fix(deps): bump the prod-deps group across 1 directory with 7 updates

[dependabot]

Bumps the prod-deps group with 7 updates in the / directory:

Package	From	To
org.junit:junit-bom	6.0.1	6.0.3
org.apache.logging.log4j:log4j-bom	2.25.2	2.25.3
io.vertx:vertx-stack-depchain	5.0.5	5.0.8
org.testcontainers:testcontainers-bom	1.20.6	2.0.3
org.folio:mod-configuration-client	5.12.0	5.12.1
org.aspectj:aspectjrt	1.9.25	1.9.25.1
org.aspectj:aspectjtools	1.9.25	1.9.25.1

Updates org.junit:junit-bom from 6.0.1 to 6.0.3

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.0.3 = Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.2...r6.0.3

JUnit 6.0.2 = Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.1...r6.0.2

Commits

• 36e3253 Release 6.0.3
• 295561f Finalize 6.0.3 release notes
• ea18076 Fix deadlock in NamespacedHierarchicalStore.computeIfAbsent() (#5348)
• 869e232 Add 5.14.3 release notes
• d4b34c4 Fix links to User Guide
• 5c8fb0f Reliably support JRE.OTHER with @⁠EnabledOnJre and @⁠DisabledOnJre
• febb13f Check out entire repo so switching to main branch works in last step
• 71fba90 Install poppler-utils for pdfinfo
• 740e9e0 Update API baseline
• 2ba535f Use release branch of examples repo
• Additional commits viewable in compare view

Updates org.apache.logging.log4j:log4j-bom from 2.25.2 to 2.25.3

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.25.3

This patch release addresses issues detailed in the changelog below. In particular, it includes an important fix for the host name verification in SSL/TLS configuration. This is used by Socket Appender.

Changed

• Optimize DefaultThreadContextMap.getCopy() performance by avoiding megamorphic calls in HashMap constructor (#3935, #3939)

Fixed

• Fix GraalVM metadata for nested classes to use binary names instead of canonical names (#3871, #3996)
• Fix failures caused by null SslConfiguration (#3947, #3953)
• Fix incorrect handling of the host name verification in SSL/TLS configuration, which is used by Socket Appender when SSL/TLS is enabled (#4002)

Removed

• Remove the com.github.spotbugs:spotbugs-annotations dependency (#3984, #3985)

Commits

• 028e9fa Update the project.build.outputTimestamp property
• 5350d10 Fix host name verification in SSLSocketManager (#4002)
• e2898a0 Fix @Version annotations
• 041435d Get ready for the 2.25.3 release
• 73db4fb Fix log message in ApiLogger::setUseParentHandlers (#3943)
• 6076b16 Fix nullability issues in SslConfiguration (#3953)
• 8d43a99 Remove the com.github.spotbugs:spotbugs-annotations dependency (#3984, #3985)
• 78dc01d Use binary names in GraalVmProcessor (#3996)
• c09b012 Optimize DefaultThreadContextMap.getCopy() performance (#3939)
• See full diff in compare view

Updates io.vertx:vertx-stack-depchain from 5.0.5 to 5.0.8

Updates org.testcontainers:testcontainers-bom from 1.20.6 to 2.0.3

Release notes

Sourced from org.testcontainers:testcontainers-bom's releases.

2.0.3

What's Changed

• Update questdb/questdb image version to 9.2.2 (#11347) @​eddumelendez
• Fix GitHub-Action Generate PR descriptions (#11129) @​JackPGreen
• Update testcontainers version to ${GITHUB_REF##*/} (#11220) @github-actions[bot]
• Update docs version to ${GITHUB_REF##*/} (#11221) @github-actions[bot]

🐛 Bug Fixes

• Fix compatibility with older Docker Engines by falling back to v1.32 (#11346) @​eddumelendez

