• [#1548] - redefines PrincipalCollection interface to be intended as immutable by @janitza-mage in https://github.com/apache/shiro/pull/1582
• Fix deprecation warnings by @lprimak in https://github.com/apache/shiro/pull/1630
• Refactor: AssertJ best practices by @timtebeek by @lprimak in https://github.com/apache/shiro/pull/1454
• Set pom version to 3.0.0-SNAPSHOT by @fpapon in https://github.com/apache/shiro/pull/1646
• [#1499] - Deleted Quartz module. by @Himakar in https://github.com/apache/shiro/pull/1581
• Revert "[#1499] - Deleted Quartz module." by @lprimak in https://github.com/apache/shiro/pull/1820
• chore(deps): update to junit 6.0.1 and consolidate junit engine and a… by @lprimak in https://github.com/apache/shiro/pull/2358
• chore(3.x): Migrate to jakarta EE 10 using OpenRewrite by @rgcv in https://github.com/apache/shiro/pull/2224
• [#1585] Migrate to Jakarta EE 10 (3.x) by @rgcv in https://github.com/apache/shiro/pull/2018
• enh[3.x]: Adds default NoAccess configuration to the default filter chain by @lprimak in https://github.com/apache/shiro/pull/2461
• [#1585] Jakarta namespace and java 17 for 3x by @nsoft in https://github.com/apache/shiro/pull/2017
• chore(deps): bump ch.qos.logback:logback-core from 1.5.26 to 1.5.27 by @dependabot[bot] in https://github.com/apache/shiro/pull/2515
• chore(deps-dev): bump io.openliberty.tools:liberty-maven-plugin from 3.11.5 to 3.12.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2513
• chore(deps-dev): bump org.jboss.arquillian.graphene:graphene-webdriver from 3.0.0-alpha.4 to 3.0.0.Final by @dependabot[bot] in https://github.com/apache/shiro/pull/2512
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 by @dependabot[bot] in https://github.com/apache/shiro/pull/2511
• chore(deps): bump the github-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2510
• Enable markdownlint rule MD040 by @jbampton in https://github.com/apache/shiro/pull/2507
• CONTRIBUTING: whitespace cleanup for codeblocks by @jbampton in https://github.com/apache/shiro/pull/2506
• Actions labeler: add label for groovy files by @jbampton in https://github.com/apache/shiro/pull/2491
• Add 3 more pre-commit hooks by @jbampton in https://github.com/apache/shiro/pull/2490
• [3.x] Karaf needs update by @fpapon in https://github.com/apache/shiro/pull/2517
• pre-commit: add markdown-link-check by @jbampton in https://github.com/apache/shiro/pull/2519
• Fix typos in java integration-tests for jakarta-ee by @jbampton in https://github.com/apache/shiro/pull/2520
• chore: regenerate ignored words list codespell.txt by @jbampton in https://github.com/apache/shiro/pull/2521
• Enable markdown-lint rule MD034 by @jbampton in https://github.com/apache/shiro/pull/2522
• markdown-lint: set line length to 180 by @jbampton in https://github.com/apache/shiro/pull/2523
• chore: fix typos in Java tests by @jbampton in https://github.com/apache/shiro/pull/2524
• chore: standardize markdown heading underlines by @jbampton in https://github.com/apache/shiro/pull/2525
• chore: fix spelling / word casing in java docs by @jbampton in https://github.com/apache/shiro/pull/2526
• yamllint enable rule checking for comments by @jbampton in https://github.com/apache/shiro/pull/2527
• [#2489] Add CITATION.cff for Apache Shiro by @iampratap7997-dot in https://github.com/apache/shiro/pull/2518
• gha: actions/checkout set persist-credentials: false by @jbampton in https://github.com/apache/shiro/pull/2532
• chore: remove unneeded duplicate words in java docs by @jbampton in https://github.com/apache/shiro/pull/2531
• gha: pr labeler label more file types by @jbampton in https://github.com/apache/shiro/pull/2530
• Add official pre-commit hook pretty-format-json by @jbampton in https://github.com/apache/shiro/pull/2529
• yamllint add rule checking for braces and brackets by @jbampton in https://github.com/apache/shiro/pull/2528
• chore: standardize XML declarations by @jbampton in https://github.com/apache/shiro/pull/2558
• chore(deps-dev): bump org.apache.maven.plugins:maven-pmd-plugin from 3.26.0 to 3.28.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2555
• misc(java): remove unneeded duplicate words by @jbampton in https://github.com/apache/shiro/pull/2556
• chore(deps): bump org.apache.maven.plugins:maven-war-plugin from 3.4.0 to 3.5.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2553
• chore(deps): bump org.apache.johnzon:johnzon-jsonb from 1.2.21 to 1.2.22 by @dependabot[bot] in https://github.com/apache/shiro/pull/2552
• chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2536
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.12.0 to 2.13.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2551
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2550
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 by @dependabot[bot] in https://github.com/apache/shiro/pull/2548
• chore(deps): bump org.apache.rat:apache-rat-plugin from 0.16.1 to 0.17 by @dependabot[bot] in https://github.com/apache/shiro/pull/2545
• chore(deps-dev): bump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.4.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2533
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2542
• chore(deps): bump ch.qos.logback:logback-core from 1.5.27 to 1.5.28 by @dependabot[bot] in https://github.com/apache/shiro/pull/2541
• chore(deps): bump commons-cli:commons-cli from 1.9.0 to 1.11.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2537
• chore(deps): bump org.apache.karaf.features:framework from 4.4.7 to 4.4.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2540
• yamllint enable rule checking for line length by @jbampton in https://github.com/apache/shiro/pull/2557
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2543
• Add EditorConfig checker with pre-commit by @jbampton in https://github.com/apache/shiro/pull/2559
• chore(deps): bump ch.qos.logback:logback-core from 1.5.28 to 1.5.32 by @dependabot[bot] in https://github.com/apache/shiro/pull/2573
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.32 by @dependabot[bot] in https://github.com/apache/shiro/pull/2572
• chore(deps): bump github/codeql-action from 4.32.2 to 4.32.3 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2564
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.0 to 4.3.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2566
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2571
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2570
• chore(deps): bump bytebuddy.version from 1.18.4 to 1.18.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2568
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.4 to 3.3.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2567
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2565
• chore(deps): bump org.apache.karaf.features:framework from 4.4.9 to 4.4.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2569
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.4.0 to 3.5.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2561
• [#2488] chore: add .gitattributes file for line ending normalization and file… by @lprimak in https://github.com/apache/shiro/pull/2574
• [#1862] [3.0] Support for JDK 25 scoped values by @lprimak in https://github.com/apache/shiro/pull/2485

