🐛 Bug Fixes

• Undo some changes TrackingFileManager happened in 1.9.25 (#1801) @cstamas
• Catch IOException with message "Resource deadlock avoided" which can happen on Unix level when multiple process try to lock same file (#1799) @olamy
• Set content length for PUT in JDK transport (#1798) @cstamas

🐛 Bug Fixes

• Sync TrackingFileManager with 2.x (#1802) @cstamas

🚀 New features and improvements

• Align configuration properties and more (#1785) @cstamas
• Better checksum control (#1784) @cstamas
• JDK Transport: Do no longer leverage temp file for transfering artifact (#1755) @kwin
• Log retries in JDK HTTP Client (#1778) @kwin
• GH-1773: Treat 410 Gone as 404 Not Found (#1775) @cstamas
• GH-1737: Revert partially parallel upload change (#1765) @cstamas
• Update to Jetty 12.1 (#1748) @kwin
• Add retries for JDK HTTP client (#1735) @kwin

🐛 Bug Fixes

• Minor bugfix: If proxy host cannot be resolved, fail (#1793) @cstamas
• GH-1768 Drastically simplify auth caching (#1791) @cstamas
• Fix preemptive proxy authentication in JDK Client (#1766) @kwin

📝 Documentation updates

• Document how resolver works internally (#1794) @cstamas
• Improve clarity and correctness in RRF documentation (#1795) @elharo
• Document known transport issues (#1792) @cstamas
• Clarify description of JDK Transport modules (#1767) @kwin
• Remove generated configuration.md from Git (#1769) @kwin
• Fix typos and improve clarity in using resolver docs (#1713) @elharo

👻 Maintenance

• Fix javadoc errors on new class (#1796) @cstamas
• Update parent 46 (#1742) @cstamas

📦 Dependency updates

• Bump sisuVersion from 0.9.0.M4 to 1.0.0 (#1789) @dependabot[bot]
• Bump org.redisson:redisson from 4.1.0 to 4.2.0 (#1787) @dependabot[bot]
• Deps: Jetty 12.1.6 (#1779) @cstamas
• Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 (#1777) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-xml from 4.1.0 to 4.1.1 (#1759) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.3 to 0.25.4 (#1745) @dependabot[bot]
• Bump biz.aQute.bnd:bnd-maven-plugin from 7.2.0 to 7.2.1 (#1746) @dependabot[bot]
• Update to Jetty 12.1 (#1748) @kwin
• Bump org.apache.maven:maven-parent from 46 to 47 (#1749) @dependabot[bot]
• Bump roasterVersion from 2.30.3.Final to 2.31.0.Final (#1729) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.1 to 0.25.3 (#1740) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-testing from 2.0.2 to 2.1.0 (#1730) @dependabot[bot]
• Bump com.github.mizosoft.methanol:methanol from 1.8.4 to 1.9.0 (#1723) @dependabot[bot]
• Bump org.redisson:redisson from 4.0.0 to 4.1.0 (#1728) @dependabot[bot]
• Bump org.redisson:redisson from 3.52.0 to 4.0.0 (#1717) @dependabot[bot]
• Bump testcontainersVersion from 2.0.2 to 2.0.3 (#1715) @dependabot[bot]
• Bump biz.aQute.bnd:bnd-maven-plugin from 7.1.0 to 7.2.0 (#1726) @dependabot[bot]
• Bump org.codehaus.mojo:exec-maven-plugin from 3.6.2 to 3.6.3 (#1721) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.0 to 0.25.1 (#1722) @dependabot[bot]
• Bump org.ow2.asm:asm from 9.9 to 9.9.1 (#1716) @dependabot[bot]
• Bump maven3Version from 3.9.11 to 3.9.12 (#1718) @dependabot[bot]

🚀 New features and improvements

• GH-1773: Treat 410 Gone as 404 Not Found (#1774) @cstamas
• GH-1737: Revert partially parallel upload change (#1764) @cstamas

🐛 Bug Fixes

• GH-1768 Drastically simplify auth caching (#1790) @cstamas
• [1.9.x] Bug: GH-1703 Locally cached artifacts defy RRF (#1708) @cstamas

📝 Documentation updates

• Clarify that HTTP Transport uses Apache HTTP Client (#1725) @kwin

📦 Dependency updates

• Bump sisuVersion from 0.9.0.M4 to 1.0.0 (#1788) @dependabot[bot]
• Bump org.redisson:redisson from 4.1.0 to 4.2.0 (#1786) @dependabot[bot]
• Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 (#1776) @dependabot[bot]
• Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.26 to 1.27 (#1756) @dependabot[bot]
• Bump org.apache.maven:maven-parent from 46 to 47 (#1750) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.3 to 0.25.4 (#1747) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.1 to 0.25.3 (#1741) @dependabot[bot]
• Bump org.apache.maven:maven-parent from 45 to 46 (#1734) @dependabot[bot]
• Bump org.redisson:redisson from 4.0.0 to 4.1.0 (#1727) @dependabot[bot]
• Bump org.redisson:redisson from 3.52.0 to 4.0.0 (#1720) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.0 to 0.25.1 (#1724) @dependabot[bot]
• Bump mavenVersion from 3.9.11 to 3.9.12 (#1719) @dependabot[bot]

🚀 New features and improvements

• Enhance RRF (#1709) @cstamas
• Locking inhibitor SPI (#1696) @cstamas
• Repository Key Function SPI (#1679) @cstamas
• GH-1668: Add catch-all for group filter (#1694) @cstamas
• Remote repository intent (#1680) @cstamas
• Name mappers cleanup and new GAECV mapper (#1677) @cstamas
• Remove hack from Basic connector (#1676) @cstamas
• HTTP compression support in Java Http Client (#1627) @kwin
• Support preemptive authentication with Java HTTP Client (#1625) @kwin

🐛 Bug Fixes

• Bug: GH-1711 make sure last wins (#1712) @cstamas
• Bug: GH-1703 Gaps in G segments resets result (#1706) @cstamas
• Bug: GH-1703 Locally cached artifacts defy RRF (#1707) @cstamas
• Bug: depMgt in manager was "last wins" instead of "first wins" (#1702) @cstamas
• Bugfix: Prioritized Components Cache change detection got removed (#1698) @cstamas
• TrackingFileManager changes (#1692) @cstamas
• Make filters daemon friendly (#1681) @cstamas
• Fix locking issues (#1660) @cstamas
• Bug: Filter fixes (#1655) @cstamas
• Fix automatic module names and missing methanol (#1651) @cstamas
• ScopeManager: do not interfere with session graph transformer (#1650) @cstamas
• GH-1646 bugfix for filter support in ADNC (#1647) @cstamas
• Set the request timeout with Java HTTP Client (#1633) @kwin

📝 Documentation updates

• Fix typos and improve clarity in using resolver docs (#1713) @elharo

👻 Maintenance

• Test: Increase IPC test timeout (#1710) @cstamas
• Use try-with for resource in test HttpServer (#1521) (#1686) @martins-avots
• Cleanup prefix and others (#1670) @cstamas
• Maven Resolver lockrepro (#1665) @cstamas
• Update GH CI (#1658) @cstamas

📦 Dependency updates

• Update test tools (#1705) @cstamas
• Bump org.mockito:mockito-core from 5.20.0 to 5.21.0 (#1704) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1697) @dependabot[bot]
• Bump bouncycastleVersion from 1.82 to 1.83 (#1693) @dependabot[bot]
• Update to SigStore 2.0.0 (#1685) @cstamas
• Bump org.jboss.forge.roaster:roaster-api from 2.30.1.Final to 2.30.3.Final (#1687) @dependabot[bot]
• Bump org.jboss.forge.roaster:roaster-jdt from 2.30.1.Final to 2.30.3.Final (#1688) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.24.2 to 0.25.0 (#1689) @dependabot[bot]
• Bump okhttpVersion from 5.3.1 to 5.3.2 (#1678) @dependabot[bot]
• Bump okhttpVersion from 5.3.0 to 5.3.1 (#1672) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#1673) @dependabot[bot]
• Bump commons-codec:commons-codec from 1.19.0 to 1.20.0 (#1652) @dependabot[bot]
• Bump okhttpVersion from 5.2.1 to 5.3.0 (#1645) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-testing from 1.7.0 to 2.0.1 (#1642) @dependabot[bot]
• Bump org.codehaus.mojo:exec-maven-plugin from 3.6.1 to 3.6.2 (#1638) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.23.1 to 0.24.2 (#1628) @dependabot[bot]
• Bump com.github.mizosoft.methanol:methanol from 1.8.3 to 1.8.4 (#1634) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-testing from 1.6.0 to 1.7.0 (#1635) @dependabot[bot]
• Bump okhttpVersion from 5.1.0 to 5.2.1 (#1626) @dependabot[bot]

