dependabot[bot] opened a new pull request, #480: URL: https://github.com/apache/opennlp-sandbox/pull/480
Bumps [org.json:json](https://github.com/douglascrockford/JSON-java) from 20251224 to 20260522. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/douglascrockford/JSON-java/releases";>org.json:json's releases</a>.</em></p> <blockquote> <h2>20260522</h2> <table> <thead> <tr> <th>Pull Request</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1054";>#1054</a></td> <td>pre-release-20260522 prep for next release</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1053";>#1053</a></td> <td>update security.md with key data</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1046";>#1046</a></td> <td>Validate XML numeric character references before string construction</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1044";>#1044</a></td> <td>Ignore static fields in JSONObject.fromJson()</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1041";>#1041</a></td> <td>Enhance README with license clarification</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1039";>#1039</a></td> <td>Fix XML forceList parsing issue</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1038";>#1038</a></td> <td>Fix input validation in XMLTokener.unescapeEntity()</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1037";>#1037</a></td> <td>Fix ClassCastException in JSONML.toJSONArray and toJSONObject</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1029";>#1029</a></td> <td>add badge to external hosted javadoc</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1028";>#1028</a></td> <td>Refactoring: Fix sonarqube reliability issues</td> </tr> <tr> <td><a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1027";>#1027</a></td> <td>Save/restore default locale in test</td> </tr> </tbody> </table> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md";>org.json:json's changelog</a>.</em></p> <blockquote> <p>20260522 Publish key data, recent commits for minor fixes</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/stleary/JSON-java/commit/968a592260c49151dd0bf79903a7986da64c63cd";><code>968a592</code></a> Merge pull request <a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1054";>#1054</a> from stleary/pre-release-20260522</li> <li><a href="https://github.com/stleary/JSON-java/commit/3665aad82b41961d21901dac485a571fc1ea0828";><code>3665aad</code></a> pre-release-20260522 doc and build updates for release</li> <li><a href="https://github.com/stleary/JSON-java/commit/d749ee16abd084ae94785c7afe954de25d921a5d";><code>d749ee1</code></a> Merge pull request <a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1053";>#1053</a> from stleary/update-security-md-with-key</li> <li><a href="https://github.com/stleary/JSON-java/commit/649598338f5c7ed3bb8891e1d74ef589f9d0617e";><code>6495983</code></a> update-security-md-with-key new security.md file, also fixed 1000 level jsona...</li> <li><a href="https://github.com/stleary/JSON-java/commit/896ce0fb74b529ceb8618cb64cf63dec67a56e61";><code>896ce0f</code></a> Merge pull request <a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1046";>#1046</a> from yuki-matsuhashi/master</li> <li><a href="https://github.com/stleary/JSON-java/commit/187706978099ef7f201ce04fb8ffd507a7d8b405";><code>1877069</code></a> Validate XML numeric character references before string construction</li> <li><a href="https://github.com/stleary/JSON-java/commit/b959027aa2e0f2757ffa53f3941e729590df90ea";><code>b959027</code></a> Merge pull request <a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1044";>#1044</a> from yuki-matsuhashi/1043-ignore-static</li> <li><a href="https://github.com/stleary/JSON-java/commit/039f331d7d9baac6c5568fd4087be96f28eedc65";><code>039f331</code></a> Add comment for empty test constructor</li> <li><a href="https://github.com/stleary/JSON-java/commit/94e340002b6cee528e0dc153fc9eca276286b571";><code>94e3400</code></a> Ignore static fields in JSONObject.fromJson()</li> <li><a href="https://github.com/stleary/JSON-java/commit/6230128f59a680ae2cedb845d6d9962fd1c40eb5";><code>6230128</code></a> Merge pull request <a href="https://redirect.github.com/douglascrockford/JSON-java/issues/1041";>#1041</a> from stleary/license-clarification</li> <li>Additional commits viewable in <a href="https://github.com/douglascrockford/JSON-java/compare/20251224...20260522";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
