Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update all minor dependencies #271

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update all minor dependencies #271

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 26, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
aquasecurity/trivy-action action minor 0.28.0 -> 0.29.0 age adoption passing confidence
org.springframework.boot:spring-boot-starter-parent (source) parent minor 3.3.6 -> 3.4.2 age adoption passing confidence
io.zonky.test.postgres:embedded-postgres-binaries-bom import minor 16.4.0 -> 16.6.0 age adoption passing confidence
com.networknt:json-schema-validator compile patch 1.5.3 -> 1.5.5 age adoption passing confidence
com.google.guava:guava compile minor 33.3.1-jre -> 33.4.0-jre age adoption passing confidence
commons-io:commons-io (source) compile minor 2.17.0 -> 2.18.0 age adoption passing confidence
org.springdoc:springdoc-openapi-starter-webmvc-ui (source) compile minor 2.6.0 -> 2.8.3 age adoption passing confidence
io.zonky.test:embedded-postgres test minor 2.0.7 -> 2.1.0 age adoption passing confidence
io.zonky.test:embedded-database-spring-test test minor 2.5.1 -> 2.6.0 age adoption passing confidence
com.github.ben-manes.caffeine:caffeine compile minor 3.1.8 -> 3.2.0 age adoption passing confidence

Release Notes

aquasecurity/trivy-action (aquasecurity/trivy-action)

v0.29.0

Compare Source

What's Changed
New Contributors

Full Changelog: aquasecurity/trivy-action@0.28.0...0.29.0

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-parent)

v3.4.2

Compare Source

🐞 Bug Fixes

  • Property metadata for "logging.structured.json.customizer" has incorrect type #​43916
  • GraylogExtendedLogFormatProperties throws NullPointerException when only 'logging.structured.gelf.host' is specified #​43863
  • Structured logging properties have no effect in a native image #​43862
  • Docker Compose support for ClickHouse does not allow an empty password when ALLOW_EMPTY_PASSWORD=yes #​43790
  • docker compose ps now fails due to unknown --orphans flag with 2.23 or earlier #​43717
  • Build info timestamp is truncated to seconds #​43617
  • FileWatcher used for SSL reload does not support symlinks #​43604
  • BindableRuntimeHintsRegistrar should handle TypeNotPresentException #​43600
  • CapturedOutput is empty when using Log4J2 StatusLogger #​43578
  • Spring Boot 3.4 is not compatible with Gson 2.10 #​43442
  • NoClassDefFoundError when using JUnit to test a Gradle 7.6.x app that depends on spring-boot-actuator-autoconfigure but not on org.junit.platform:junit-platform-launcher #​43340

📔 Documentation

  • Document that the @ConfigurationProperties annotation processor cannot generate description and defaultValue metadata for external types #​43929
  • Fix description of management.metrics.graphql.autotime.enabled #​43905
  • Document 'base64:' prefix support #​43835
  • Document handling of @Fallback beans in ConditionalOnSingleCandidate's javadoc #​43826
  • Javadoc of DataSourceBuilder does not reference all supported types #​43732
  • Update OpenTelemetry section in Supported Monitoring Systems to refer to OTLP instead #​43729
  • Consistently document the minimum supported versions of Gradle #​43725
  • Document that system libraries are a reason to customize the builder and switch away from builder-jammy-java-tiny #​43716
  • Links to the Javadoc of Jakarta Messaging are invalid #​43662
  • Paragraph HTML tags are rendered as-is in Maven Plugin reference documentation #​43623
  • Javadoc link for jakarta.xml.bind is invalid #​43607
  • Documentation still has references to 'layertools' #​43605
  • Javadoc of ConstructorBinding should not use markdown formatting #​43599
  • Managed Dependency Coordinates lists Spock and OkHttp dependencies that are not managed #​43584

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​arefbehboudi, @​dreis2211, @​gavarava, @​hezean, @​izeye, @​jxblum, @​ngocnhan-tran1996, @​nosan, @​quaff, and @​tmaciejewski

v3.4.1

Compare Source

🐞 Bug Fixes

  • KafkaProperties fail to build SSL properties when the bundle name is an empty string #​43563
  • Diagnostics are poor when property resolution throws a ConversionFailedException #​43559
  • SpringApplicationShutdownHandlers do not run in deterministic order #​43536
  • Unable to find a @SpringBootConfiguration results in misleading error message #​43507
  • With multiple ResourceHandlerRegistrationCustomizer beans in the context, only one of them is used #​43497
  • Unable to use Docker Compose support when mixing dedicated and shared services #​43472
  • Kafka dependency management does not include the kafka-server module #​43454
  • Docker API version is incorrectly reported when '/_ping` calls fail and version should be fixed #​43452
  • Methods to build producer / consumer properties from KafkaProperties are inconvienenent to use without an SSL bundle #​43448
  • Failures in -Djarmode=tools do not consistently return a non-zero exit #​43436
  • HttpComponentsClientHttpRequestFactoryBuilder replaces the existing defaultRequestConfigCustomizer rather than adding to it #​43429
  • spring-boot-maven-plugin sets imagePlatform even if it's empty #​43424
  • OnBeanCondition fails to match on annotations when using Scoped Proxies #​43423
  • Failure analysis for InvalidConfigurationPropertyValueException doesn't correctly handle fuzzy matching of environment variables #​43382
  • H2ConsoleAutoConfiguration causes early initialization of DataSource beans #​43359
  • Accept progress on numbers >2GB #​43356
  • Servlet-based UserDetailsServiceAutoConfiguration is active in a reactive app #​43334
  • StructuredLoggingJsonMembersCustomizer implementations declared in spring.factories with a generic type more specific than Object are not called #​43312
  • Overriding log level with an environment variable does not work when using an environment prefix #​43307
  • Management endpoint access and enabled properties are ignored unless the endpoint ID is an exact match #​43302
  • UnsupportedOperationException when starting a Maven shaded application on Java 21 with virtual threads enabled #​43291
  • JmsListener failing with Narayana (pooled ConnectionFactory) since 3.4.0 #​43277
  • SslBundle can no longer open store file locations without using a 'file:' prefix #​43274
  • TestRestTemplate does not allow redirects to be customized #​43258
  • Testcontainers start() methods may be started multiple times #​43253

📔 Documentation

  • Fix typo in documentation #​43558
  • Document that server.ssl.cipher and server.ssl.enabled-protocols are not fallbacks used with SSL bundles #​43552
  • Use <annotationProcessorPaths> in Maven examples for configuring an annotation processor #​43544
  • Fix typo #​43519
  • Links to logback javadoc are incorrect #​43456
  • Fix JUnit javadoc links #​43428
  • Reference documentation incorrectly uses 'disabled' rather than 'none' for access restrictions #​43351
  • Restore System property in Logging section of the reference documentation #​43342
  • Fix link to proxyBeanMethods in @AutoConfiguration javadoc #​43325
  • Fix links to Servlet and JPA javadoc #​43324
  • Link to @EnableMethodSecurity instead of the deprecated @EnableGlobalMethodSecurity #​43315
  • Document that StructuredLoggingJsonMembersCustomizer implementations may optionally take constructor parameters #​43314
  • Update javadoc of StructuredLoggingJsonMembersCustomizer to note that implementations can registered through spring.factories #​43313
  • Fix Javadoc link for Hikari #​43311
  • Document how to use structured logging with custom log configuration #​43301
  • Update Javadoc since for OtlpMetricsProperties and OtlpTracingProperties #​43249

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​BenchmarkingBuffalo, @​Jae-Young98, @​arefbehboudi, @​izeye, @​kgb-financial-com, @​minwoo1999, @​ngocnhan-tran1996, @​nosan, @​onobc, @​quaff, @​scordio, @​sobychacko, and @​vonZeppelin

v3.4.0

Compare Source

⭐ New Features

  • Add withDefaultRequestConfigCustomizer method to HttpComponentsClientHttpRequestFactoryBuilder #​43139
  • Fail JsonWriter if duplicate names are detected #​43041
  • Add JsonObjectDeserializer.nullSafeValue method that accepts a mapper Function #​42972
  • Support timeout property for GraphQL over SSE #​42966
  • Improve performance of ConfigurationPropertiesBinder by storing bind handlers on first access #​42950
  • Improve performance of ConcurrentReferenceCachingMetadataReaderFactory #​42949
  • Log warning in HikariCheckpointRestoreLifecycle if pool suspension isn't configured #​42937
  • Remove spring-boot-starter-aop dependency from spring-boot-starter-data-jpa and spring-boot-starter-integration #​42934

🐞 Bug Fixes

  • Jersey body handling is inconsistent with Spring Webflux and Spring MVC #​43209
  • Classes are accidentally named "structure logging" instead of "structured logging" #​43203
  • StructuredLoggingJsonProperties customizer should be a Class reference rather than a String #​43202
  • Cannot package OCI image when 'docker.io/paketobuildpacks/new-relic' is provided as a buildpack #​43171
  • Incorrect Type for 'management.endpoints.access.default' defined in additional-spring-configuration-metadata.json #​43154
  • WebServerPortFileWriter fails when using a portfile without extension #​43117
  • SslOptions.isSpecified() only returns true if ciphers and enabled protocols are set #​43084
  • SslHealthIndicator throws NullPointerException when using SslBundle with SslStoreBundle.NONE #​43078
  • JdkClientHttpRequestFactoryBuilder and JettyClientHttpRequestFactoryBuilder do not set Ciphers or Enabled Protocols #​43077
  • Root cause of errors is hidden when loading images from archive #​43070
  • mvn spring-boot:run fails on Windows with "Could Not Find or Load Main Class" when path contains non-ASCII characters #​43062
  • A @SpyBean on the output of a FactoryBean is not reset #​43053
  • Logback logging system does not process URLs with paths not ending in .xml #​42990
  • Bean-based conditions do not consider factory beans correctly when determining if they are a candidate #​42970
  • NPE in bootBuildImage when setting DOCKER_CONTEXT=default #​42960
  • Warning due to duplicate MockResolver extensions #​42957
  • HttpHostConnectException is thrown when using buildpacks with Gradle or Maven on Windows #​42952
  • build-info doesn't support seconds since the epoch from project.build.outputTimestamp #​42936
  • NPE in OnClassCondition.resolveOutcomesThreaded following thread interruption because firstHalf is null #​42926
  • Default WebSocketMessageBrokerConfigurer is always overriding custom channel executor #​42924
  • X-Registry-Auth header sent to Docker Engine API contains field "authHeader" #​42915
  • ApplicationContextRunner has inconsistent behaviour with duplicate auto-configuration class names #​17963

📔 Documentation

  • Migrate class references to full javadoc links #​43239
  • Documentation for 'spring.datasource.type' is misleading #​43199
  • Update "Upgrading From" section to use "2.x" #​43160
  • Include spring-boot-loader in API documentation #​43153
  • Document how and where to add custom GraalVM configuration files #​43074
  • Rework DataSource configuration examples to separate defining an additional DataSource and defining a DataSource of a different type #​43059
  • Location of the layers schema is incorrect in the Maven Plugin's examples #​43033
  • Link to Eclipse setup instructions #​42954
  • Fix link to Checkpoint and Restore status page #​42939

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​ahoehma, @​deki, @​izeye, @​ngocnhan-tran1996, @​nosan, @​quaff, and @​wickdynex

v3.3.8

Compare Source

🐞 Bug Fixes

  • POSTGRESQL_USERNAME and POSTGRESQL_DATABASE are ignored when using the Bitnami PostgreSQL image with Docker Compose #​43787
  • docker compose ps now fails due to unknown --orphans flag with 2.23 or earlier #​43710
  • Build info timestamp is truncated to seconds #​43612
  • FileWatcher used for SSL reload does not support symlinks #​43586
  • BindableRuntimeHintsRegistrar should handle TypeNotPresentException #​43598

📔 Documentation

  • Document that the @ConfigurationProperties annotation processor cannot generate description and defaultValue metadata for external types #​43925
  • Fix description of management.metrics.graphql.autotime.enabled #​43904
  • Document 'base64:' prefix support #​43809
  • Update OpenTelemetry section in Supported Monitoring Systems to refer to OTLP instead #​43727
  • Javadoc of DataSourceBuilder does not reference all supported types #​43724
  • Links to the Javadoc of Jakarta Messaging are invalid #​43661
  • Paragraph HTML tags are rendered as-is in Maven Plugin reference documentation #​43622
  • Javadoc link for jakarta.xml.bind is invalid #​43606
  • Documentation still has references to 'layertools' #​43601
  • Javadoc of ConstructorBinding should not use markdown formatting #​43590