📖 Documentation

• Dead links in CircleCI reference documentation (#10789) @​JohnWill14

📦 Dependency updates

• Combined dependencies PR (#11353) @​eddumelendez
• Combined dependencies PR (#11352) @​eddumelendez
• Combined dependencies PR (#11341) @​eddumelendez
• Combined dependencies PR (#11334) @​eddumelendez
• Combined dependencies PR (#11333) @​eddumelendez
• Combined dependencies PR (#11332) @​eddumelendez
• Combined dependencies PR (#11323) @​eddumelendez

2.0.2

What's Changed

• Update docker image version to 25.0.5 (#11219) @​eddumelendez
• Set default docker API version to 1.44 (#11216) @​eddumelendez
• Fix ollama example (#11217) @​eddumelendez
• Update testcontainers version to ${GITHUB_REF##*/} (#11125) @github-actions[bot]
• Update docs version to ${GITHUB_REF##*/} (#11126) @github-actions[bot]

🐛 Bug Fixes

• Optimize ScriptSplitter from O(n*m) to O(1) when initializing database (#11130) @​hspragg-godaddy

📖 Documentation

• Update kotest-extensions-testcontainers link (#11138) @​noojung

🧹 Housekeeping

• Add getBaseUrl() to NginxContainer using NGINX_DEFAULT_PORT (#11137) @​ghusta

... (truncated)

Commits

• 43c6a97 Combined dependencies PR (#11353)
• 7778cc5 Merge remote-tracking branch 'origin/dependabot/gradle/modules/activemq/org.a...
• 30b043f Merge remote-tracking branch 'origin/dependabot/gradle/modules/db2/com.ibm.db...
• 17d570b Merge remote-tracking branch 'origin/dependabot/gradle/modules/elasticsearch/...
• 47e9ae5 Merge remote-tracking branch 'origin/dependabot/gradle/modules/gcloud/com.goo...
• f34ab26 Merge remote-tracking branch 'origin/dependabot/gradle/modules/couchbase/com....
• ac66ad6 Merge remote-tracking branch 'origin/dependabot/gradle/modules/activemq/org.a...
• b6a1f28 Merge remote-tracking branch 'origin/dependabot/gradle/modules/milvus/io.milv...
• 6a99624 Merge remote-tracking branch 'origin/dependabot/gradle/modules/influxdb/com.i...
• 4ff0770 Merge remote-tracking branch 'origin/dependabot/gradle/modules/grafana/io.mic...
• Additional commits viewable in compare view

Updates org.folio:mod-configuration-client from 5.12.0 to 5.12.1

Release notes

Sourced from org.folio:mod-configuration-client's releases.

v5.12.1

• MODCONF-155 RMB 35.4.1 Logging improvements
• MODCONF-158 Vert.x 4.5.25 RMB 35.4.2 fixing CVE-2025-67735 Netty CRLF

Changelog

Sourced from org.folio:mod-configuration-client's changelog.

5.12.1 2026-02-19

Sunflower release with dependency upgrades only:

• MODCONF-155 RMB 35.4.1 Logging improvements
• MODCONF-158 Vert.x 4.5.25 RMB 35.4.2 fixing CVE-2025-67735 Netty CRLF

Commits

• 8d72a1b [maven-release-plugin] prepare release v5.12.1
• 2fcda1c NEWS for 5.12.1 (Sunflower)
• c5b28cf Merge pull request #170 from folio-org/MODCONF-158
• f64109b MODCONF-158: Vert.x 4.5.25 RMB 35.4.2 fixing CVE-2025-67735 Netty CRLF
• 6c942d4 Merge pull request #168 from folio-org/MODCONF-155
• e9d2dc5 MODCONF-155: Sunflower CSP - RMB 35.4.1 Logging improvements
• bd82f65 Set version to 5.12.1-SNAPSHOT
• c773a21 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates org.aspectj:aspectjrt from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjrt's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.aspectj:aspectjtools from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjtools's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.aspectj:aspectjtools from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjtools's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions