chore: bump org.junit:junit-bom from 5.14.0 to 5.14.3

[dependabot]

Bumps org.junit:junit-bom from 5.14.0 to 5.14.3.

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 5.14.3 = Platform 1.14.3 + Jupiter 5.14.3 + Vintage 5.14.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.2...r5.14.3

JUnit 5.14.2 = Platform 1.14.2 + Jupiter 5.14.2 + Vintage 5.14.2

See Release Notes.

New Contributors

• @​uglide made their first contribution in junit-team/junit-framework#5245

Full Changelog: junit-team/junit-framework@r5.14.1...r5.14.2

JUnit 5.14.1 = Platform 1.14.1 + Jupiter 5.14.1 + Vintage 5.14.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.0...r5.14.1

Commits

• 1c14c1b Release 5.14.3
• 698391f Finalize 5.14.3 release notes
• 5655c22 Fix link to milestone
• b4d1f56 Reliably support JRE.OTHER with @⁠EnabledOnJre and @⁠DisabledOnJre
• 5b6dfef Fix references
• 718ee15 Fail build if xref fragment is invalid
• a809887 Install poppler-utils for pdfinfo
• b568f5a Update API baseline
• 1ebb6bc Add missing checkout step
• 4ca615b Back to snapshots for further development
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
org.junit:junit-bom	[>= 6.0.a0, < 6.1]

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[phipag]

@dependabot recreate

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Superseded by #2488.

[phipag]

On hold — blocked by native-image / native-build-tools upgrade

Leaving this open but not merging yet. Summary of why, for future reference:

The failure

graalvm-build fails with:

org.junit.jupiter.engine.discovery.MethodSegmentResolver was unintentionally initialized at build time

This is the known JUnit/GraalVM regression tracked in junit-team/junit-framework#5134.

The fix

JUnit #5134 was closed as "not planned" on 2025-11-04 — the fix was deliberately punted to graalvm/native-build-tools rather than changed in JUnit. It landed in graalvm/native-build-tools#794 (merged 2026-03-30) and is released in native-build-tools 1.1.0 (2026-04-22).

Why we can't just bump native-build-tools

This repo is pinned to native-maven-plugin 0.11.5. The obvious fix is #2485 (bump to 1.1.0), but 1.1.0 itself fails CI here because 1.0.0 switched to the new reachability-metadata.json format, which the GraalVM 21.0.8 native-image currently used in CI cannot parse.

Unblock path

Coordinated upgrade, in order:

1. Bump GraalVM / setup-graalvm in CI to a version that understands the new reachability-metadata format.
2. Merge chore: bump org.graalvm.buildtools:native-maven-plugin from 0.11.5 to 1.1.0 #2485 (native-maven-plugin 0.11.5 → 1.1.0).
3. Merge this PR (JUnit 5.14.0 → 5.14.3).

Alternative short-term workaround (not taking it): add --initialize-at-build-time=org.junit.jupiter.engine.discovery.MethodSegmentResolver to powertools-serialization's native plugin config — would let this PR go in alone, but adds tech debt we'd have to clean up after the GraalVM upgrade anyway.