🚀 New features and improvements

• Add scope support for trusted checksums (#1700) @slawekjaranowski
• [1.9.x] Name mappers cleanup and new GAECV mapper (#1674) @cstamas
• [1.9.x] Proper metadata locking support (#1669) @cstamas
• Ability to augment metadata nature for version range request (#1518) @cstamas

🐛 Bug Fixes

• [1.9.x] TrackingFileManager changes (#1695) @cstamas
• [1.9.x] Maven filters daemon friendly (#1682) @cstamas
• [1.9.x] Remove hack from Basic connector (#1675) @cstamas
• [1.9.x] Fix locking issues (#1662) @cstamas

📝 Documentation updates

• Updated the documentation to reflect the current list of name mappers (#1699) @slawekjaranowski

👻 Maintenance

• [1.9.x] Mild backport: support same properties as Resolver 2.x (#1656) @cstamas
• [1.9.x] Maven resolver lockrepro (#1664) @cstamas
• Bugfix: Java 25 broke test (#1657) @cstamas

📦 Dependency updates

• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.24.2 to 0.25.0 (#1690) @dependabot[bot]
• Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.24 to 1.26 (#1624) @dependabot[bot]
• Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.23.1 to 0.24.2 (#1630) @dependabot[bot]
• Bump commons-codec:commons-codec from 1.19.0 to 1.20.0 (#1653) @dependabot[bot]
• Bump org.redisson:redisson from 3.51.0 to 3.52.0 (#1602) @dependabot[bot]
• Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre (#1592) @dependabot[bot]
• Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 (#1580) @dependabot[bot]
• Bump org.redisson:redisson from 3.50.0 to 3.51.0 (#1559) @dependabot[bot]
• Bump jettyVersion from 9.4.57.v20241219 to 9.4.58.v20250814 (#1551) @dependabot[bot]
• Bump commons-codec:commons-codec from 1.18.0 to 1.19.0 (#1536) @dependabot[bot]
• Bump mavenVersion from 3.9.10 to 3.9.11 (#1532) @dependabot[bot]

⚠️ Deprecated

• Deprecate methods that are completely unused or not used outside this… (#1581) @elharo

🚀 New features and improvements

• Stop proliferation of static helper IO methods (#1612) @cstamas
• Make levelOrder the default visitor (#1593) @cstamas
• Improvement: Improve filters logging and lessen noise (#1586) @cstamas

🐛 Bug Fixes

• GH-1609 Bad metadata naming (#1610) @cstamas
• Fix for transitive depManager (#1589) @cstamas
• Bug: Reproducer and fix for #1583 (#1585) @cstamas

📝 Documentation updates

• Document deployment of artifacts (#1588) @kwin
• Oracle javadoc guidelines (#1582) @elharo

👻 Maintenance

• GH-1603 Deprecate Hazelcast support (#1615) @cstamas
• Return JimFS in demo (#1606) @cstamas
• POM tidy up (#1604) @cstamas
• Fix JDK transport mr JAR sources (#1597) @cstamas
• Javadoc fixes (#1596) @cstamas
• Go back to atomic (#1594) @cstamas
• feat: enable prevent branch protection rules (#1563) @sebtiem

📦 Dependency updates

• Bump org.ow2.asm:asm from 9.8 to 9.9 (#1618) @dependabot[bot]
• Bump org.codehaus.mojo:exec-maven-plugin from 3.6.0 to 3.6.1 (#1616) @dependabot[bot]
• Bump org.codehaus.mojo:exec-maven-plugin from 3.5.1 to 3.6.0 (#1607) @dependabot[bot]
• Update MinIO to 8.6.0 (#1605) @cstamas
• Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#1600) @dependabot[bot]
• Bump org.redisson:redisson from 3.51.0 to 3.52.0 (#1601) @dependabot[bot]
• Bump org.mockito:mockito-core from 5.19.0 to 5.20.0 (#1598) @dependabot[bot]
• Bump bouncycastleVersion from 1.81 to 1.82 (#1591) @dependabot[bot]
• Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre (#1590) @dependabot[bot]
• Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 (#1579) @dependabot[bot]

⚠️ Deprecated

• Deprecate test methods that are in JUnit and/or the JDK (#1530) @elharo

🚀 New features and improvements

• Make RRF enabled by default (#1575) @cstamas
• Fixes regarding nearest/highest strategies and test (#1565) @cstamas
• Repository ID handling improvement (#1570) @cstamas
• Resolver 2 provides scope manager for mvn3 (#1568) @cstamas
• ConflictResolver improvements (#1558) @cstamas
• Profiling: most hot spots and possibly wasted thread. (#1555) @cstamas
• Resolver Thread management (#1541) @cstamas
• ConflictProcessor; tidy up (#1546) @cstamas
• Simplify filters (#1544) @cstamas
• DependencyManager improvement (#1539) @cstamas
• Ingest Maveniverse Heimdall (#1540) @cstamas
• ConflictResolver improvements, preparations (#1542) @cstamas
• Add scope support for trusted checksums (#1543) @cstamas
• Add more filters; open classes up (#1516) @cstamas
• Ability to augment metadata nature for version range request (#1517) @cstamas

