chore(deps): bump the dependencies group across 1 directory with 14 updates

[dependabot]

Bumps the dependencies group with 14 updates in the / directory:

Package	From	To
org.apache.kafka:kafka_2.12	3.8.0	3.9.0
ch.qos.logback:logback-classic	1.5.8	1.5.12
com.fasterxml.jackson.module:jackson-module-kotlin	2.18.0	2.18.1
com.fasterxml.jackson.dataformat:jackson-dataformat-xml	2.18.0	2.18.1
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	2.18.0	2.18.1
com.zaxxer:HikariCP	6.0.0	6.2.1
org.flywaydb:flyway-core	10.18.2	11.0.0
org.flywaydb:flyway-database-postgresql	10.18.2	11.0.0
com.google.cloud.sql:postgres-socket-factory	1.20.1	1.21.0
org.webjars:swagger-ui	5.17.14	5.18.2
io.mockk:mockk	1.13.12	1.13.13
org.testcontainers:postgresql	1.20.1	1.20.4
com.nimbusds:nimbus-jose-jwt	9.41.1	9.47
com.gradleup.shadow	8.3.2	8.3.5

Updates org.apache.kafka:kafka_2.12 from 3.8.0 to 3.9.0

Updates ch.qos.logback:logback-classic from 1.5.8 to 1.5.12

Commits

• 3a64b51 prepare release 1.5.12
• ecae664 fix issues/879
• 85968fa logger call ends with two exceptions - fix issues/876
• ea3cec8 Update README.md
• 887cbba update README.md
• df2a3b6 start work on 1.5.12-SNAPSHOT
• 3aa0730 prepare release of version 1.5.11
• 8bcfd9a allow for InsertFromJNDIModelHandler to be callable from logback-tyler
• 75bee86 refactorings in support of logback-tyler
• 8749edc start work on 1.5.11-SNAPSHOT
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.module:jackson-module-kotlin from 2.18.0 to 2.18.1

Commits

• 3f1c827 [maven-release-plugin] prepare release jackson-module-kotlin-2.18.1
• fb5b731 Prep for 2.18.1 release
• f27a76e Merge pull request #836 from k163377/fix-docs
• 62e4015 Fix docs
• 3b48486 Back to snapshot dep
• ad4b22e [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.18.0 to 2.18.1

Commits

• 7411dc6 [maven-release-plugin] prepare release jackson-dataformat-xml-2.18.1
• 23caee5 Prepare for 2.18.1 release
• 7375278 Merge branch '2.18' of github.com:FasterXML/jackson-dataformat-xml into 2.18
• 5265704 Add test to verify #517 still failing (#673)
• a5ab6a7 Merge branch '2.17' into 2.18
• 7da4860 Fix bad renaming (went to 2.17 instead of master)
• eff8f8a Modify surefire plugin failing test scope (#674)
• 29d946c Manual merge of pom.xml
• 90f48fb ...
• c262e76 Merge branch '2.17' into 2.18
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.18.0 to 2.18.1

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.18.0 to 2.18.1

Commits

• 7411dc6 [maven-release-plugin] prepare release jackson-dataformat-xml-2.18.1
• 23caee5 Prepare for 2.18.1 release
• 7375278 Merge branch '2.18' of github.com:FasterXML/jackson-dataformat-xml into 2.18
• 5265704 Add test to verify #517 still failing (#673)
• a5ab6a7 Merge branch '2.17' into 2.18
• 7da4860 Fix bad renaming (went to 2.17 instead of master)
• eff8f8a Modify surefire plugin failing test scope (#674)
• 29d946c Manual merge of pom.xml
• 90f48fb ...
• c262e76 Merge branch '2.17' into 2.18
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.18.0 to 2.18.1

Updates com.zaxxer:HikariCP from 6.0.0 to 6.2.1

Changelog

Sourced from com.zaxxer:HikariCP's changelog.

HikariCP Changes

Changes in 6.2.2

• increase keepaliveTime variance from 10% to 20%

• merged #2266 support duration values for configuration from properties, such as 10ms, 20s, 30m, 40h or 50d

Changes in 6.2.1

• change default keepaliveTime to 2 minutes

• fix commons-compress dependency, make test scope

Changes in 6.2.0

• merged #2238 handle SQLTimeoutException without eviction. Users looking to preserve previous behavior should provide an implementation of com.zaxxer.hikari.SQLExceptionOverride to the pool configuration.

• added new enum value, Override.MUST_EVICT, available to implementations of com.zaxxer.hikari.SQLExceptionOverride

• enhanced debug logging in circumstances where the pool falls to zero size and new connections to the database continue to fail.

• update test dependencies that were flagged as having vulnerabilities

Changes in 6.1.0

• fixed #1960 allow SQLExceptionOverride to adjudicate all exceptions for eviction

• merged #1962 dropwizard 5 metrics are now supported via the setMetricRegistry() method in HikariConfig and in HikariDataSource

• merged #2244 improve JavassistProxyFactory

• merged #2243 fix inconsistency between isWrapperFor and unwrap

• merged #1827 support loading properties file in unnamed resources module

• merged #1842 don't clear isCommitStateDirty flag in setReadOnly

• change default maxLifetime variance from 2.5% to 25% to further avoid mass connection die-off dips

Changes in 6.0.0

• fixed #2152 duplicate connection in try with resources clause caused close() being called twice on each connection

• merged #2226 consistent handling of errorCode and sqlState in timeout exception

• merged #2199 eliminate network call if state get is called after set

... (truncated)

Commits

• 1d517a9 [maven-release-plugin] prepare release HikariCP-6.2.1
• be6594a assign default keepaliveTime of 2 minutes
• 1836e3f add test scope to commons-compress dependency
• c166946 Update README.md
• 7de262f [maven-release-plugin] prepare for next development iteration
• c6b5eea [maven-release-plugin] prepare release HikariCP-6.2.0
• 14f2c6e update release version
• d32e26e Update CHANGES
• 5df12d6 Update README.md
• ec6891a Expand/improve SQLExceptionOverride handling flexibility
• Additional commits viewable in compare view

Updates org.flywaydb:flyway-core from 10.18.2 to 11.0.0

Release notes

Sourced from org.flywaydb:flyway-core's releases.

Flyway 11.0.0

See release notes here

CLI artifact available here

Flyway 10.22.0

See release notes here

CLI artifact available here

Flyway 10.21.0

See release notes here

CLI artifact available here

Flyway 10.20.1

See release notes here

CLI artifact available here

Flyway 10.20.0

See release notes here

CLI artifact available here

Flyway 10.19.0

See release notes here

CLI artifact available here

Commits

• ff34608 Bump version to flyway-11.0.0
• 5b4b7c8 Bump version to flyway-10.22.0
• 2dbbab3 Bump version to flyway-10.21.0
• 2cd387f Bump version to flyway-10.20.1
• a66a1a3 Bump version to flyway-10.20.0
• 6d4af9e Bump version to flyway-10.19.0
• See full diff in compare view

Updates org.flywaydb:flyway-database-postgresql from 10.18.2 to 11.0.0

Updates org.flywaydb:flyway-database-postgresql from 10.18.2 to 11.0.0

Updates com.google.cloud.sql:postgres-socket-factory from 1.20.1 to 1.21.0

Updates org.webjars:swagger-ui from 5.17.14 to 5.18.2

Release notes

Sourced from org.webjars:swagger-ui's releases.

Swagger UI v5.18.2 Released!

5.18.2 (2024-11-07)

Bug Fixes

• update Scarf.js to v1.4.0 to avoid breaking Vitest (#10204) (adc1c3c), closes #10197

Swagger UI v5.18.1 Released!

5.18.1 (2024-11-05)

Bug Fixes

• docker: return explicit Node.js installation (#10198) (3e3dfc6), closes #10195

Swagger UI v5.18.0 Released!

