Bump the dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the dependencies group with 7 updates in the / directory:

Package	From	To
io.jooby:jooby-bom	4.0.15	4.0.16
io.jooby:jooby-maven-plugin	4.0.15	4.0.16
io.modelcontextprotocol.sdk:mcp	0.18.1	1.0.0
com.fasterxml.jackson.core:jackson-databind	2.21.0	2.21.1
com.palantir.javapoet:javapoet	0.11.0	0.12.0
io.swagger.core.v3:swagger-annotations	2.2.42	2.2.44
org.apache.maven.plugins:maven-shade-plugin	3.6.1	3.6.2

Updates io.jooby:jooby-bom from 4.0.15 to 4.0.16

Release notes

Sourced from io.jooby:jooby-bom's releases.

jooby 4.0.16

What's Changed

• jakarta default value support by @​kliushnichenko in jooby-project/jooby#3844
• build(deps): bump the dependencies group across 1 directory with 18 updates by @​dependabot[bot] in jooby-project/jooby#3846
• add missing form() with default value by @​kliushnichenko in jooby-project/jooby#3848
• jackson3 module by @​kliushnichenko in jooby-project/jooby#3852
• build(deps): bump the dependencies group with 16 updates by @​dependabot[bot] in jooby-project/jooby#3857
• documentation: find a way to organize/group/classify documentation be… by @​jknack in jooby-project/jooby#3858
• doc: modernize site + dark theme by @​jknack in jooby-project/jooby#3860
• FEATURE: Unified JSON Projection API by @​jknack in jooby-project/jooby#3854
• build(deps): bump the dependencies group with 8 updates by @​dependabot[bot] in jooby-project/jooby#3865

Full Changelog: jooby-project/jooby@v4.0.15...v4.0.16

Commits

• c121f3f v4.0.16
• ca518ac Merge pull request #3865 from jooby-project/dependabot/maven/dependencies-71f...
• 3d201fc build(deps): bump the dependencies group with 8 updates
• 4674b52 - remove method-ref from Projection, just keep string projection
• 016e37d doc: adjust font
• 669c5a5 openapi: purge/clear unused schemas from output fix #3862
• 010b0c2 FEATURE: Unified JSON Projection API
• b48a81f Merge pull request #3854 from jooby-project/3853
• 0caf5be revert context.adoc
• db563bf - implementa Projected on script routes
• Additional commits viewable in compare view

Updates io.jooby:jooby-maven-plugin from 4.0.15 to 4.0.16

Updates io.modelcontextprotocol.sdk:mcp from 0.18.1 to 1.0.0

Release notes

Sourced from io.modelcontextprotocol.sdk:mcp's releases.

v1.0.0

MCP Java SDK 1.0.0

We are pleased to announce the 1.0.0 GA release of the MCP Java SDK — the official Java SDK for Model Context Protocol servers and clients, maintained in collaboration with Spring AI.

---

Major Features

• MCP Protocol Implementation — Spec-compliant implementation of the Model Context Protocol, including tools, resources, prompts, sampling, elicitation, and progress tracking.
• Synchronous and Asynchronous APIs — First-class support for both blocking (McpSyncClient / McpSyncServer) and reactive (McpAsyncClient / McpAsyncServer) programming models.
• Official Transport Options — STDIO, Servlet-based (Streamable HTTP and HTTP/SSE) transports out of the box.
• Pluggable JSON Serialization — Supports both Jackson 2 and Jackson 3, with Jackson 3 as the default. Integration is decoupled so projects can supply their own binding.
• MCP Protocol Version Negotiation — Clients and servers automatically negotiate the highest mutually supported protocol version at connection time.
• Authorization & Security — DNS rebinding protection, Origin header validation, and conformance-tested OAuth/auth flows via relevant hooks.
• OSGi Support — All modules ship with correct OSGi bundle manifests for use in Eclipse/OSGi runtimes.
• BOM for Dependency Management — mcp-bom keeps all SDK module versions aligned with a single import.
• MCP Test Module — Reusable test utilities and a conformance test suite for validating server and client implementations.

---

Spec Compliance

The SDK is compliant with the 2025-06-18 MCP specification and supports protocol version negotiation across 2024-11-05, 2025-03-26, and 2025-06-18.

Work towards 2025-11-25 spec compliance is actively in progress. Key features in that revision include tasks (durable request tracking), tool calling in sampling, URL elicitation, icon metadata, enhanced JSON Schema support, and updated OAuth/security flows. See the Roadmap for details.

---

Stability in the 1.x Line

With 1.0.0, the SDK transitions to a stable, semantically versioned release line. The project follows Semantic Versioning 2.0.0:

• Patch releases (1.0.x) deliver backward-compatible bug fixes.
• Minor releases (1.x.0) deliver new, backward-compatible features — including new MCP spec support.
• Major releases (2.x) are reserved for breaking API changes or MCP spec revisions that require code changes on the caller side.

Breaking changes are always documented with migration instructions, APIs are deprecated before removal, and pull requests containing breaking changes are labeled accordingly. See https://github.com/modelcontextprotocol/java-sdk/blob/HEAD/VERSIONING.md for the full policy.

---

What's Changed in 1.0.0

Spring Transports Move to Spring AI 2.0

• Moved mcp-spring-webflux and mcp-spring-webmvc to Spring AI 2.0 (#805)

API Cleanup

• Removed all APIs deprecated during the RC cycle to establish a clean stable baseline (#807)

Security & Conformance

... (truncated)

Commits

• 3c87155 Release version 1.0.0
• 27c859c Update the quickstart bom versionto 1.0.0
• 29dc250 Excplude the conformance projects from maven deploy
• 7e08a8e Next development version
• 479e52e Release version 1.0.0-RC3
• bdb373c Change StackOverflow link and tag for support (#824)
• acb7e4d Next development version
• 11b597c Release version 1.0.0-RC2
• 6b2b31c chore: exclude internal modules from Maven Central publishing
• 72f9da9 Add governance documentation for SEP-1730 (#808)
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.21.0 to 2.21.1

Commits

• See full diff in compare view

Updates com.palantir.javapoet:javapoet from 0.11.0 to 0.12.0

Release notes

Sourced from com.palantir.javapoet:javapoet's releases.

0.12.0

No documented user-facing changes

Commits

• 6d47220 Release 0.12.0
• d655c24 Excavator: Update open-source publishing plugins (#428)
• ca2445f Excavator: Upgrade dependencies (#427)
• 03dc34b [High Priority] Excavator: Update gradle-jdks infrastructure plugins (#426)
• cb88140 [High Priority] Excavator: Upgrade gradle plugin gradle-git-version (#424)
• f4bc566 Excavator: Update open-source publishing plugins (#425)
• f115526 Excavator: Format Java files (#423)
• 0dceab3 [High Priority] Excavator: Upgrade gradle-consistent-versions dependency (#420)
• 7c1e8c1 Excavator: Format Java files (#419)
• e3dab70 [High Priority] Excavator: Upgrade gradle-consistent-versions dependency (#418)
• Additional commits viewable in compare view

Updates io.swagger.core.v3:swagger-annotations from 2.2.42 to 2.2.44

Updates io.jooby:jooby-maven-plugin from 4.0.15 to 4.0.16

Updates org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2

Release notes

Sourced from org.apache.maven.plugins:maven-shade-plugin's releases.

3.6.2

🐛 Bug Fixes

• Bug: Extra JARs and Artifacts were not subjected to filtering (#785) @​cstamas

👻 Maintenance

• Drop excessive dependencies (#786) @​cstamas
• chore: remove junit3 reference (#762) @​sparsick
• Exclude Java 25 (#773) @​slachiewicz
• Update site descriptor, use site configuration from parent (#755) @​slawekjaranowski

📦 Dependency updates

• Drop unneeded dependencies (#788) @​cstamas
• Update to parent POM v 47 (#781) @​Bukama
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.5.0 to 3.5.1 (#782) @dependabot[bot]
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (#780) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#778) @dependabot[bot]
• Bump asmVersion from 9.9 to 9.9.1 (#774) @dependabot[bot]
• Update invoker plugin to 3.9.1 to Support Java 25 (#769) @​Bukama
• Bump asmVersion from 9.8 to 9.9 (#761) @dependabot[bot]
• Bump org.xmlunit:xmlunit-legacy from 2.10.3 to 2.11.0 (#763) @dependabot[bot]
• Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.15.1 to 3.15.2 (#764) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#768) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-utils from 3.5.1 to 3.6.0 (#758) @dependabot[bot]

Commits

• ad8de59 [maven-release-plugin] prepare release maven-shade-plugin-3.6.2
• 8eb19dc Drop unneeded dependencies (#788)
• 397b2cd Drop excessive dependencies (#786)
• eca6398 Bug: Extra JARs and Artifacts were not subjected to filtering (#785)
• 7edce17 Update to parent POM v 47 (#781)
• 3171a34 Mockito improvements (#783)
• 678844b Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#782)
• 73ec909 Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (#780)
• 5f7a877 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#778)
• 73c5247 chore: remove junit3 reference (#762)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions