Bump the maven group across 7 directories with 14 updates

[dependabot]

Bumps the maven group with 1 update in the /zcommon directory: commons-fileupload:commons-fileupload.
Bumps the maven group with 2 updates in the /zhtml directory: commons-fileupload:commons-fileupload and commons-io:commons-io.
Bumps the maven group with 2 updates in the /zk directory: org.jruby:jruby and org.python:jython.
Bumps the maven group with 2 updates in the /zkplus directory: dom4j:dom4j and org.springframework:spring-core.
Bumps the maven group with 4 updates in the /zksandbox directory: commons-fileupload:commons-fileupload, commons-io:commons-io, org.apache.poi:poi and org.zkoss.zk:zk.
Bumps the maven group with 8 updates in the /zktest directory:

Package	From	To
commons-fileupload:commons-fileupload	1.3.3	1.5
commons-io:commons-io	2.4	2.14.0
org.jruby:jruby	1.1.2	1.7.3
org.python:jython	2.2.1	2.7.2
org.apache.poi:poi	3.17	4.1.1
org.zkoss.zk:zk	8.6.4.1	9.6.0.2
junit:junit	4.12	4.13.1
org.apache.commons:commons-compress	1.18	1.26.0

Bumps the maven group with 1 update in the /zul directory: org.zkoss.zk:zk.

Updates commons-fileupload:commons-fileupload from 1.3.3 to 1.5

Updates commons-fileupload:commons-fileupload from 1.3.3 to 1.5

Updates commons-io:commons-io from 2.4 to 2.14.0

Updates org.jruby:jruby from 1.1.2 to 1.7.3

Commits

• dac429b Bump for 1.7.3
• 40f85f0 JRUBY-6988 and possibly others launcher issues
• 2fa2021 XML Entity expansion protection
• 3dd1c53 Prevent failure in MRI 1.9 to run this and also to actually extract paragraph...
• 9d210e3 * Updated jars for Eclipse
• 82cda78 Support marshaling and unmarshaling strings with repeated encodings
• 040d849 Reduce some spec failures (which strangely are ignoring their tags)
• 016860d Merge pull request #537 from bruceadams/add-epl-text
• 54c1703 Add the complete text of the Eclipse Public License
• ce7c497 Hack jruby-rake-plugin to work on a windows machine
• Additional commits viewable in compare view

Updates org.python:jython from 2.2.1 to 2.7.2

Updates dom4j:dom4j from 1.6 to 1.6.1-brew

Updates org.springframework:spring-core from 5.2.3.RELEASE to 5.2.19.RELEASE

Commits

• 925b078 Release v5.2.19.RELEASE
• 1a03ffe Upgrade to Log4j2 2.16.0
• e954d7f Upgrade to AspectJ 1.9.7, Groovy 2.5.15, BlockHound 1.0.6, SLF4J 1.7.32
• ec13a3f Backported clarifications for SchedulerFactoryBean and cache annotations
• 842f5b3 Declare serialVersionUID on DefaultAopProxyFactory
• 67a4b63 Avoid NPE against null value from toString call
• 354dad6 Avoid early initialization of empty interceptor names
• 0668323 Upgrade to Log4j2 2.15.0
• e03e62c Test status quo for null in varargs in SpEL expressions
• 96a7fc6 Apply LogFormatUtils in more places
• Additional commits viewable in compare view

Updates org.springframework:spring-beans from 5.2.3.RELEASE to 5.2.19.RELEASE

Commits

• 925b078 Release v5.2.19.RELEASE
• 1a03ffe Upgrade to Log4j2 2.16.0
• e954d7f Upgrade to AspectJ 1.9.7, Groovy 2.5.15, BlockHound 1.0.6, SLF4J 1.7.32
• ec13a3f Backported clarifications for SchedulerFactoryBean and cache annotations
• 842f5b3 Declare serialVersionUID on DefaultAopProxyFactory
• 67a4b63 Avoid NPE against null value from toString call
• 354dad6 Avoid early initialization of empty interceptor names
• 0668323 Upgrade to Log4j2 2.15.0
• e03e62c Test status quo for null in varargs in SpEL expressions
• 96a7fc6 Apply LogFormatUtils in more places
• Additional commits viewable in compare view

Updates org.springframework:spring-context from 5.2.3.RELEASE to 5.2.19.RELEASE

Commits

• 925b078 Release v5.2.19.RELEASE
• 1a03ffe Upgrade to Log4j2 2.16.0
• e954d7f Upgrade to AspectJ 1.9.7, Groovy 2.5.15, BlockHound 1.0.6, SLF4J 1.7.32
• ec13a3f Backported clarifications for SchedulerFactoryBean and cache annotations
• 842f5b3 Declare serialVersionUID on DefaultAopProxyFactory
• 67a4b63 Avoid NPE against null value from toString call
• 354dad6 Avoid early initialization of empty interceptor names
• 0668323 Upgrade to Log4j2 2.15.0
• e03e62c Test status quo for null in varargs in SpEL expressions
• 96a7fc6 Apply LogFormatUtils in more places
• Additional commits viewable in compare view

Updates org.springframework:spring-web from 5.2.3.RELEASE to 5.2.19.RELEASE

Commits

• 925b078 Release v5.2.19.RELEASE
• 1a03ffe Upgrade to Log4j2 2.16.0
• e954d7f Upgrade to AspectJ 1.9.7, Groovy 2.5.15, BlockHound 1.0.6, SLF4J 1.7.32
• ec13a3f Backported clarifications for SchedulerFactoryBean and cache annotations
• 842f5b3 Declare serialVersionUID on DefaultAopProxyFactory
• 67a4b63 Avoid NPE against null value from toString call
• 354dad6 Avoid early initialization of empty interceptor names
• 0668323 Upgrade to Log4j2 2.15.0
• e03e62c Test status quo for null in varargs in SpEL expressions
• 96a7fc6 Apply LogFormatUtils in more places
• Additional commits viewable in compare view

Updates org.springframework:spring-webmvc from 5.2.3.RELEASE to 5.2.19.RELEASE

Commits

• 925b078 Release v5.2.19.RELEASE
• 1a03ffe Upgrade to Log4j2 2.16.0
• e954d7f Upgrade to AspectJ 1.9.7, Groovy 2.5.15, BlockHound 1.0.6, SLF4J 1.7.32
• ec13a3f Backported clarifications for SchedulerFactoryBean and cache annotations
• 842f5b3 Declare serialVersionUID on DefaultAopProxyFactory
• 67a4b63 Avoid NPE against null value from toString call
• 354dad6 Avoid early initialization of empty interceptor names
• 0668323 Upgrade to Log4j2 2.15.0
• e03e62c Test status quo for null in varargs in SpEL expressions
• 96a7fc6 Apply LogFormatUtils in more places
• Additional commits viewable in compare view

Updates commons-fileupload:commons-fileupload from 1.3.3 to 1.5

Updates commons-io:commons-io from 2.4 to 2.14.0

Updates org.apache.poi:poi from 3.7 to 4.1.1

Updates org.zkoss.zk:zk from 8.6.4.1 to 9.6.0.2

Commits

• e292dd1 release 9.6.0.2
• 4617154 Update Iceblue Compact version 9.5.1.4
• 13229b8 Add release date in the release-note
• 92a29aa ZK-5150: uploading issue
• 59a5da6 upgrade to 9.5.1.4 version
• 901c4a6 release 9.5.1.3
• 91e3ac2 Update Iceblue Compact version 9.5.1.3
• 92aac40 Add release date in the release-note
• 8ee16de ZK-4860: zkmax/zkex project build failing under maven 3.8.1
• 982c8a4 ZK-4857: Missing right click and double click in hybrid touch mouse mode
• Additional commits viewable in compare view