5.18.0 (2024-11-05)

Features

• analytics: use Scarf.js to provide anonymized installation analytics (#10194) (fb55b9c)

---

Anonymized analytics

SwaggerUI uses Scarf to collect anonymized installation analytics. These analytics help support the maintainers of this library and ONLY run during installation. To opt out, you can set the scarfSettings.enabled field to false in your project's package.json:

// package.json
{
  // ...
  "scarfSettings": {
    "enabled": false
  }
  // ...
}

Alternatively, you can set the environment variable SCARF_ANALYTICS to false as part of the environment that installs your npm packages, e.g., SCARF_ANALYTICS=false npm install.

Commits

• 3c7e281 chore(release): cut the v5.18.2 release
• 1dd1f7c chore(dist): update Scarf.js to v1.4.0 (#10205)
• adc1c3c fix: update Scarf.js to v1.4.0 to avoid breaking Vitest (#10204)
• 7b84da5 chore(deps-dev): bump release-it from 17.5.0 to 17.10.0 (#10202)
• e5d00e8 chore(deps-dev): bump json-merger from 1.1.10 to 2.0.0 (#10201)
• 8fdf0d3 chore(deps-dev): bump jsdom from 24.0.0 to 25.0.1 (#10200)
• 05b7aff chore(docker): disable apk cache (#10203)
• 91b6e13 chore(deps-dev): bump husky from 9.0.11 to 9.1.6 (#10199)
• e5addb1 chore(release): cut the v5.18.1 release
• 3e3dfc6 fix(docker): return explicit Node.js installation (#10198)
• Additional commits viewable in compare view

Updates io.mockk:mockk from 1.13.12 to 1.13.13

Release notes

Sourced from io.mockk:mockk's releases.

1.13.13

What's Changed

• Kotlin 2.0.0 by @​SimonMarquis in mockk/mockk#1255
• Don't unbox primitive value class returned by suspend function by @​SackCastellon in mockk/mockk#1253
• Fix RequireParallelTesting Annotation by @​thamp59 in mockk/mockk#1265
• Enable clearAllMocks to clear only thread-local mocks. by @​xzhang-brex in mockk/mockk#1276
• build(issue 1280): bump toolchain-jvm version to 17 by @​Kulesko in mockk/mockk#1281
• fix(1284): do not transform static constructor by @​LitterSun in mockk/mockk#1285
• Remove unused loggers by @​Sandhya2902 in mockk/mockk#1011
• chore: converting functions to expression bodies and minor function refactoring by @​casplattel in mockk/mockk#1260
• Add anyNullable by @​NWuensche in mockk/mockk#1287
• fix(813): Handle nullable value classes by @​VasilisDrettas-tomtom in mockk/mockk#1295
• Improve error message on unexpected calls count by @​MGaetan89 in mockk/mockk#1298
• Run unmockkAll after each JUnit 5 test by @​erikhuizinga in mockk/mockk#1297

New Contributors

• @​SackCastellon made their first contribution in mockk/mockk#1253
• @​thamp59 made their first contribution in mockk/mockk#1265
• @​xzhang-brex made their first contribution in mockk/mockk#1276
• @​Kulesko made their first contribution in mockk/mockk#1281
• @​LitterSun made their first contribution in mockk/mockk#1285
• @​VasilisDrettas-tomtom made their first contribution in mockk/mockk#1295
• @​MGaetan89 made their first contribution in mockk/mockk#1298

Full Changelog: mockk/mockk@1.13.11...1.13.13

Commits

• a81fe33 Version bump
• edf9f95 Merge pull request #1297 from erikhuizinga/erikhuizinga-bench-junit-api
• ba215b8 Merge pull request #1298 from MGaetan89/update_calls_bounds_msg
• c841e51 Improve error message on unexpected calls count
• 6688d6a Respect JUnit 5 test instance lifecycle
• 7314083 Add Gradle wrapper validation
• 92d1d0d Dump API
• e1c2de7 Reformat
• 9f1c5b2 Unmock after each test
• b1d3dc0 Benchmark clearAllMocks and unmockkAll
• Additional commits viewable in compare view

Updates org.testcontainers:postgresql from 1.20.1 to 1.20.4

Release notes

Sourced from org.testcontainers:postgresql's releases.

1.20.4

What's Changed

• Update docs version to ${GITHUB_REF##*/} (#9450) @​github-actions
• Update testcontainers version to ${GITHUB_REF##*/} (#9449) @​github-actions

🚀 Features & Enhancements

• [localstack] Add testcontainer marker labels to additional localstack flags (#9531) @​dfangl
• Remove extra call to docker credentials (#9545) @​eddumelendez
• Remove privilegedMode in Db2Container (#9460) @​hfhbd

🐛 Bug Fixes

• Fix docker credentials output (#9544) @​eddumelendez
• Fix cockroachdb wait strategy with version >= 22.1.0 (#9505) @​eddumelendez
• Check if container belongs to a network when using exposeHostPorts (#8298) @​TomDeBacker
• Revert "Add shutdownHook to send sigterm to ryuk (#7717)" (#9504) @​eddumelendez
• Stop container that doesn't match wait strategy (#9474) @​ssheikin
• Fix ClickHouse wait strategy (#9466) @​livk-cloud

📖 Documentation

• Fix default client.ping.timeout value in docs (#9464) @​KyleAure
• Add container implementation for Typesense (#9454) @​eddumelendez

📦 Dependency updates

• Update ryuk version to 0.11.0 (#9453) @​eddumelendez

1.20.3

What's Changed

• Pin OceanBase image (#9416) @​eddumelendez
• Fix execution in windows runner (#9413) @​eddumelendez

🚀 Features & Enhancements

• Log exception on socket problems (#8055) @​ciis0
• Add support for apachepulsar/pulsar-all image (#9448) @​eddumelendez
• Introduce new property to configure pull.timeout (#9417) @​eddumelendez
• Add r2dbc support for Clickhouse (#8434) @​livk-cloud
• Support reset value in Docker Compose (#9343) @​eddumelendez

🐛 Bug Fixes

• fix: await during DockerClientProviderStrategy test method (#9412) @​KyleAure
• Parse docker compose file correctly when version is not declared (#9420) @​eddumelendez
• Read docker credentials stdout and stderr independently (#8007) @​Smeb
• Use server URL from auth query if helper does not return one (#9056) @​eager-signal

... (truncated)

Commits

• 39ff5f8 [localstack] Add testcontainer marker labels to additional localstack flags (...
• 1facaf0 Remove extra call to docker credentials (#9545)
• c68f791 Update com.gradle.enterprise.gradle.plugin version to 3.18.2
• e3e7fdc Update gradle/setup-gradle version to v4
• 964c6e6 Fix docker credentials output (#9544)
• c01fc1b Use cockroachdb version in testcontainers jdbc url test
• 0200a5d Fix cockroachdb wait strategy with version >= 22.1.0 (#9505)
• be7251b Check if container belongs to a network when using exposeHostPorts (#8298)
• 78ba315 Revert "Add shutdownHook to send sigterm to ryuk (#7717)" (#9504)
• 10f32af Stop container that doesn't match wait strategy (#9474)
• Additional commits viewable in compare view

Updates com.nimbusds:nimbus-jose-jwt from 9.41.1 to 9.47

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

9.41.1 (2024-09-12) * Fixes JSONObjectUtils.parse((String)null) regression, must throw ParseException, not NullPointerException. Regression introduced in 9.24 after dependency switch from JSON Smart to Gson (iss #557). * Fixes JWKSet.parse((String)null) regression, must throw ParseException, not NullPointerException (iss #557). * The ParseException thrown by X509CertChainUtils.parse(List) must include the message from the underlying java.security.cert.CertificateException (iss #565).

