From 5fd50e6181b5ea5992c79d629dd1d776fb281f5c Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 18 Jan 2025 11:08:24 +0100
Subject: [PATCH 01/25] Upgrade Byte Buddy 1.15.11 -> 1.16.0 (#1521)

See:
- https://github.com/raphw/byte-buddy/releases/tag/byte-buddy-1.16.0
- https://github.com/raphw/byte-buddy/compare/byte-buddy-1.15.11...byte-buddy-1.16.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 56c315dd..c12ab3a5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -422,7 +422,7 @@
             <dependency>
                 <groupId>net.bytebuddy</groupId>
                 <artifactId>byte-buddy</artifactId>
-                <version>1.15.11</version>
+                <version>1.16.0</version>
             </dependency>
             <!-- Specified so that Renovate will file Maven upgrade PRs, which
             subsequently will cause `maven-enforcer-plugin` to require that

From 811e70ae3a43c12dc6de7744b3352486ab612f43 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sun, 19 Jan 2025 21:09:43 +0100
Subject: [PATCH 02/25] Upgrade Swagger 2.2.27 -> 2.2.28 (#1520)

See:
- https://github.com/swagger-api/swagger-core/releases/tag/v2.2.28
- https://github.com/swagger-api/swagger-core/compare/v2.2.27...v2.2.28
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index c12ab3a5..5592a360 100644
--- a/pom.xml
+++ b/pom.xml
@@ -387,7 +387,7 @@
             <dependency>
                 <groupId>io.swagger.core.v3</groupId>
                 <artifactId>swagger-annotations</artifactId>
-                <version>2.2.27</version>
+                <version>2.2.28</version>
             </dependency>
             <dependency>
                 <groupId>jakarta.servlet</groupId>

From f43921f3446c2e5103fe167f400938911ce1d75b Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sun, 19 Jan 2025 21:19:32 +0100
Subject: [PATCH 03/25] Upgrade Caffeine 3.1.8 -> 3.2.0 (#1522)

See:
- https://github.com/ben-manes/caffeine/releases/tag/v3.2.0
- https://github.com/ben-manes/caffeine/compare/v3.1.8...v3.2.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 5592a360..b51794c2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -276,7 +276,7 @@
             <dependency>
                 <groupId>com.github.ben-manes.caffeine</groupId>
                 <artifactId>caffeine</artifactId>
-                <version>3.1.8</version>
+                <version>3.2.0</version>
             </dependency>
             <dependency>
                 <groupId>com.google.auto</groupId>

From c836f1147fe7aa8b879e7de1dcf5b9803a22b3e4 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Mon, 20 Jan 2025 09:28:43 +0100
Subject: [PATCH 04/25] Upgrade Byte Buddy 1.16.0 -> 1.16.1 (#1524)

See:
- https://github.com/raphw/byte-buddy/releases/tag/byte-buddy-1.16.1
- https://github.com/raphw/byte-buddy/compare/byte-buddy-1.16.0...byte-buddy-1.16.1
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b51794c2..1b82f294 100644
--- a/pom.xml
+++ b/pom.xml
@@ -422,7 +422,7 @@
             <dependency>
                 <groupId>net.bytebuddy</groupId>
                 <artifactId>byte-buddy</artifactId>
-                <version>1.16.0</version>
+                <version>1.16.1</version>
             </dependency>
             <!-- Specified so that Renovate will file Maven upgrade PRs, which
             subsequently will cause `maven-enforcer-plugin` to require that

From 34cab33b76f8386967308fb2566cacb01107b144 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Mon, 20 Jan 2025 09:50:54 +0100
Subject: [PATCH 05/25] Upgrade step-security/harden-runner v2.10.3 -> v2.10.4
 (#1525)

See:
- https://github.com/step-security/harden-runner/releases/tag/v2.10.4
---
 .github/workflows/build.yml                 | 2 +-
 .github/workflows/codeql.yml                | 2 +-
 .github/workflows/deploy-website.yml        | 4 ++--
 .github/workflows/openssf-scorecard.yml     | 2 +-
 .github/workflows/pitest-analyze-pr.yml     | 2 +-
 .github/workflows/pitest-update-pr.yml      | 2 +-
 .github/workflows/run-integration-tests.yml | 2 +-
 .github/workflows/sonarcloud.yml            | 2 +-
 8 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index cb65a408..4fd6b80b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -26,7 +26,7 @@ jobs:
     continue-on-error: ${{ matrix.experimental }}
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 52ce1394..b1714bfd 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/deploy-website.yml b/.github/workflows/deploy-website.yml
index ccc1fc5e..53ad0f5b 100644
--- a/.github/workflows/deploy-website.yml
+++ b/.github/workflows/deploy-website.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
@@ -75,7 +75,7 @@ jobs:
       url: ${{ steps.deployment.outputs.page_url }}
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml
index ee24ba81..57bda357 100644
--- a/.github/workflows/openssf-scorecard.yml
+++ b/.github/workflows/openssf-scorecard.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/pitest-analyze-pr.yml b/.github/workflows/pitest-analyze-pr.yml
index 76d9041a..f8ca08db 100644
--- a/.github/workflows/pitest-analyze-pr.yml
+++ b/.github/workflows/pitest-analyze-pr.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/pitest-update-pr.yml b/.github/workflows/pitest-update-pr.yml
index c920dff2..07cf77ed 100644
--- a/.github/workflows/pitest-update-pr.yml
+++ b/.github/workflows/pitest-update-pr.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/run-integration-tests.yml b/.github/workflows/run-integration-tests.yml
index e0ef2660..ec5cd5f0 100644
--- a/.github/workflows/run-integration-tests.yml
+++ b/.github/workflows/run-integration-tests.yml
@@ -22,7 +22,7 @@ jobs:
         integration-test: [ "checkstyle", "metrics", "prometheus-java-client" ]
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index 9a0d4bfc..43939c74 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Install Harden-Runner
-        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           disable-sudo: true
           egress-policy: block