• @janitza-mage made their first contribution in https://github.com/apache/shiro/pull/1582
• @Himakar made their first contribution in https://github.com/apache/shiro/pull/1581
• @rgcv made their first contribution in https://github.com/apache/shiro/pull/2224
• @nsoft made their first contribution in https://github.com/apache/shiro/pull/2017
• @iampratap7997-dot made their first contribution in https://github.com/apache/shiro/pull/2518

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.1.0...shiro-root-3.0.0-alpha-1

• d8c55c1: [dotnet][rb][java][js][py] Automated Browser Version Update (#17126) (Selenium CI Bot) #17126
• e54d3e7: [py] Add return type annotation to execute_script and execute_async_script (#17117) (Adam Dangoor) #17117
• 7228988: [dotnet] [bidi] Expose functionality via interface (#17127) (Nikolay Borisenko) #17127

• 4adf92c: [dotnet][rb][java][js][py] Automated Browser Version Update (#17123) (Selenium CI Bot) #17123
• 404100c: [dotnet] [bidi] Unify all event arguments to be *EventArgs (#17125) (Nikolay Borisenko) #17125

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.1035...7.20.0-rc.1036

• a5656e7: Update mirror info (Fri Feb 20 16:08:24 UTC 2026) (Selenium CI Bot)
• 6a6822e: [build] fix author file generation (Titus Fortner)
• 7eb69a0: [build] do not let shell commands fail silently in rake tasks (Titus Fortner)
• f9d2e1a: [build] changelogs job needs to compare tags (Titus Fortner)
• 18e249b: [build] manage rust changelogs separately (Titus Fortner)
• 1a2b647: [build] update java release to use publishing type automatic (Titus Fortner)
• ba48e1d: [build] only run mirror-selenium after releases (Titus Fortner)

• c67fc31: Update mirror info (Fri Feb 20 12:14:17 UTC 2026) (Selenium CI Bot)
• e5fc4e5: [rust][rb] Update lock files with new versions (#17118) (Corey Goldberg) #17118