9.41.2 (2024-10-01) * JWEHeader must support the special case of an "aud" header value of type string (iss #569).

9.42 (2024-10-28) * Promotes getCompatibleAlgorithms from MACSigner to MACProvider. * Promotes getMinRequiredSecretLength from MACSigner to MACProvider. * Removes the Set argument from the protected MACProvider constructors, the compatible HSxxx algorithms are now determined within the constructor. * MACVerifier must enforce a minimum secret key length of 384 bits for HS384 and of 512 bits for HS512 (iss #563). * OctetSequenceKeyGenerator must support "exp", "nbf" and "iat" (iss #575). * Updates to com.google.crypto.tink:tink:1.15.0

9.43 (2024-10-31) * Adds JWK.toRevokedJWK(KeyRevocation) method.

9.44 (2024-11-01) * JWKMatcher receives a capability to match non-revoked and revoked keys only, with JWKMatcher.Builder.nonRevokedOnly and revokedOnly. * Adds JWKMatcher.Builder.withKeyUseOnly, deprecating hasKeyUse. * Adds JWKMatcher.Builder.withKeyIDOnly, deprecating hasKeyID. * Adds JWKMatcher.Builder.withX509CertChainOnly, deprecating hasX509CertChain.

9.45 (2024-11-01) * New JWKMatcher.Builder(JWKMatcher) constructor.

9.46 (2024-11-08) * Adds JWKParameterNames.PUBLIC constant Set with the standard public JWK parameter names.

9.47 (2024-11-14) * Adds static JSONArrayUtils.parse(String). * Adds static JSONArrayUtils.toJSONString(List). * JSONObjectUtils.toJSONString must throw NPE on null String (iss #577). * Fixes regression: Invalid JSON was accepted in versions 9.24+ (iss #574).

Commits

• 5f85b45 [maven-release-plugin] prepare for next development iteration
• 25b2724 Fix | JweHeader's aud parameter should support a special case
• 7abd952 Merged in bugfix/iss569 (pull request #123)
• e582652 Simplifies JWEHeader.parse code for "aud", adds more tests (iss #535)
• 44341dd [maven-release-plugin] prepare release 9.42.2
• 3f9091e [maven-release-plugin] prepare for next development iteration
• 94a2e4d Fixes issue 569 number in 9.41.2 change log
• b054857 OctetSequenceKeyGenerator must support "exp", "nbf" and "iat" (iss #575)
• bda30fd MACVerifier must enforce a minimum secret key length of 384 bits for HS384 an...
• ca40f50 Removes the Set<JWSAlgorithm> argument from the protected MACProvider constru...
• Additional commits viewable in compare view

Updates com.gradleup.shadow from 8.3.2 to 8.3.5

Release notes

Sourced from com.gradleup.shadow's releases.

8.3.5

Fixed

• Revert "Bump Java level to 11" (#1011).
  This reverts the change to maintain compatibility with 8.x versions. The Java level will be bumped to 11 or above in the next major release.

8.3.4

Fixed

• Apply legacy plugin last, and declare capabilities for old plugins, fixes #964. (#991)

8.3.3

Changed

• Disable Develocity integration by default. (#993)

Commits

• 09be106 Prepare version 8.3.5
• f991608 Revert "Bump Java level to 11" (#1011)
• e9aa551 Migrate existing Junit 4 usages to Junit 5 (#998)
• 2c30155 Update release dates
• 6d40a9e Prepare next development version
• 85cb991 Prepare version 8.3.4
• 1bb88d1 chore(deps): update plugin com.diffplug.spotless to v7.0.0.beta4 (#1007)
• 8aad9ad Apply legacy plugin last, and declare capabilities for old plugins (#991)
• b0842f2 fix(deps): update junit5 monorepo to v5.11.3 (#1006)
• 0465d01 chore(deps): update plugin com.diffplug.spotless to v7.0.0.beta3 (#1003)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions