fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
certifi	==2024.8.30 -> ==2024.12.14						minor
charset-normalizer (changelog)	==3.4.0 -> ==3.4.1						patch
docker.io/bitnami/minio (source)	2024.11.7-debian-12-r1 -> 2024.12.18-debian-12-r0						minor
docker.io/confluentinc/cp-kafkacat	7.1.14 -> 7.1.15						patch
docker.io/curlimages/curl	8.8.0 -> 8.11.1						minor
docker.io/hapiproject/hapi	v7.4.0 -> v7.6.0						minor
docker.io/library/gradle	8.11.0-jdk21 -> 8.12.0-jdk21					stage	minor
gradle (source)	8.11 -> 8.12						minor
urllib3 (changelog)	==2.2.3 -> ==2.3.0						minor
software.amazon.awssdk:bom	2.29.43 -> 2.29.45					dependencies	patch
org.fhir:ucum (source)	1.0.8 -> 1.0.9					dependencies	patch
com.fasterxml.jackson.core:jackson-core	2.18.1 -> 2.18.2					dependencies	patch
io.micrometer:micrometer-core	1.14.1 -> 1.14.2					dependencies	patch
io.micrometer:micrometer-registry-prometheus	1.14.1 -> 1.14.2					dependencies	patch
ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine (source)	7.4.5 -> 7.6.1					dependencies	minor
ca.uhn.hapi.fhir:hapi-fhir-client-okhttp (source)	7.4.5 -> 7.6.1					dependencies	minor
ca.uhn.hapi.fhir:hapi-fhir-structures-r4 (source)	7.4.5 -> 7.6.1					dependencies	minor
ca.uhn.hapi.fhir:hapi-fhir-client (source)	7.4.5 -> 7.6.1					dependencies	minor
ca.uhn.hapi.fhir:hapi-fhir-base (source)	7.4.5 -> 7.6.1					dependencies	minor
org.springframework.cloud:spring-cloud-dependencies (source)	2023.0.3 -> 2023.0.4					dependencies	patch
io.spring.dependency-management	1.1.6 -> 1.1.7					plugin	patch
org.springframework.boot	3.3.5 -> 3.4.1					plugin	minor

---

Release Notes

certifi/python-certifi (certifi)

v2024.12.14

Compare Source

jawah/charset_normalizer (charset-normalizer)

v3.4.1

Compare Source

Changed

• Project metadata are now stored using pyproject.toml instead of setup.cfg using setuptools as the build backend.
• Enforce annotation delayed loading for a simpler and consistent types in the project.
• Optional mypyc compilation upgraded to version 1.14 for Python >= 3.8

Added

• pre-commit configuration.
• noxfile.

Removed

• build-requirements.txt as per using pyproject.toml native build configuration.
• bin/integration.py and bin/serve.py in favor of downstream integration test (see noxfile).
• setup.cfg in favor of pyproject.toml metadata configuration.
• Unused utils.range_scan function.

Fixed

• Converting content to Unicode bytes may insert utf_8 instead of preferred utf-8. (#​572)
• Deprecation warning "'count' is passed as positional argument" when converting to Unicode bytes on Python 3.13+

curl/curl-container (docker.io/curlimages/curl)

v8.11.1

Compare Source

Changed

• bump to curl 8.11.1
• bump to alpine:3.21.0

v8.11.0

Compare Source

Changed

• bump to curl 8.11.0

v8.10.1

Compare Source

Changed

• bump to curl 8.10.1

v8.10.0

Compare Source

Changed

• bump to curl 8.10.0
• bump to alpine:3.20.3

v8.9.1

Compare Source

Changed

• bump to curl 8.9.1

v8.9.0

Compare Source

Changed

• bump to curl 8.9.0
• bump to alpine 3.20.2

gradle/gradle (gradle)

v8.12

Compare Source

v8.11.1: 8.11.1

Compare Source

This is a patch release for Gradle 8.11. We recommend users upgrade to 8.11.1 instead of 8.11.

It fixes the following issues:

• #​31268 BuildEventsListenerRegistry corrupted with Isolated Projects and parallel configuration
• #​31282 Running executables sporadically fails with ETXTBSY (Text file busy)
• #​31284 ArrayIndexOutOfBoundsException after upgrading to gradle 8.11 when generating problems report
• #​31310 Unable to run Gradle task in 8.10 due to bytecode interception

Read the Release Notes

Upgrade instructions

Switch your build to use Gradle 8.11.1 by updating your wrapper:

./gradlew wrapper --gradle-version=8.11.1

See the Gradle 8.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

urllib3/urllib3 (urllib3)

v2.3.0

Compare Source

==================

Features

• Added HTTPResponse.shutdown() to stop any ongoing or future reads for a specific response. It calls shutdown(SHUT_RD) on the underlying socket. This feature was sponsored by LaunchDarkly <https://opencollective.com/urllib3/contributions/815307>. (#&#8203;2868 <https://github.com/urllib3/urllib3/issues/2868>)
• Added support for JavaScript Promise Integration on Emscripten. This enables more efficient WebAssembly
  requests and streaming, and makes it possible to use in Node.js if you launch it as node --experimental-wasm-stack-switching. (#&#8203;3400 <https://github.com/urllib3/urllib3/issues/3400>__)
• Added the proxy_is_tunneling property to HTTPConnection and HTTPSConnection. (#&#8203;3285 <https://github.com/urllib3/urllib3/issues/3285>__)
• Added pickling support to NewConnectionError and NameResolutionError. (#&#8203;3480 <https://github.com/urllib3/urllib3/issues/3480>__)

Bugfixes

• Fixed an issue in debug logs where the HTTP version was rendering as "HTTP/11" instead of "HTTP/1.1". (#&#8203;3489 <https://github.com/urllib3/urllib3/issues/3489>__)

Deprecations and Removals

• Removed support for Python 3.8. (#&#8203;3492 <https://github.com/urllib3/urllib3/issues/3492>__)

FHIR/Ucum-java (org.fhir:ucum)

v1.0.9

Compare Source

• Disallow DTDs (doctypes) on XML document building

micrometer-metrics/micrometer (io.micrometer:micrometer-core)

v1.14.2: 1.14.2

🐞 Bug Fixes

• Protect against concurrent reads/writes to Context keyvalues #​5739
• Null stacktrace in InvalidObservationException using Virtual Threads #​5702
• Deprecate AggregationTemporality#toOtlpAggregationTemporality #​5733
• Warn about gauge re-registration #​5688
• executor.queued metrics of ForkJoinPool does not include queued submissions #​5650
• Default ObservationConventions for Grpc do not always use a consistent set of keyvalues #​5609

🔨 Dependency Upgrades

• Bump software.amazon.awssdk:cloudwatch from 2.29.14 to 2.29.23 #​5724
• Bump io.prometheus:prometheus-metrics-bom from 1.3.3 to 1.3.4 #​5723
• Bump dropwizard-metrics from 4.2.28 to 4.2.29 #​5721

📔 Documentation

• Remove duplicated contextpropagation.adoc #​5693
• Polish "Grafana Dashboard" section #​5662
• Use BOM for Micrometer dependency examples in reference docs #​5652

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​izeye

hapifhir/hapi-fhir (ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine)

v7.6.1

Compare Source

7.6.1

v7.6.0

Compare Source

7.6.0

spring-cloud/spring-cloud-release (org.springframework.cloud:spring-cloud-dependencies)

v2023.0.4: 2023.0.4

Full Changelog: spring-cloud/spring-cloud-release@v2023.0.3...v2023.0.4

---

Configuration

📅 Schedule: Branch creation - "* * 1 */3 *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	4		0	0.06s
✅ BASH	bash-exec	1		0	0.0s
✅ BASH	shellcheck	1		0	0.09s
⚠️ BASH	shfmt	1		1	0.01s
✅ DOCKERFILE	hadolint	2		0	0.09s
✅ EDITORCONFIG	editorconfig-checker	55		0	0.19s
✅ GROOVY	npm-groovy-lint	2		0	10.28s
✅ JAVA	checkstyle	11		0	5.7s
✅ JSON	jsonlint	4		0	0.21s
✅ JSON	prettier	4		0	0.92s
✅ JSON	v8r	4		0	4.12s
✅ MARKDOWN	markdownlint	2		0	0.41s
✅ PYTHON	bandit	1		0	1.21s
✅ PYTHON	black	1		0	0.72s
✅ PYTHON	flake8	1		0	0.5s
✅ PYTHON	isort	1		0	0.39s
✅ PYTHON	mypy	1		0	7.36s
✅ PYTHON	ruff	1		0	0.02s
✅ REPOSITORY	checkov	yes		no	18.43s
✅ REPOSITORY	gitleaks	yes		no	0.37s
✅ REPOSITORY	git_diff	yes		no	0.01s
✅ REPOSITORY	grype	yes		no	19.28s
✅ REPOSITORY	kics	yes		no	16.53s
✅ REPOSITORY	secretlint	yes		no	0.88s
✅ REPOSITORY	syft	yes		no	2.2s
✅ REPOSITORY	trivy	yes		no	10.91s
✅ REPOSITORY	trivy-sbom	yes		no	0.12s
✅ REPOSITORY	trufflehog	yes		no	3.59s
✅ XML	xmllint	1		0	0.78s
✅ YAML	prettier	15		0	1.13s
✅ YAML	v8r	15		0	16.01s
✅ YAML	yamllint	15		0	0.64s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

• Click here to request the new flavor

MegaLinter is graciously provided by

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Trivy image scan report

ghcr.io/miracum/kafka-fhir-to-server:pr-131 (debian 12.8)

No Vulnerabilities found

No Misconfigurations found

Java

2 known vulnerabilities found (LOW: 1 CRITICAL: 0 HIGH: 0 MEDIUM: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
ch.qos.logback:logback-core	CVE-2024-12798	MEDIUM	1.5.12	1.5.13
ch.qos.logback:logback-core	CVE-2024-12801	LOW	1.5.12	1.5.13

No Misconfigurations found

[miracum-bot]

🎉 This PR is included in version 2.2.3 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