chore: bump org.junit:junit-bom from 5.14.0 to 5.14.4

[dependabot]

Bumps org.junit:junit-bom from 5.14.0 to 5.14.4.

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 5.14.4 = Platform 1.14.4 + Jupiter 5.14.4 + Vintage 5.14.4

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.3...r5.14.4

JUnit 5.14.3 = Platform 1.14.3 + Jupiter 5.14.3 + Vintage 5.14.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.2...r5.14.3

JUnit 5.14.2 = Platform 1.14.2 + Jupiter 5.14.2 + Vintage 5.14.2

See Release Notes.

New Contributors

• @​uglide made their first contribution in junit-team/junit-framework#5245

Full Changelog: junit-team/junit-framework@r5.14.1...r5.14.2

JUnit 5.14.1 = Platform 1.14.1 + Jupiter 5.14.1 + Vintage 5.14.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.14.0...r5.14.1

Commits

• 096fd69 Release 5.14.4
• 11fd02b Remove JDK 24 (EOL)
• 5b7f023 Fix integration tests on JDK 27
• 18f842a Test against JDK 26 (GA) and JDK 27 (EA)
• a5bf336 Polish 5.14.4 release notes
• 7667c14 Fix race condition in NodeTestTask (#5427)
• ac01f2d Include full display name in legacy XML reports (#5524)
• fbd4a8e Include class template invocation index in legacy reporting names
• 7d6f0c0 Only check PDF for GA releases
• 14f534d Test 5.14.x against JDK 25 ga (#5623)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
org.junit:junit-bom	[>= 6.0.a0, < 6.1]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[phipag]

On hold pending native-image upgrade

We are leaving this PR open but not merging. The graalvm-build job fails because org.junit.jupiter.engine.discovery.MethodSegmentResolver initializes at build time during native-image compilation. This matches junit-team/junit-framework#5134.

JUnit closed issue #5134 on 2025-11-04 as not planned. The maintainers moved the fix to graalvm/native-build-tools#794, which merged on 2026-03-30 and shipped in native-build-tools 1.1.0 on 2026-04-22.

This repository pins native-maven-plugin to 0.11.5, which predates the fix. PR #2485 bumps the plugin to 1.1.0, but 1.1.0 fails CI here because version 1.0.0 adopted a new reachability-metadata.json format that the GraalVM 21.0.8 native-image in CI cannot parse.

The unblock path requires three sequential steps. Step 1: upgrade the GraalVM version in setup-graalvm to a release that parses the new reachability-metadata format. Step 2: merge #2485 to move native-maven-plugin from 0.11.5 to 1.1.0. Step 3: merge this PR to move junit-bom from 5.14.0 to 5.14.4.

One alternative workaround adds --initialize-at-build-time=org.junit.jupiter.engine.discovery.MethodSegmentResolver to the powertools-serialization native plugin config. We are rejecting this workaround because step 1 of the unblock path removes the need for it.