If you received inactive project deletion emails on 4/30/25, you can ignore them. The projects named in those emails will NOT be deleted on 7/30/25. Some type of inactive project deletion will be implemented later this year, but you'll receive further communications before any deletions are scheduled.
Dependency updates to eliminate vulnerabilities discovered by dependency-check
Eliminated all CRITICAL and HIGH except for CVE-2016-1000027 (which more or less forbids the use of Spring since 2016 -- it's moderately controversial.