From ad5b1c99172b528b476c338cf2bee623d086031d Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Mon, 20 Jan 2025 12:41:38 +0100
Subject: [PATCH 06/25] Upgrade Modernizer Maven Plugin 3.0.0 -> 3.1.0 (#1526)

See:
- https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-3.1.0
- https://github.com/gaul/modernizer-maven-plugin/compare/modernizer-maven-plugin-3.0.0...modernizer-maven-plugin-3.1.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 1b82f294..b3a07258 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1463,7 +1463,7 @@
                 <plugin>
                     <groupId>org.gaul</groupId>
                     <artifactId>modernizer-maven-plugin</artifactId>
-                    <version>3.0.0</version>
+                    <version>3.1.0</version>
                     <configuration>
                         <exclusionPatterns>
                             <!-- The plugin suggests replacing usages of

From 5085eb2f255a0e5643e4e203aa0c2e276b2463dc Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Tue, 21 Jan 2025 07:38:00 +0100
Subject: [PATCH 07/25] Upgrade AssertJ 3.27.2 -> 3.27.3 (#1523)

See:
- https://github.com/assertj/assertj/releases/tag/assertj-build-3.27.3
- https://github.com/assertj/assertj/compare/assertj-build-3.27.2...assertj-build-3.27.3
---
 integration-tests/checkstyle-init.patch | 2 +-
 pom.xml                                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/integration-tests/checkstyle-init.patch b/integration-tests/checkstyle-init.patch
index a31ca2b2..a93956fd 100644
--- a/integration-tests/checkstyle-init.patch
+++ b/integration-tests/checkstyle-init.patch
@@ -7,7 +7,7 @@
 +    <dependency>
 +      <groupId>org.assertj</groupId>
 +      <artifactId>assertj-core</artifactId>
-+      <version>3.27.2<!-- Renovate: org.assertj:assertj-bom --></version>
++      <version>3.27.3<!-- Renovate: org.assertj:assertj-bom --></version>
 +      <scope>test</scope>
 +    </dependency>
      <dependency>
diff --git a/pom.xml b/pom.xml
index b3a07258..53ddd274 100644
--- a/pom.xml
+++ b/pom.xml
@@ -440,7 +440,7 @@
             <dependency>
                 <groupId>org.assertj</groupId>
                 <artifactId>assertj-bom</artifactId>
-                <version>3.27.2</version>
+                <version>3.27.3</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>

From 1aea710c5399f645542ee4c7961610d53d11faf8 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Tue, 21 Jan 2025 19:41:23 +0100
Subject: [PATCH 08/25] Upgrade OpenRewrite 3.0.1 -> 3.0.2 (#1519)

See:
- https://github.com/openrewrite/rewrite-recipe-bom/releases/tag/v3.0.2
- https://github.com/openrewrite/rewrite-recipe-bom/compare/v3.0.1...v3.0.2
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 53ddd274..86a19636 100644
--- a/pom.xml
+++ b/pom.xml
@@ -496,7 +496,7 @@
             <dependency>
                 <groupId>org.openrewrite.recipe</groupId>
                 <artifactId>rewrite-recipe-bom</artifactId>
-                <version>3.0.1</version>
+                <version>3.0.2</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>

From 895875c84966eb4d56495660fa03c426a8e8a90f Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Fri, 24 Jan 2025 10:11:42 +0100
Subject: [PATCH 09/25] Upgrade MongoDB driver 5.3.0 -> 5.3.1 (#1527)

See:
- https://github.com/mongodb/mongo-java-driver/releases/tag/r5.3.1
- https://github.com/mongodb/mongo-java-driver/compare/r5.3.0...r5.3.1
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 86a19636..c35505b3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -486,7 +486,7 @@
             <dependency>
                 <groupId>org.mongodb</groupId>
                 <artifactId>mongodb-driver-core</artifactId>
-                <version>5.3.0</version>
+                <version>5.3.1</version>
             </dependency>
             <dependency>
                 <groupId>org.openrewrite</groupId>

From 636c1993d567c19dff76bbd0d783f1bfa3f3170b Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 25 Jan 2025 13:11:33 +0100
Subject: [PATCH 10/25] Upgrade OpenRewrite Templating 1.21.0 -> 1.22.0 (#1530)

See:
- https://github.com/openrewrite/rewrite-templating/releases/tag/v1.22.0
- https://github.com/openrewrite/rewrite-templating/compare/v1.21.0...v1.22.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index c35505b3..9b6dbe1b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -215,7 +215,7 @@
         <version.nopen-checker>1.0.1</version.nopen-checker>
         <version.nullaway>0.12.3</version.nullaway>
         <version.pitest-git>1.1.4</version.pitest-git>
-        <version.rewrite-templating>1.21.0</version.rewrite-templating>
+        <version.rewrite-templating>1.22.0</version.rewrite-templating>
         <version.surefire>3.2.3</version.surefire>
     </properties>
 

From 708317f31470354bc588d049a419882a745ebc22 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 25 Jan 2025 13:22:19 +0100
Subject: [PATCH 11/25] Upgrade Spring Boot 3.4.1 -> 3.4.2 (#1528)

See:
- https://github.com/spring-projects/spring-boot/releases/tag/v3.4.2
- https://github.com/spring-projects/spring-boot/compare/v3.4.1...v3.4.2
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 9b6dbe1b..64bccf0a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -517,7 +517,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-test</artifactId>
-                <version>3.4.1</version>
+                <version>3.4.2</version>
             </dependency>
             <dependency>
                 <groupId>org.springframework.security</groupId>

From 4608c00140ec7d66022181c7964ed2e1dbb67257 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 25 Jan 2025 13:50:19 +0100
Subject: [PATCH 12/25] Upgrade OpenRewrite 3.0.2 -> 3.1.0 (#1529)

See:
- https://github.com/openrewrite/rewrite-recipe-bom/releases/tag/v3.1.0
- https://github.com/openrewrite/rewrite-recipe-bom/compare/v3.0.2...v3.1.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 64bccf0a..d49718f7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -496,7 +496,7 @@
             <dependency>
                 <groupId>org.openrewrite.recipe</groupId>
                 <artifactId>rewrite-recipe-bom</artifactId>
-                <version>3.0.2</version>
+                <version>3.1.0</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>

From 4c32d3ce7a4b695298f8f5eca5da7ad9964ef9f7 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Mon, 27 Jan 2025 10:13:25 +0100
Subject: [PATCH 13/25] Upgrade ruby/setup-ruby v1.206.0 -> v1.213.0 (#1533)

See:
- https://github.com/ruby/setup-ruby/releases/tag/v1.213.0
- https://github.com/ruby/setup-ruby/releases/tag/v1.212.0
- https://github.com/ruby/setup-ruby/releases/tag/v1.211.0
- https://github.com/ruby/setup-ruby/releases/tag/v1.210.0
- https://github.com/ruby/setup-ruby/releases/tag/v1.209.0
- https://github.com/ruby/setup-ruby/releases/tag/v1.208.0
- https://github.com/ruby/setup-ruby/releases/tag/v1.207.0
---
 .github/workflows/deploy-website.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/deploy-website.yml b/.github/workflows/deploy-website.yml
index 53ad0f5b..6eb92e72 100644
--- a/.github/workflows/deploy-website.yml
+++ b/.github/workflows/deploy-website.yml
@@ -43,7 +43,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           persist-credentials: false
-      - uses: ruby/setup-ruby@bfefad842bb982ff05b233bcbc1571d97a87e69f # v1.206.0
+      - uses: ruby/setup-ruby@28c4deda893d5a96a6b2d958c5b47fc18d65c9d3 # v1.213.0
         with:
           working-directory: ./website
           bundler-cache: true

From dd190ee056e519d83398802cf3ad08269eddae45 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Mon, 27 Jan 2025 13:40:57 +0100
Subject: [PATCH 14/25] Upgrade CodeQL v3.28.0 -> v3.28.5 (#1532)

See:
- https://github.com/github/codeql-action/blob/main/CHANGELOG.md
- https://github.com/github/codeql-action/releases/tag/v3.28.1
- https://github.com/github/codeql-action/releases/tag/v3.28.2
- https://github.com/github/codeql-action/releases/tag/v3.28.3
- https://github.com/github/codeql-action/releases/tag/v3.28.4
- https://github.com/github/codeql-action/releases/tag/v3.28.5
- https://github.com/github/codeql-action/compare/v3.28.0...v3.28.5
---
 .github/workflows/codeql.yml            | 4 ++--
 .github/workflows/openssf-scorecard.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index b1714bfd..db02c168 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -40,13 +40,13 @@ jobs:
           java-distribution: temurin
           maven-version: 3.9.9
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        uses: github/codeql-action/init@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         with:
           languages: ${{ matrix.language }}
       - name: Perform minimal build
         if: matrix.language == 'java'
         run: mvn -T1C clean package -DskipTests -Dverification.skip
       - name: Perform CodeQL analysis
-        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        uses: github/codeql-action/analyze@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         with:
           category: /language:${{ matrix.language }}
diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml
index 57bda357..79380aa5 100644
--- a/.github/workflows/openssf-scorecard.yml
+++ b/.github/workflows/openssf-scorecard.yml
@@ -48,6 +48,6 @@ jobs:
           results_format: sarif
           publish_results: ${{ github.ref == 'refs/heads/master' }}
       - name: Update GitHub's code scanning dashboard
-        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         with:
           sarif_file: results.sarif

From 36ef967f0e6df3c103d704b372fb06b2e7019672 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Mon, 27 Jan 2025 14:07:12 +0100
Subject: [PATCH 15/25] Upgrade Checkstyle 10.21.1 -> 10.21.2 (#1531)

See:
- https://checkstyle.sourceforge.io/releasenotes.html
- https://github.com/checkstyle/checkstyle/releases/tag/checkstyle-10.21.2
- https://github.com/checkstyle/checkstyle/compare/checkstyle-10.21.1...checkstyle-10.21.2
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index d49718f7..7efbb806 100644
--- a/pom.xml
+++ b/pom.xml
@@ -923,7 +923,7 @@
                         <dependency>
                             <groupId>com.puppycrawl.tools</groupId>
                             <artifactId>checkstyle</artifactId>
-                            <version>10.21.1</version>
+                            <version>10.21.2</version>
                         </dependency>
                         <dependency>
                             <groupId>io.spring.nohttp</groupId>

From 9088369f893cee6fca078b4adafcee193e1550bb Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 1 Feb 2025 16:41:07 +0100
Subject: [PATCH 16/25] Upgrade Byte Buddy 1.16.1 -> 1.17.0 (#1535)

See:
- https://github.com/raphw/byte-buddy/releases/tag/byte-buddy-1.17.0
- https://github.com/raphw/byte-buddy/compare/byte-buddy-1.16.1...byte-buddy-1.17.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 7efbb806..ec2b976b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -422,7 +422,7 @@
             <dependency>
                 <groupId>net.bytebuddy</groupId>
                 <artifactId>byte-buddy</artifactId>
-                <version>1.16.1</version>
+                <version>1.17.0</version>
             </dependency>
             <!-- Specified so that Renovate will file Maven upgrade PRs, which
             subsequently will cause `maven-enforcer-plugin` to require that

From 77557c80b1c28e67b7ff44d83a2ba31cce84937a Mon Sep 17 00:00:00 2001
From: Rick Ossendrijver <rick.ossendrijver@gmail.com>
Date: Sun, 2 Feb 2025 12:46:39 +0100
Subject: [PATCH 17/25] Extend size-related `AssertJEnumerableRules` Refaster
 rules (#1512)

By also matching expressions ending in `.returnToIterable()`.
---
 .../refasterrules/AssertJEnumerableRules.java | 71 +++++++++++++++++--
 .../AssertJEnumerableRulesTestInput.java      | 42 +++++++----
 .../AssertJEnumerableRulesTestOutput.java     | 39 ++++++----
 3 files changed, 118 insertions(+), 34 deletions(-)

diff --git a/error-prone-contrib/src/main/java/tech/picnic/errorprone/refasterrules/AssertJEnumerableRules.java b/error-prone-contrib/src/main/java/tech/picnic/errorprone/refasterrules/AssertJEnumerableRules.java
index b4318931..52894112 100644
--- a/error-prone-contrib/src/main/java/tech/picnic/errorprone/refasterrules/AssertJEnumerableRules.java
+++ b/error-prone-contrib/src/main/java/tech/picnic/errorprone/refasterrules/AssertJEnumerableRules.java
@@ -43,7 +43,16 @@ final class AssertJEnumerableRules {
     }
 
     @BeforeTemplate
-    AbstractIntegerAssert<?> before(AbstractIterableAssert<?, ?, E, ?> enumAssert) {
+    AbstractIterableAssert<?, ?, E, ?> before(AbstractIterableAssert<?, ?, E, ?> enumAssert) {
+      return Refaster.anyOf(
+          enumAssert.size().isNotEqualTo(0).returnToIterable(),
+          enumAssert.size().isPositive().returnToIterable());
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIntegerAssert<?> before2(AbstractIterableAssert<?, ?, E, ?> enumAssert) {
       return Refaster.anyOf(enumAssert.size().isNotEqualTo(0), enumAssert.size().isPositive());
     }
 
@@ -55,7 +64,15 @@ final class AssertJEnumerableRules {
 
   static final class EnumerableAssertHasSize<E> {
     @BeforeTemplate
-    AbstractIterableSizeAssert<?, ?, E, ?> before(
+    AbstractIterableAssert<?, ?, E, ?> before(
+        AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
+      return enumAssert.size().isEqualTo(size).returnToIterable();
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIterableSizeAssert<?, ?, E, ?> before2(
         AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
       return enumAssert.size().isEqualTo(size);
     }
@@ -68,7 +85,15 @@ final class AssertJEnumerableRules {
 
   static final class EnumerableAssertHasSizeLessThan<E> {
     @BeforeTemplate
-    AbstractIterableSizeAssert<?, ?, E, ?> before(
+    AbstractIterableAssert<?, ?, E, ?> before(
+        AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
+      return enumAssert.size().isLessThan(size).returnToIterable();
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIterableSizeAssert<?, ?, E, ?> before2(
         AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
       return enumAssert.size().isLessThan(size);
     }
@@ -81,7 +106,15 @@ final class AssertJEnumerableRules {
 
   static final class EnumerableAssertHasSizeLessThanOrEqualTo<E> {
     @BeforeTemplate
-    AbstractIterableSizeAssert<?, ?, E, ?> before(
+    AbstractIterableAssert<?, ?, E, ?> before(
+        AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
+      return enumAssert.size().isLessThanOrEqualTo(size).returnToIterable();
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIterableSizeAssert<?, ?, E, ?> before2(
         AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
       return enumAssert.size().isLessThanOrEqualTo(size);
     }
@@ -94,7 +127,15 @@ final class AssertJEnumerableRules {
 
   static final class EnumerableAssertHasSizeGreaterThan<E> {
     @BeforeTemplate
-    AbstractIterableSizeAssert<?, ?, E, ?> before(
+    AbstractIterableAssert<?, ?, E, ?> before(
+        AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
+      return enumAssert.size().isGreaterThan(size).returnToIterable();
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIterableSizeAssert<?, ?, E, ?> before2(
         AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
       return enumAssert.size().isGreaterThan(size);
     }
@@ -107,7 +148,15 @@ final class AssertJEnumerableRules {
 