Updates commons-fileupload:commons-fileupload from 1.3.3 to 1.5

Updates commons-io:commons-io from 2.4 to 2.14.0

Updates org.jruby:jruby from 1.1.2 to 1.7.3

Commits

• dac429b Bump for 1.7.3
• 40f85f0 JRUBY-6988 and possibly others launcher issues
• 2fa2021 XML Entity expansion protection
• 3dd1c53 Prevent failure in MRI 1.9 to run this and also to actually extract paragraph...
• 9d210e3 * Updated jars for Eclipse
• 82cda78 Support marshaling and unmarshaling strings with repeated encodings
• 040d849 Reduce some spec failures (which strangely are ignoring their tags)
• 016860d Merge pull request #537 from bruceadams/add-epl-text
• 54c1703 Add the complete text of the Eclipse Public License
• ce7c497 Hack jruby-rake-plugin to work on a windows machine
• Additional commits viewable in compare view

Updates org.python:jython from 2.2.1 to 2.7.2

Updates org.apache.poi:poi from 3.17 to 4.1.1

Updates org.zkoss.zk:zk from 8.6.4.1 to 9.6.0.2

Commits

• e292dd1 release 9.6.0.2
• 4617154 Update Iceblue Compact version 9.5.1.4
• 13229b8 Add release date in the release-note
• 92a29aa ZK-5150: uploading issue
• 59a5da6 upgrade to 9.5.1.4 version
• 901c4a6 release 9.5.1.3
• 91e3ac2 Update Iceblue Compact version 9.5.1.3
• 92aac40 Add release date in the release-note
• 8ee16de ZK-4860: zkmax/zkex project build failing under maven 3.8.1
• 982c8a4 ZK-4857: Missing right click and double click in hybrid touch mouse mode
• Additional commits viewable in compare view

Updates junit:junit from 4.12 to 4.13.1

Release notes

Sourced from junit:junit's releases.

JUnit 4.13.1

Please refer to the release notes for details.

JUnit 4.13

Please refer to the release notes for details.

JUnit 4.13 RC 2

Please refer to the release notes for details.

JUnit 4.13 RC 1

Please refer to the release notes for details.

JUnit 4.13 Beta 3

Please refer to the release notes for details.

JUnit 4.13 Beta 2

Please refer to the release notes for details.

JUnit 4.13 Beta 1

Please refer to the release notes for details.

Commits

• 1b683f4 [maven-release-plugin] prepare release r4.13.1
• ce6ce3a Draft 4.13.1 release notes
• c29dd82 Change version to 4.13.1-SNAPSHOT
• 1d17486 Add a link to assertThrows in exception testing
• 543905d Use separate line for annotation in Javadoc
• 510e906 Add sub headlines to class Javadoc
• 610155b Merge pull request from GHSA-269g-pwp5-87pp
• b6cfd1e Explicitly wrap float parameter for consistency (#1671)
• a5d205c Fix GitHub link in FAQ (#1672)
• 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
• Additional commits viewable in compare view

Updates org.apache.commons:commons-compress from 1.18 to 1.26.0

Updates org.zkoss.zk:zk from 8.6.4.1 to 9.6.0.2

Commits

• e292dd1 release 9.6.0.2
• 4617154 Update Iceblue Compact version 9.5.1.4
• 13229b8 Add release date in the release-note
• 92a29aa ZK-5150: uploading issue
• 59a5da6 upgrade to 9.5.1.4 version
• 901c4a6 release 9.5.1.3
• 91e3ac2 Update Iceblue Compact version 9.5.1.3
• 92aac40 Add release date in the release-note
• 8ee16de ZK-4860: zkmax/zkex project build failing under maven 3.8.1
• 982c8a4 ZK-4857: Missing right click and double click in hybrid touch mouse mode
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Dependabot couldn't find a pom.xml. Because of this, Dependabot cannot update this pull request.