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​arefbehboudi, @​dreis2211, @​gavarava, @​hezean, @​izeye, @​jxblum, @​ngocnhan-tran1996, @​quaff, and @​tmaciejewski

v3.3.7

Compare Source

🐞 Bug Fixes

  • KafkaProperties fail to build SSL properties when the bundle name is an empty string #​43561
  • With multiple ResourceHandlerRegistrationCustomizer beans in the context, only one of them is used #​43494
  • Kafka dependency management does not include the kafka-server module #​43450
  • Failures in -Djarmode=tools do not consistently return a non-zero exit #​43435
  • SpringApplicationShutdownHandlers do not run in deterministic order #​43430
  • Failure analysis for InvalidConfigurationPropertyValueException doesn't correctly handle fuzzy matching of environment variables #​43380
  • Diagnostics are poor when property resolution throws a ConversionFailedException #​43378
  • Unable to find a @SpringBootConfiguration results in misleading error message #​43357
  • H2ConsoleAutoConfiguration causes early initialization of DataSource beans #​43337
  • Accept progress on numbers >2GB #​43328
  • Overriding log level with an environment variable does not work when using an environment prefix #​43304
  • Methods to build producer / consumer properties from KafkaProperties are inconvienenent to use without an SSL bundle #​43300
  • UnsupportedOperationException when starting a Maven shaded application on Java 21 with virtual threads enabled #​43284
  • Unable to use Docker Compose support when mixing dedicated and shared services #​40139

📔 Documentation

  • Fix typo in documentation #​43557
  • Fix typo #​43512
  • Links to logback javadoc are incorrect #​43439
  • Fix JUnit javadoc links #​43383
  • Document that server.ssl.cipher and server.ssl.enabled-protocols are not fallbacks used with SSL bundles #​43353
  • Restore System property in Logging section of the reference documentation #​43341
  • Use <annotationProcessorPaths> in Maven examples for configuring an annotation processor #​43329
  • Fix link to proxyBeanMethods in @AutoConfiguration javadoc #​43323
  • Fix links to Servlet and JPA javadoc #​43320
  • Link to @EnableMethodSecurity instead of the deprecated @EnableGlobalMethodSecurity #​43308
  • Fix Javadoc link for Hikari #​43305

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​BenchmarkingBuffalo, @​kgb-financial-com, @​ngocnhan-tran1996, @​nosan, @​quaff, @​scordio, and @​sobychacko

zonkyio/embedded-postgres-binaries (io.zonky.test.postgres:embedded-postgres-binaries-bom)

v16.6.0

Compare Source

v16.5.0

Compare Source

networknt/json-schema-validator (com.networknt:json-schema-validator)

v1.5.5

[Compare Source](https://redirect.github.com/networknt/json-schema-validator/co

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone Europe/Paris, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Oct 26, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from be8febd to 76f3c28 Compare October 31, 2024 16:59
@davdarras davdarras force-pushed the renovate/all-minor-patch branch from 76f3c28 to d6ec98a Compare November 5, 2024 11:35
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from d6ec98a to 8bea505 Compare November 5, 2024 11:36
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 8bea505 to 352bf1e Compare November 20, 2024 20:46
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 1880976 to 06cbc59 Compare November 26, 2024 04:19
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 06cbc59 to 4d9f23a Compare November 29, 2024 09:43
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 4d9f23a to cfdbefc Compare December 6, 2024 13:52
@renovate renovate bot changed the title chore(deps): update all minor dependencies fix(deps): update all minor dependencies Dec 10, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 5bc4971 to 299e9ab Compare December 19, 2024 16:11
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from f99a318 to 92193b5 Compare January 6, 2025 09:54
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jan 6, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@davdarras davdarras force-pushed the renovate/all-minor-patch branch from 59146bc to 67e96e9 Compare January 6, 2025 10:36
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 2615af8 to 53241d9 Compare January 13, 2025 00:18
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 0ee7f92 to b6e044b Compare January 19, 2025 08:47
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from b6e044b to 2c24e0e Compare January 23, 2025 14:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants