chore: Configure Renovate

[Open-Source-Bot]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• .github/workflows/build.yml (github-actions)
• .github/workflows/codeql.yml (github-actions)
• .github/workflows/cred-scan.yml (github-actions)
• .github/workflows/github-sanity-scan.yml (github-actions)
• .github/workflows/publish.yml (github-actions)
• .github/workflows/pull-request.yml (github-actions)
• pom.xml (maven)
• .github/renovate.json5 (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title
• Pin Docker digests.
• Pin github-action digests.
• Enable Renovate configuration migration PRs when needed.
• Pin dependency versions for development dependencies.
• Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
• Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
• Run Renovate on following schedule: * 22-23,0-6 * * , * * * 0,6

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to .github/renovate.json5 in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 24 Pull Requests:

⬆️ deps(github-actions): pin dependencies

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/pin-dependencies
• Merge into: main
• Upgrade actions/checkout to 93cb6efe18208431cddfb8368fd83d5badbf9bfd
• Upgrade actions/checkout to 34e114876b0b11c390a56381ad16ebd13914f8d5
• Upgrade actions/setup-java to 17f84c3641ba7b8f6deff6309fc4c864478f5d62
• Upgrade dependabot/fetch-metadata to a3e5f86ae9f2f49b441498973ddec20035d326b8
• Upgrade github/codeql-action to 5d4e8d1aca955e8d8589aabd499c5cae939e33c7

⬆️ deps(github-actions): update dependabot/fetch-metadata action to v1.7.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/dependabot-fetch-metadata-1.x
• Merge into: main
• Upgrade dependabot/fetch-metadata to 8348ea7f5d949b08c7f125a44b569c9626b05db3

⬆️ deps(maven): update dependency com.diffplug.spotless:spotless-maven-plugin to v2.46.1

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/spotless.version
• Merge into: main
• Upgrade com.diffplug.spotless:spotless-maven-plugin to 2.46.1

⬆️ deps(maven): update dependency com.squareup.okhttp3:okhttp-tls to v4.12.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/okhttp-monorepo
• Merge into: main
• Upgrade com.squareup.okhttp3:okhttp-tls to 4.12.0

⬆️ deps(maven): update dependency org.apache.commons:commons-lang3 to v3.20.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/commons-lang3-version
• Merge into: main
• Upgrade org.apache.commons:commons-lang3 to 3.20.0

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.14.1

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-compiler-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-compiler-plugin to 3.14.1

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-dependency-plugin to v3.9.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-dependency-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-dependency-plugin to 3.9.0

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-enforcer-plugin to v3.6.2

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-enforcer-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-enforcer-plugin to 3.6.2

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.2.8

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-gpg-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-gpg-plugin to 3.2.8

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-jar-plugin to v3.5.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-jar-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-jar-plugin to 3.5.0

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.12.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-javadoc-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-javadoc-plugin to 3.12.0

⬆️ deps(maven): update dependency org.apache.maven.plugins:maven-source-plugin to v3.4.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.apache.maven.plugins-maven-source-plugin-3.x
• Merge into: main
• Upgrade org.apache.maven.plugins:maven-source-plugin to 3.4.0

⬆️ deps(maven): update dependency org.openapitools:openapi-generator-maven-plugin to v7.18.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.openapitools-openapi-generator-maven-plugin-7.x
• Merge into: main
• Upgrade org.openapitools:openapi-generator-maven-plugin to 7.18.0

⬆️ deps(maven): update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.7.0

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/org.sonatype.plugins-nexus-staging-maven-plugin-1.x
• Merge into: main
• Upgrade org.sonatype.plugins:nexus-staging-maven-plugin to 1.7.0

⬆️ deps(maven): update dependency software.amazon.awssdk:auth to v2.41.2

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/aws-java-sdk-v2-monorepo
• Merge into: main
• Upgrade software.amazon.awssdk:auth to 2.41.2

⬆️ deps(maven): update junit-framework monorepo

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/junit-framework-monorepo
• Merge into: main
• Upgrade org.junit.platform:junit-platform-runner to 1.14.1
• Upgrade org.junit.jupiter:junit-jupiter-engine to 5.14.1

⬆️ deps(github-actions): update actions/checkout action to v6

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/actions-checkout-6.x
• Merge into: main
• Upgrade actions/checkout to 8e8c483db84b4bee98b60c0593521ed34d9990e8

⬆️ deps(github-actions): update actions/setup-java action to v5

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/actions-setup-java-5.x
• Merge into: main
• Upgrade actions/setup-java to f2beeb24e141e01a676f977032f5a29d81c9e27e

⬆️ deps(github-actions): update dependabot/fetch-metadata action to v2

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/dependabot-fetch-metadata-2.x
• Merge into: main
• Upgrade dependabot/fetch-metadata to 21025c705c08248db411dc16f3619e6b5f9ea21a

⬆️ deps(maven): update dependency com.diffplug.spotless:spotless-maven-plugin to v3

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/major-spotless.version
• Merge into: main
• Upgrade com.diffplug.spotless:spotless-maven-plugin to 3.1.0

⬆️ deps(maven): update dependency jakarta.annotation:jakarta.annotation-api to v3

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/major-jakarta-annotation-version
• Merge into: main
• Upgrade jakarta.annotation:jakarta.annotation-api to 3.0.0

⬆️ deps(maven): update dependency org.junit.jupiter:junit-jupiter-engine to v6

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/major-junit-framework-monorepo
• Merge into: main
• Upgrade org.junit.jupiter:junit-jupiter-engine to 6.0.1

⬆️ deps(maven): update dependency org.mockito:mockito-core to v5

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/major-mockito-monorepo
• Merge into: main
• Upgrade org.mockito:mockito-core to 5.21.0

⬆️ deps(maven): update okhttp monorepo to v5 (major)

• Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
• Branch name: renovate/major-okhttp-monorepo
• Merge into: main
• Upgrade com.squareup.okhttp3:logging-interceptor to 5.3.2
• Upgrade com.squareup.okhttp3:okhttp to 5.3.2
• Upgrade com.squareup.okhttp3:okhttp-tls to 5.3.2

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.