugin to v3.3.1

• Schedule: ["at any time"]
• Branch name: renovate/maven-release-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-release-plugin to 3.3.1

chore(deps): update dependency org.apache.maven.plugins:maven-resources-plugin to v3.5.0

• Schedule: ["at any time"]
• Branch name: renovate/maven-resources-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-resources-plugin to 3.5.0

chore(deps): update dependency org.apache.maven.plugins:maven-source-plugin to v3.4.0

• Schedule: ["at any time"]
• Branch name: renovate/maven-source-plugin.version
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-source-plugin to 3.4.0

chore(deps): update dependency org.codehaus.mojo:license-maven-plugin to v2.7.1

• Schedule: ["at any time"]
• Branch name: renovate/maven-license-plugin.version
• Merge into: main
• Upgrade org.codehaus.mojo:license-maven-plugin to 2.7.1

chore(deps): update dependency org.sonatype.central:central-publishing-maven-plugin to v0.10.0

• Schedule: ["at any time"]
• Branch name: renovate/central-publishing-maven-plugin.version
• Merge into: main
• Upgrade org.sonatype.central:central-publishing-maven-plugin to 0.10.0

chore(deps): update dependency python to 3.14

• Schedule: ["at any time"]
• Branch name: renovate/python-3.x
• Merge into: main
• Upgrade python to 3.14

chore(deps): update github/codeql-action action to v3.36.2

• Schedule: ["at any time"]
• Branch name: renovate/github-codeql-action-3.x
• Merge into: main
• Upgrade github/codeql-action to dd903d2e4f5405488e5ef1422510ee31c8b32357

chore(deps): update release-drafter/release-drafter action to v6.4.0

• Schedule: ["at any time"]
• Branch name: renovate/release-drafter-release-drafter-6.x
• Merge into: main
• Upgrade release-drafter/release-drafter to 6a93d829887aa2e0748befe2e808c66c0ec6e4c7

chore(deps): update s4u/setup-maven-action action to v1.20.0

• Schedule: ["at any time"]
• Branch name: renovate/s4u-setup-maven-action-1.x
• Merge into: main
• Upgrade s4u/setup-maven-action to ba34de01b7f4ba2ab8e2860df8993a29f4477056

chore(deps): update webfactory/ssh-agent action to v0.10.0

• Schedule: ["at any time"]
• Branch name: renovate/webfactory-ssh-agent-0.x
• Merge into: main
• Upgrade webfactory/ssh-agent to e83874834305fe9a4a2997156cb26c5de65a8555

fix(deps): update dependency com.google.code.gson:gson to v2.14.0

• Schedule: ["at any time"]
• Branch name: renovate/gson.version
• Merge into: main
• Upgrade com.google.code.gson:gson to 2.14.0

fix(deps): update dependency org.apache.commons:commons-compress to v1.28.0

• Schedule: ["at any time"]
• Branch name: renovate/apache.common-compress.version
• Merge into: main
• Upgrade org.apache.commons:commons-compress to 1.28.0

fix(deps): update junit-framework monorepo to v5.14.4

• Schedule: ["at any time"]
• Branch name: renovate/junit-framework-monorepo
• Merge into: main
• Upgrade org.junit.jupiter:junit-jupiter-engine to 5.14.4
• Upgrade org.junit.jupiter:junit-jupiter-api to 5.14.4

fix(deps): update mockito monorepo to v5.23.0

• Schedule: ["at any time"]
• Branch name: renovate/mockito-monorepo
• Merge into: main
• Upgrade org.mockito:mockito-junit-jupiter to 5.23.0
• Upgrade org.mockito:mockito-core to 5.23.0

chore(deps): update actions/checkout action to v6

• Schedule: ["at any time"]
• Branch name: renovate/actions-checkout-6.x
• Merge into: main
• Upgrade actions/checkout to df4cb1c069e1874edd31b4311f1884172cec0e10

chore(deps): update actions/deploy-pages action to v5

• Schedule: ["at any time"]
• Branch name: renovate/actions-deploy-pages-5.x
• Merge into: main
• Upgrade actions/deploy-pages to cd2ce8fcbc39b97be8ca5fce6e763baed58fa128

chore(deps): update actions/setup-java action to v5

• Schedule: ["at any time"]
• Branch name: renovate/actions-setup-java-5.x
• Merge into: main
• Upgrade actions/setup-java to be666c2fcd27ec809703dec50e508c2fdc7f6654

chore(deps): update actions/setup-python action to v6

• Schedule: ["at any time"]
• Branch name: renovate/actions-setup-python-6.x
• Merge into: main
• Upgrade actions/setup-python to a309ff8b426b58ec0e2a45f0f869d46889d02405

chore(deps): update actions/upload-artifact action to v7

• Schedule: ["at any time"]
• Branch name: renovate/major-github-artifact-actions
• Merge into: main
• Upgrade actions/upload-artifact to 043fb46d1a93c77aae656e7c1c64a875d1fc6a0a

chore(deps): update actions/upload-pages-artifact action to v5

• Schedule: ["at any time"]
• Branch name: renovate/actions-upload-pages-artifact-5.x
• Merge into: main
• Upgrade actions/upload-pages-artifact to fc324d3547104276b827a68afc52ff2a11cc49c9

chore(deps): update codecov/codecov-action action to v7

• Schedule: ["at any time"]
• Branch name: renovate/codecov-codecov-action-7.x
• Merge into: main
• Upgrade codecov/codecov-action to fb8b3582c8e4def4969c97caa2f19720cb33a72f

chore(deps): update crazy-max/ghaction-import-gpg action to v7

• Schedule: ["at any time"]
• Branch name: renovate/crazy-max-ghaction-import-gpg-7.x
• Merge into: main
• Upgrade crazy-max/ghaction-import-gpg to 2dc316deee8e90f13e1a351ab510b4d5bc0c82cd

chore(deps): update dependency com.diffplug.spotless:spotless-maven-plugin to v3

• Schedule: ["at any time"]
• Branch name: renovate/major-spotless-maven-plugin.version
• Merge into: main
• Upgrade com.diffplug.spotless:spotless-maven-plugin to 3.6.0

chore(deps): update dependency dev.sigstore:sigstore-maven-plugin to v2

• Schedule: ["at any time"]
• Branch name: renovate/major-sigstore-maven-plugin.version
• Merge into: main
• Upgrade dev.sigstore:sigstore-maven-plugin to 2.1.0

chore(deps): update github/codeql-action action to v4

• Schedule: ["at any time"]
• Branch name: renovate/github-codeql-action-4.x
• Merge into: main
• Upgrade github/codeql-action to 8aad20d150bbac5944a9f9d289da16a4b0d87c1e

chore(deps): update release-drafter/release-drafter action to v7

• Schedule: ["at any time"]
• Branch name: renovate/release-drafter-release-drafter-7.x
• Merge into: main
• Upgrade release-drafter/release-drafter to 693d20e7c1ce1a81d3a41962f85914253b518449

fix(deps): update dependency org.testcontainers:testcontainers to v2

• Schedule: ["at any time"]
• Branch name: renovate/major-testcontainers-java-monorepo
• Merge into: main
• Upgrade org.testcontainers:testcontainers to 2.0.5

fix(deps): update junit-framework monorepo to v6 (major)

• Schedule: ["at any time"]
• Branch name: renovate/major-junit-framework-monorepo
• Merge into: main
• Upgrade org.junit.jupiter:junit-jupiter-engine to 6.1.0
• Upgrade org.junit.jupiter:junit-jupiter-api to 6.1.0

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.