   static final class EnumerableAssertHasSizeGreaterThanOrEqualTo<E> {
     @BeforeTemplate
-    AbstractIterableSizeAssert<?, ?, E, ?> before(
+    AbstractIterableAssert<?, ?, E, ?> before(
+        AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
+      return enumAssert.size().isGreaterThanOrEqualTo(size).returnToIterable();
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIterableSizeAssert<?, ?, E, ?> before2(
         AbstractIterableAssert<?, ?, E, ?> enumAssert, int size) {
       return enumAssert.size().isGreaterThanOrEqualTo(size);
     }
@@ -120,7 +169,15 @@ final class AssertJEnumerableRules {
 
   static final class EnumerableAssertHasSizeBetween<E> {
     @BeforeTemplate
-    AbstractIterableSizeAssert<?, ?, E, ?> before(
+    AbstractIterableAssert<?, ?, E, ?> before(
+        AbstractIterableAssert<?, ?, E, ?> enumAssert, int lower, int upper) {
+      return enumAssert.size().isBetween(lower, upper).returnToIterable();
+    }
+
+    // XXX: If this template matches, then the expression's return type changes incompatibly.
+    // Consider moving this template to a separate block (statement) rule.
+    @BeforeTemplate
+    AbstractIterableSizeAssert<?, ?, E, ?> before2(
         AbstractIterableAssert<?, ?, E, ?> enumAssert, int lower, int upper) {
       return enumAssert.size().isBetween(lower, upper);
     }
diff --git a/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestInput.java b/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestInput.java
index f2e603e4..b89c4ec7 100644
--- a/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestInput.java
+++ b/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestInput.java
@@ -25,32 +25,46 @@ final class AssertJEnumerableRulesTest implements RefasterRuleCollectionTestCase
     return ImmutableSet.of(
         assertThat(ImmutableSet.of(1)).hasSizeGreaterThan(0),
         assertThat(ImmutableSet.of(2)).hasSizeGreaterThanOrEqualTo(1),
-        assertThat(ImmutableSet.of(3)).size().isNotEqualTo(0),
-        assertThat(ImmutableSet.of(4)).size().isPositive());
+        assertThat(ImmutableSet.of(3)).size().isNotEqualTo(0).returnToIterable(),
+        assertThat(ImmutableSet.of(4)).size().isPositive().returnToIterable(),
+        assertThat(ImmutableSet.of(5)).size().isNotEqualTo(0),
+        assertThat(ImmutableSet.of(6)).size().isPositive());
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSize() {
-    return assertThat(ImmutableSet.of(1)).size().isEqualTo(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSize() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).size().isEqualTo(2).returnToIterable(),
+        assertThat(ImmutableSet.of(3)).size().isEqualTo(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeLessThan() {
-    return assertThat(ImmutableSet.of(1)).size().isLessThan(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeLessThan() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).size().isLessThan(2).returnToIterable(),
+        assertThat(ImmutableSet.of(3)).size().isLessThan(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeLessThanOrEqualTo() {
-    return assertThat(ImmutableSet.of(1)).size().isLessThanOrEqualTo(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeLessThanOrEqualTo() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).size().isLessThanOrEqualTo(2).returnToIterable(),
+        assertThat(ImmutableSet.of(3)).size().isLessThanOrEqualTo(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeGreaterThan() {
-    return assertThat(ImmutableSet.of(1)).size().isGreaterThan(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeGreaterThan() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).size().isGreaterThan(2).returnToIterable(),
+        assertThat(ImmutableSet.of(3)).size().isGreaterThan(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeGreaterThanOrEqualTo() {
-    return assertThat(ImmutableSet.of(1)).size().isGreaterThanOrEqualTo(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeGreaterThanOrEqualTo() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).size().isGreaterThanOrEqualTo(2).returnToIterable(),
+        assertThat(ImmutableSet.of(3)).size().isGreaterThanOrEqualTo(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeBetween() {
-    return assertThat(ImmutableSet.of(1)).size().isBetween(2, 3);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeBetween() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).size().isBetween(2, 3).returnToIterable(),
+        assertThat(ImmutableSet.of(4)).size().isBetween(5, 6));
   }
 
   ImmutableSet<EnumerableAssert<?, Integer>> testEnumerableAssertHasSameSizeAs() {
diff --git a/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestOutput.java b/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestOutput.java
index 93f7a685..8341cbf5 100644
--- a/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestOutput.java
+++ b/error-prone-contrib/src/test/resources/tech/picnic/errorprone/refasterrules/AssertJEnumerableRulesTestOutput.java
@@ -26,31 +26,44 @@ final class AssertJEnumerableRulesTest implements RefasterRuleCollectionTestCase
         assertThat(ImmutableSet.of(1)).isNotEmpty(),
         assertThat(ImmutableSet.of(2)).isNotEmpty(),
         assertThat(ImmutableSet.of(3)).isNotEmpty(),
-        assertThat(ImmutableSet.of(4)).isNotEmpty());
+        assertThat(ImmutableSet.of(4)).isNotEmpty(),
+        assertThat(ImmutableSet.of(5)).isNotEmpty(),
+        assertThat(ImmutableSet.of(6)).isNotEmpty());
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSize() {
-    return assertThat(ImmutableSet.of(1)).hasSize(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSize() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).hasSize(2), assertThat(ImmutableSet.of(3)).hasSize(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeLessThan() {
-    return assertThat(ImmutableSet.of(1)).hasSizeLessThan(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeLessThan() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).hasSizeLessThan(2),
+        assertThat(ImmutableSet.of(3)).hasSizeLessThan(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeLessThanOrEqualTo() {
-    return assertThat(ImmutableSet.of(1)).hasSizeLessThanOrEqualTo(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeLessThanOrEqualTo() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).hasSizeLessThanOrEqualTo(2),
+        assertThat(ImmutableSet.of(3)).hasSizeLessThanOrEqualTo(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeGreaterThan() {
-    return assertThat(ImmutableSet.of(1)).hasSizeGreaterThan(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeGreaterThan() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).hasSizeGreaterThan(2),
+        assertThat(ImmutableSet.of(3)).hasSizeGreaterThan(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeGreaterThanOrEqualTo() {
-    return assertThat(ImmutableSet.of(1)).hasSizeGreaterThanOrEqualTo(2);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeGreaterThanOrEqualTo() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).hasSizeGreaterThanOrEqualTo(2),
+        assertThat(ImmutableSet.of(3)).hasSizeGreaterThanOrEqualTo(4));
   }
 
-  AbstractAssert<?, ?> testEnumerableAssertHasSizeBetween() {
-    return assertThat(ImmutableSet.of(1)).hasSizeBetween(2, 3);
+  ImmutableSet<AbstractAssert<?, ?>> testEnumerableAssertHasSizeBetween() {
+    return ImmutableSet.of(
+        assertThat(ImmutableSet.of(1)).hasSizeBetween(2, 3),
+        assertThat(ImmutableSet.of(4)).hasSizeBetween(5, 6));
   }
 
   ImmutableSet<EnumerableAssert<?, Integer>> testEnumerableAssertHasSameSizeAs() {

From 2b467832fb883f007578967151365be355f376f7 Mon Sep 17 00:00:00 2001
From: Stephan Schroevers <stephan.schroevers@teampicnic.com>
Date: Sun, 2 Feb 2025 13:19:40 +0100
Subject: [PATCH 18/25] [maven-release-plugin] prepare release v0.20.0

---
 documentation-support/pom.xml    | 2 +-
 error-prone-contrib/pom.xml      | 2 +-
 error-prone-experimental/pom.xml | 2 +-
 error-prone-guidelines/pom.xml   | 2 +-
 error-prone-utils/pom.xml        | 2 +-
 pom.xml                          | 6 +++---
 refaster-compiler/pom.xml        | 2 +-
 refaster-runner/pom.xml          | 2 +-
 refaster-support/pom.xml         | 2 +-
 refaster-test-support/pom.xml    | 2 +-
 10 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/documentation-support/pom.xml b/documentation-support/pom.xml
index b9ca3c12..090f4c56 100644
--- a/documentation-support/pom.xml
+++ b/documentation-support/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>documentation-support</artifactId>
diff --git a/error-prone-contrib/pom.xml b/error-prone-contrib/pom.xml
index 896e2c39..aebf2f4e 100644
--- a/error-prone-contrib/pom.xml
+++ b/error-prone-contrib/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>error-prone-contrib</artifactId>
diff --git a/error-prone-experimental/pom.xml b/error-prone-experimental/pom.xml
index 1cbfc4d6..a451ffa2 100644
--- a/error-prone-experimental/pom.xml
+++ b/error-prone-experimental/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>error-prone-experimental</artifactId>
diff --git a/error-prone-guidelines/pom.xml b/error-prone-guidelines/pom.xml
index 745fbf13..2ed46d65 100644
--- a/error-prone-guidelines/pom.xml
+++ b/error-prone-guidelines/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>error-prone-guidelines</artifactId>
diff --git a/error-prone-utils/pom.xml b/error-prone-utils/pom.xml
index 9f0e9f1f..6223a6b2 100644
--- a/error-prone-utils/pom.xml
+++ b/error-prone-utils/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>error-prone-utils</artifactId>
diff --git a/pom.xml b/pom.xml
index ec2b976b..cb2f6dfa 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
 
     <groupId>tech.picnic.error-prone-support</groupId>
     <artifactId>error-prone-support</artifactId>
-    <version>0.19.2-SNAPSHOT</version>
+    <version>0.20.0</version>
     <packaging>pom</packaging>
 
     <name>Picnic :: Error Prone Support</name>
@@ -52,7 +52,7 @@
 
     <scm child.scm.developerConnection.inherit.append.path="false" child.scm.url.inherit.append.path="false">
         <developerConnection>scm:git:git@github.com:PicnicSupermarket/error-prone-support.git</developerConnection>
-        <tag>HEAD</tag>
+        <tag>v0.20.0</tag>
         <url>https://github.com/PicnicSupermarket/error-prone-support</url>
     </scm>
     <issueManagement>
@@ -146,7 +146,7 @@
         <error-prone.self-check-args />
         <!-- The build timestamp is derived from the most recent commit
         timestamp in support of reproducible builds. -->
-        <project.build.outputTimestamp>2024-11-03T15:58:19Z</project.build.outputTimestamp>
+        <project.build.outputTimestamp>2025-02-02T12:14:39Z</project.build.outputTimestamp>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <!-- Glob pattern identifying Refaster rule definition files. These
         Java classes don't contain "regular" code, and thus require special
diff --git a/refaster-compiler/pom.xml b/refaster-compiler/pom.xml
index fdf4afdb..af4b7c29 100644
--- a/refaster-compiler/pom.xml
+++ b/refaster-compiler/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>refaster-compiler</artifactId>
diff --git a/refaster-runner/pom.xml b/refaster-runner/pom.xml
index f75ed47b..e076e33d 100644
--- a/refaster-runner/pom.xml
+++ b/refaster-runner/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>refaster-runner</artifactId>
diff --git a/refaster-support/pom.xml b/refaster-support/pom.xml
index 6370d8f1..3471d77e 100644
--- a/refaster-support/pom.xml
+++ b/refaster-support/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>refaster-support</artifactId>
diff --git a/refaster-test-support/pom.xml b/refaster-test-support/pom.xml
index 46dca581..088ba22d 100644
--- a/refaster-test-support/pom.xml
+++ b/refaster-test-support/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.19.2-SNAPSHOT</version>
+        <version>0.20.0</version>
     </parent>
 
     <artifactId>refaster-test-support</artifactId>

From e572a3641df1911d155fe6b71b24f22e48e71721 Mon Sep 17 00:00:00 2001
From: Stephan Schroevers <stephan.schroevers@teampicnic.com>
Date: Sun, 2 Feb 2025 13:19:40 +0100
Subject: [PATCH 19/25] [maven-release-plugin] prepare for next development
 iteration

---
 documentation-support/pom.xml    | 2 +-
 error-prone-contrib/pom.xml      | 2 +-
 error-prone-experimental/pom.xml | 2 +-
 error-prone-guidelines/pom.xml   | 2 +-
 error-prone-utils/pom.xml        | 2 +-
 pom.xml                          | 6 +++---
 refaster-compiler/pom.xml        | 2 +-
 refaster-runner/pom.xml          | 2 +-
 refaster-support/pom.xml         | 2 +-
 refaster-test-support/pom.xml    | 2 +-
 10 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/documentation-support/pom.xml b/documentation-support/pom.xml
index 090f4c56..7ca2ca3f 100644
--- a/documentation-support/pom.xml
+++ b/documentation-support/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>documentation-support</artifactId>
diff --git a/error-prone-contrib/pom.xml b/error-prone-contrib/pom.xml
index aebf2f4e..18105e43 100644
--- a/error-prone-contrib/pom.xml
+++ b/error-prone-contrib/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>error-prone-contrib</artifactId>
diff --git a/error-prone-experimental/pom.xml b/error-prone-experimental/pom.xml
index a451ffa2..95f1845b 100644
--- a/error-prone-experimental/pom.xml
+++ b/error-prone-experimental/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>error-prone-experimental</artifactId>
diff --git a/error-prone-guidelines/pom.xml b/error-prone-guidelines/pom.xml
index 2ed46d65..21fe7486 100644
--- a/error-prone-guidelines/pom.xml
+++ b/error-prone-guidelines/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>error-prone-guidelines</artifactId>
diff --git a/error-prone-utils/pom.xml b/error-prone-utils/pom.xml
index 6223a6b2..e84bb808 100644
--- a/error-prone-utils/pom.xml
+++ b/error-prone-utils/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>error-prone-utils</artifactId>
diff --git a/pom.xml b/pom.xml
index cb2f6dfa..50057186 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
 
     <groupId>tech.picnic.error-prone-support</groupId>
     <artifactId>error-prone-support</artifactId>
-    <version>0.20.0</version>
+    <version>0.20.1-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <name>Picnic :: Error Prone Support</name>
@@ -52,7 +52,7 @@
 
     <scm child.scm.developerConnection.inherit.append.path="false" child.scm.url.inherit.append.path="false">
         <developerConnection>scm:git:git@github.com:PicnicSupermarket/error-prone-support.git</developerConnection>
-        <tag>v0.20.0</tag>
+        <tag>HEAD</tag>
         <url>https://github.com/PicnicSupermarket/error-prone-support</url>
     </scm>
     <issueManagement>
@@ -146,7 +146,7 @@
         <error-prone.self-check-args />
         <!-- The build timestamp is derived from the most recent commit
         timestamp in support of reproducible builds. -->
-        <project.build.outputTimestamp>2025-02-02T12:14:39Z</project.build.outputTimestamp>
+        <project.build.outputTimestamp>2025-02-02T12:19:40Z</project.build.outputTimestamp>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <!-- Glob pattern identifying Refaster rule definition files. These
         Java classes don't contain "regular" code, and thus require special
diff --git a/refaster-compiler/pom.xml b/refaster-compiler/pom.xml
index af4b7c29..b70132bf 100644
--- a/refaster-compiler/pom.xml
+++ b/refaster-compiler/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>refaster-compiler</artifactId>
diff --git a/refaster-runner/pom.xml b/refaster-runner/pom.xml
index e076e33d..c7c7a994 100644
--- a/refaster-runner/pom.xml
+++ b/refaster-runner/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>refaster-runner</artifactId>
diff --git a/refaster-support/pom.xml b/refaster-support/pom.xml
index 3471d77e..ed7c17ba 100644
--- a/refaster-support/pom.xml
+++ b/refaster-support/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>refaster-support</artifactId>
diff --git a/refaster-test-support/pom.xml b/refaster-test-support/pom.xml
index 088ba22d..d9f1e61b 100644
--- a/refaster-test-support/pom.xml
+++ b/refaster-test-support/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>tech.picnic.error-prone-support</groupId>
         <artifactId>error-prone-support</artifactId>
-        <version>0.20.0</version>
+        <version>0.20.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>refaster-test-support</artifactId>

From f128a7975fb9101fe7503637d94e8a2d5c039cc2 Mon Sep 17 00:00:00 2001
From: Stephan Schroevers <stephan.schroevers@teampicnic.com>
Date: Mon, 3 Feb 2025 09:04:46 +0100
Subject: [PATCH 20/25] Update Error Prone compatibility matrix (#1536)

---
 website/_data/compatibility.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/website/_data/compatibility.yml b/website/_data/compatibility.yml
index bf6a4efe..c1b9b33d 100644
--- a/website/_data/compatibility.yml
+++ b/website/_data/compatibility.yml
@@ -1,6 +1,16 @@
 # An overview of Error Prone Support releases, along with compatible Error
 # Prone releases. This data was generated by `generate-version-compatibility-overview.sh`.
 releases:
+  - version: 0.20.0
+    compatible:
+      - "2.36.0"
+      - "2.35.1"
+      - "2.35.0"
+      - "2.34.0"
+      - "2.33.0"
+      - "2.32.0"
+      - "2.31.0"
+      - "2.30.0"
   - version: 0.19.1
     compatible:
       - "2.36.0"

From 5105cb684f26464b5cba2f807b350fed7496e6ab Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 8 Feb 2025 13:38:40 +0100
Subject: [PATCH 21/25] Upgrade Checker Framework Annotations 3.48.4 -> 3.49.0
 (#1537)

See:
- https://github.com/typetools/checker-framework/releases/tag/checker-framework-3.49.0
- https://github.com/typetools/checker-framework/compare/checker-framework-3.48.4...checker-framework-3.49.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 50057186..9dabdc0e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -447,7 +447,7 @@
             <dependency>
                 <groupId>org.checkerframework</groupId>
                 <artifactId>checker-qual</artifactId>
-                <version>3.48.4</version>
+                <version>3.49.0</version>
             </dependency>
             <dependency>
                 <groupId>org.hamcrest</groupId>

From ab0a844f26df88e53faaa1335d62fb3f3b6e6add Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 8 Feb 2025 14:59:53 +0100
Subject: [PATCH 22/25] Upgrade pitest-maven-plugin 1.17.4 -> 1.18.0 (#1538)

See:
- https://github.com/hcoles/pitest/releases/tag/1.18.0
- https://github.com/hcoles/pitest/compare/1.17.4...1.18.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 9dabdc0e..d475f53b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1524,7 +1524,7 @@
                 <plugin>
                     <groupId>org.pitest</groupId>
                     <artifactId>pitest-maven</artifactId>
-                    <version>1.17.4</version>
+                    <version>1.18.0</version>
                     <configuration>
                         <excludedClasses>
                             <!-- AutoValue generated classes. -->

From 6a6354eb55c02c284610daf8e74642336547c83f Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 8 Feb 2025 15:18:39 +0100
Subject: [PATCH 23/25] Upgrade OpenRewrite Templating 1.22.0 -> 1.22.1 (#1539)

See:
- https://github.com/openrewrite/rewrite-templating/releases/tag/v1.22.1
- https://github.com/openrewrite/rewrite-templating/compare/v1.22.0...v1.22.1
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index d475f53b..7309a1b9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -215,7 +215,7 @@
         <version.nopen-checker>1.0.1</version.nopen-checker>
         <version.nullaway>0.12.3</version.nullaway>
         <version.pitest-git>1.1.4</version.pitest-git>
-        <version.rewrite-templating>1.22.0</version.rewrite-templating>
+        <version.rewrite-templating>1.22.1</version.rewrite-templating>
         <version.surefire>3.2.3</version.surefire>
     </properties>
 

From a68e5ae1500e4f9d7ed6cf22b7cd0e63d0812229 Mon Sep 17 00:00:00 2001
From: Picnic-DevPla-Bot <168541957+Picnic-DevPla-Bot@users.noreply.github.com>
Date: Sat, 8 Feb 2025 15:52:40 +0100
Subject: [PATCH 24/25] Upgrade OpenRewrite 3.1.0 -> 3.2.0 (#1540)

See:
- https://github.com/openrewrite/rewrite-recipe-bom/releases/tag/v3.2.0
- https://github.com/openrewrite/rewrite-recipe-bom/compare/v3.1.0...v3.2.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 7309a1b9..596ef3d3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -496,7 +496,7 @@
             <dependency>
                 <groupId>org.openrewrite.recipe</groupId>
                 <artifactId>rewrite-recipe-bom</artifactId>
-                <version>3.1.0</version>
+                <version>3.2.0</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>

From aedeeb09437cc3a432be0d1dcc490a8bb928cacb Mon Sep 17 00:00:00 2001
From: Stephan Schroevers <stephan.schroevers@teampicnic.com>
Date: Sun, 9 Feb 2025 20:54:57 +0100
Subject: [PATCH 25/25] Fix integration test `step-security/harden-runner`
 configuration (#1541)

Resolves #1534.
---
 .github/workflows/run-integration-tests.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/run-integration-tests.yml b/.github/workflows/run-integration-tests.yml
index ec5cd5f0..f6aff3fa 100644
--- a/.github/workflows/run-integration-tests.yml
+++ b/.github/workflows/run-integration-tests.yml
@@ -26,10 +26,10 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
+          # XXX: After updating the validation build flags in
+          # `integration-tests/prometheus-java-client.sh`, review whether the
+          # Docker domains specified here can be dropped.
           allowed-endpoints: >
-            # XXX: After updating the validation build flags in
-            # `integration-tests/prometheus-java-client.sh`, review whether the
-            # Docker domains specified here can be dropped.
             api.adoptium.net:443
             auth.docker.io:443
             checkstyle.org:443