• 02ec15f: [rb] Update dependencies (#17111) (Corey Goldberg) #17111
• aac9a28: [py] Update test to check it's an integer rather than a value (#17114) (David Burns) #17114
• 20de9b9: [build] stage changes to an ephemeral staging branch since not all updates are independent (Titus Fortner)
• 3a680a3: [build] ignore the staging branch for the PR and apply all patches in order (Titus Fortner)
• 9aff5c7: [build] cannot invoke a rake task twice by default (Titus Fortner)
• 755d44c: [build] put cdp version support in changelogs (Titus Fortner)
• 4592f1b: [build] ci-python jobs not currently matching by default (Titus Fortner)
• 89c5993: [build] fix auto-updating of browsers (Titus Fortner)
• d5f22ec: [java] mark tests passing in latest chrome beta (Titus Fortner)
• 9fc754f: [build] Prepare for release of selenium-4.41.0 (#17098) (Selenium CI Bot) #17098
• 6865ab3: [build] Reset versions to nightly after 4.41.0 release (Titus Fortner)
• 8113a82: [dotnet][rb][java][js][py] Automated Browser Version Update (#17116) (Selenium CI Bot) #17116

Java     |     Python     |     DotNet     |     Ruby     |     JavaScript

Full Changelog: https://github.com/SeleniumHQ/selenium/compare/selenium-4.40.0...selenium-4.41.0

While all features are tested and we consider them ready to be used, we don't guarantee that this is a stable version: this means there will be more breaking changes until we reach 26.0.

This version is intended for testing and providing feedback to the GraphQL Java team.

• Validation rules consolidated into single OperationValidator — The 31 individual rule classes in graphql.validation.rules.*, AbstractRule, and RulesVisitor have been removed. The rule filtering predicate type changed from Predicate<Class<?>> to Predicate<OperationValidationRule> (a new @PublicApi enum). Code that filters rules by class reference must migrate to the enum. (#4228)

• DirectiveInfo class removed — Use Directives.isBuiltInDirective() and Directives.BUILT_IN_DIRECTIVES instead. GraphQLSchema.Builder.clearDirectives() has also been removed — all 7 built-in directives are now always present. Built-in directives now consistently appear first in schema.getDirectives(). (#4229)

• JSpecify nullability annotations — big wave 2 — ~50 classes annotated with @NullMarked and @Nullable. This may surface new warnings or errors in projects using NullAway or Kotlin. (#4184)

• 23-39% execution throughput improvement — Reduce allocations in Async$Many (zero-copy list), ResultPath (lazy toString()), and GraphQLCodeRegistry (fast-path DataFetcher lookup avoiding throwaway FieldCoordinates allocation). (#4252)

• 14-40% faster validation — Single OperationValidator eliminates per-rule visitor overhead and reduces collection allocations on hot paths. (#4228)

• feat: GraphQLSchema.FastBuilder for high-performance schema construction by @rstata in https://github.com/graphql-java/graphql-java/pull/4197
• Add OneOf inhabitability validation by @jbellenger in https://github.com/graphql-java/graphql-java/pull/4248
• Call onExceptionHandled in ChainedInstrumentation by @tinnou in https://github.com/graphql-java/graphql-java/pull/4207
• New transformSchemaWithDeletes method for complex deletion cases in https://github.com/graphql-java/graphql-java/pull/4209

• Fix ExecutableNormalizedField to respect GraphqlFieldVisibility by @Samjin in https://github.com/graphql-java/graphql-java/pull/4204
• Fix type collecting for indirect references in https://github.com/graphql-java/graphql-java/pull/4213
• Fix and improve field visibility in https://github.com/graphql-java/graphql-java/pull/4212
• Code-built schemas now perform deprecated non-null field validations (same as SDL-built) in https://github.com/graphql-java/graphql-java/pull/4194
• Remove incorrect @Nullable from GraphQLSchema.getCodeRegistry() in https://github.com/graphql-java/graphql-java/pull/4247

• AST directives holder has a toString() in https://github.com/graphql-java/graphql-java/pull/4195
• Add documentation and test for additionalTypes in GraphQLSchema in https://github.com/graphql-java/graphql-java/pull/4208
• Build and test using Java 25 by @yeikel in https://github.com/graphql-java/graphql-java/pull/4173
• Update Objenesis, Spock and Groovy by @m1ngyuan in https://github.com/graphql-java/graphql-java/pull/4240
• Bump Gradle wrapper to 9.3.1, Shadow to 9.3.1, Kotlin to 2.3.0

• @jbellenger made their first contribution in https://github.com/graphql-java/graphql-java/pull/4248
• @rstata made their first contribution in https://github.com/graphql-java/graphql-java/pull/4197
• @Samjin made their first contribution in https://github.com/graphql-java/graphql-java/pull/4204
• @m1ngyuan made their first contribution in https://github.com/graphql-java/graphql-java/pull/4240
• @yeikel made their first contribution in https://github.com/graphql-java/graphql-java/pull/4173

Full Changelog: https://github.com/graphql-java/graphql-java/compare/v26.0.beta-1...v26.0.beta-2

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.1034...7.20.0-rc.1035