🐛 Bug Fixes

• Prefix file magic detection (#1550) @cstamas
• fix class we log (#1527) @elharo
• Fixes for IPC (#1514) @cstamas

👻 Maintenance

• feat: enable prevent branch protection rules (#1563) @sebtiem
• Fix site (#1578) @cstamas
• Update CI (#1571) @cstamas
• Update to Maven 4.0.0-rc-4 and cleanup p-u usage (#1548) @cstamas
• Create missing output directory in CollectConfiguration (#1534) @slawekjaranowski

📦 Dependency updates

• Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 (#1579) @dependabot[bot]
• Bump org.redisson:redisson from 3.50.0 to 3.51.0 (#1560) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-testing from 1.5.0 to 1.6.0 (#1557) @dependabot[bot]
• Bump org.mockito:mockito-core from 5.18.0 to 5.19.0 (#1556) @dependabot[bot]
• Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#1538) @dependabot[bot]
• Bump commons-codec:commons-codec from 1.18.0 to 1.19.0 (#1535) @dependabot[bot]
• Bump maven3Version from 3.9.10 to 3.9.11 (#1533) @dependabot[bot]
• Bump com.google.jimfs:jimfs from 1.3.0 to 1.3.1 (#1529) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#1526) @dependabot[bot]
• Bump testcontainersVersion from 1.21.2 to 1.21.3 (#1513) @dependabot[bot]

🚀 New features and improvements

• Add caching for GenericVersion instances in GenericVersionScheme (#1498) @gnodet
• Refine performance (alt) (#1508) @cstamas
• Metadata type out of coordinates (#1491) @cstamas
• Intern context strings (#1488) @cstamas
• Copy in copy method; otherwise reuse (#750) @cstamas
• DepMgr hashCode handling (#749) @cstamas

🐛 Bug Fixes

• Use GET() and PUT() instead of method() (#740) @cstamas

👻 Maintenance

• Align guice with Maven (#748) @cstamas
• Enable Github issues (#734) @Bukama

📦 Dependency updates

• Bump org.apache.maven:maven-parent from 44 to 45 (#1499) @cstamas
• Bump org.redisson:redisson from 3.49.0 to 3.50.0 (#1493) @dependabot[bot]
• Bump testcontainersVersion from 1.21.1 to 1.21.2 (#1497) @dependabot[bot]
• Bump bouncycastleVersion from 1.80 to 1.81 (#744) @dependabot[bot]
• Bump org.codehaus.mojo:build-helper-maven-plugin from 3.6.0 to 3.6.1 (#743) @dependabot[bot]
• Bump org.mockito:mockito-core from 5.17.0 to 5.18.0 (#726) @dependabot[bot]
• Bump sisuVersion from 0.9.0.M3 to 0.9.0.M4 (#727) @dependabot[bot]
• Bump testcontainersVersion from 1.21.0 to 1.21.1 (#733) @dependabot[bot]
• Bump org.redisson:redisson from 3.46.0 to 3.49.0 (#737) @dependabot[bot]
• Bump maven3Version from 3.9.9 to 3.9.10 (#741) @dependabot[bot]
• Bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.5.1 (#731) @dependabot[bot]

🚀 New features and improvements

• Metadata type out of coordinates (#1503) @cstamas
• RFC9457 implementation (#1502) @doddi
• Intern context strings (#1500) @slawekjaranowski

👻 Maintenance

• Align plexus-util version with Maven (#1506) @slawekjaranowski
• Align guice version with Maven (#1505) @slawekjaranowski
• Enable Github Issues (1.9.x branch) (#735) @Bukama

📦 Dependency updates

• Bump org.redisson:redisson from 3.46.0 to 3.50.0 (#1495) @dependabot[bot]
• Bump sisuVersion from 0.9.0.M3 to 0.9.0.M4 (#725) @dependabot[bot]
• Bump org.apache.maven:maven-parent from 44 to 45 (#1496) @dependabot[bot]
• Bump mavenVersion from 3.9.9 to 3.9.10 (#738) @dependabot[bot]