Bump org.openrewrite.recipe:rewrite-migrate-java from 3.8.0 to 3.9.0

[dependabot]

Bumps org.openrewrite.recipe:rewrite-migrate-java from 3.8.0 to 3.9.0.

Release notes

Sourced from org.openrewrite.recipe:rewrite-migrate-java's releases.

3.9.0

What's Changed

• refactor: OpenRewrite Recipe best practices by @​timtebeek in openrewrite/rewrite-migrate-java#711
• Security Manager API Removal by @​MBoegers in openrewrite/rewrite-migrate-java#713
• Remove and cleanup System.getSecurityManager() by @​MBoegers in openrewrite/rewrite-migrate-java#716
• UseImportPolicy in NoGuavaRefaster by @​timtebeek in openrewrite/rewrite-migrate-java#717

Full Changelog: openrewrite/rewrite-migrate-java@v3.8.0...v3.9.0

Commits

• 9d5fa9f [Auto] SDKMAN! Java candidates as of 2025-05-05T1016
• 6b98403 UseImportPolicy in NoGuavaRefaster (#717)
• 2fe392a Remove and cleanup System.getSecurityManager() (#716)
• 57d4c64 Security Manager API Removal (#713)
• ec6ba92 refactor: Extract documentation examples from tests with stable source order
• a44d6d1 Added symlink to license, added link to licensing page
• 7f7d5da [Auto] SDKMAN! Java candidates as of 2025-04-28T1103
• 632f5ac refactor: OpenRewrite Recipe best practices
• a35ebf1 refactor: OpenRewrite Recipe best practices (#711)
• 5d589aa refactor: Update Gradle wrapper
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

☀️   Quality Monitor

Tests

     Unit Tests: 98% successful (86 passed, 2 skipped)
   ⛔   Architecture Tests: 100% successful (17 passed)

Code Coverage

   〰️   Line Coverage: 92% (61 missed lines)
   ➰   Branch Coverage: 91% (19 missed branches)

Mutation Coverage

     Mutation Coverage: 80% (80 survived mutations)
   💪   Test Strength: 85% (58 survived mutations in tested code)

Style

     CheckStyle: No warnings
     PMD: No warnings

Bugs

     SpotBugs: No bugs
   🐛   Error Prone: No bugs

API Problems

   🚫   Revapi: No warnings

Vulnerabilities

     OWASP Dependency Check: No vulnerabilities

Software Metrics

   🌀   Cyclomatic Complexity: 376 (total)
   💭   Cognitive Complexity: 173 (total)
   ➿   N-Path Complexity: 455 (total)
   📏   Lines of Code: 4270 (total)
   📝   Non Commenting Source Statements: 1257 (total)
   🔗   Class Cohesion: 71.43% (maximum)
   ⚖️   Weight of Class: 100.00% (maximum)

---

Created by Quality Monitor v2.5.3 (#8fa0834). More details are shown in the GitHub Checks Result.