Commit Graph
100 Commits
Author SHA1 Message Date
LudyandGitHub 45462dc5d4 Use setup-bot token for GitHub Actions and fix GH_APP_ID secret reference (#3615)
# Description of Changes

Please provide a summary of the changes, including:

- **What was changed**  
- In **`.github/workflows/check_properties.yml`**, each
`actions/github-script` step now uses the GitHub App token output (`${{
steps.setup-bot.outputs.token }}`) instead of relying on the default
`secrets.GITHUB_TOKEN`.
- In **`.github/workflows/sync_files.yml`**, the `app-id` input for the
`setup-bot` action was corrected to use `${{ secrets.GH_APP_ID }}`
instead of `${{ vars.GH_APP_ID }}`.

- **Why the change was made**  
- To ensure all workflow steps authenticate through the GitHub App with
least-privilege tokens, improving security and avoiding permission
issues with the default token or inaccessible repo variables.
- To maintain consistency across workflows by centralizing
authentication to the App’s token output.


---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-05-31 12:23:20 +01:00
LudyandGitHub be1a9cc8da Standardize GitHub App Bot Authentication Across Workflows (#3582)
# Description of Changes

Please provide a summary of the changes, including:

- **What was changed**  
- Removed individual `actions/create-github-app-token` steps and
replaced them with a centralized `setup-bot` custom action across all
workflows.
- Updated steps to use `steps.setup-bot.outputs` instead of
`steps.generate-token.outputs`.
- Standardized step names and ordering (e.g. checkout before bot setup).
- Simplified `sync_files.yml` by eliminating the `read_bot_entries` job
and directly using `setup-bot` outputs.
- Added or adjusted permissions where required (e.g.
`repository-projects: write` in `licenses-update.yml`).

- **Why the change was made**  
- To centralize and standardize GitHub App authentication logic, reduce
duplication, and improve maintainability of CI workflows.
- To ensure a consistent bot identity (app slug, token,
committer/author) across all actions and PR automation.
- To streamline workflow configurations and make future updates easier.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-05-27 12:36:41 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
feb84f001c Bump org.springframework.session:spring-session-core from 3.4.3 to 3.5.0 (#3591)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session)
from 3.4.3 to 3.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's
releases</a>.</em></p>
<blockquote>
<h2>3.5.0</h2>
<h2>🪲 Bug Fixes</h2>
<ul>
<li>Fix Race Condition in Integration Tests Using Redis
SessionEventRegistry <a
href="https://redirect.github.com/spring-projects/spring-session/issues/3400">#3400</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump com.fasterxml.jackson.core:jackson-databind from 2.18.3 to
2.18.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3393">#3393</a></li>
<li>Bump io.projectreactor:reactor-bom from 2024.0.5 to 2024.0.6 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3395">#3395</a></li>
<li>Bump io.projectreactor:reactor-core from 3.6.16 to 3.6.17 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3394">#3394</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to
1.0.6 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3392">#3392</a></li>
<li>Bump io.spring.javaformat:spring-javaformat-checkstyle from 0.0.43
to 0.0.45 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3402">#3402</a></li>
<li>Bump io.spring.javaformat:spring-javaformat-gradle-plugin from
0.0.43 to 0.0.45 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3404">#3404</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2025.0.0-RC1 to
2025.0.1-SNAPSHOT <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3397">#3397</a></li>
<li>Bump org.springframework.security:spring-security-bom from 6.5.0-RC1
to 6.5.1-SNAPSHOT <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3401">#3401</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3403">#3403</a></li>
<li>Spring Security 6.5.0 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3406">#3406</a></li>
<li>Update to Spring Data 2025.0.0 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3405">#3405</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/rwinch"><code>@​rwinch</code></a></p>
<h2>3.5.0-RC1</h2>
<h2> New Features</h2>
<ul>
<li>Introduce CompositeHttpSessionIdResolver <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3264">#3264</a></li>
<li>Start JDBC transactions only when there is an update <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3330">#3330</a></li>
</ul>
<h2>🪲 Bug Fixes</h2>
<ul>
<li>Explicitly use junit-platform-launcher <a
href="https://redirect.github.com/spring-projects/spring-session/issues/3367">#3367</a></li>
<li>Fix jdbc session with special characters <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3316">#3316</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump io.projectreactor:reactor-bom from 2024.0.4 to 2024.0.5 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3380">#3380</a></li>
<li>Bump io.projectreactor:reactor-core from 3.6.15 to 3.6.16 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3381">#3381</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to
1.0.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3377">#3377</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.4 to
1.0.5 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3387">#3387</a></li>
<li>Bump org.aspectj:aspectjweaver from 1.9.23 to 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3378">#3378</a></li>
<li>Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3369">#3369</a></li>
<li>Bump org.mariadb.jdbc:mariadb-java-client from 3.5.2 to 3.5.3 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3371">#3371</a></li>
<li>Bump org.springframework.boot:spring-boot-gradle-plugin from
3.5.0-M3 to 3.5.0-SNAPSHOT <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3373">#3373</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2025.0.0-M2 to
2025.0.0-SNAPSHOT <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3372">#3372</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3384">#3384</a></li>
<li>Update to Spring Boot 3.5.0 (dependencies) <a
href="https://redirect.github.com/spring-projects/spring-session/issues/3368">#3368</a></li>
<li>Update to Spring Security 6.5.0-rc1 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3386">#3386</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-session/commit/817b17251ab34a473a03b9707f55c42d687c7758"><code>817b172</code></a>
Release 3.5.0</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/5a9c22000aa1ed5f38dea04ec99883a71728875b"><code>5a9c220</code></a>
Update to Spring Security 6.5.0</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/ce5efb7e51910a49591c015c8a1a2bbf67b73fd3"><code>ce5efb7</code></a>
Update to Spring Data 2025.0.0</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/d6391a8a42c03f4307eea2edfb926d7310b11632"><code>d6391a8</code></a>
Revert &quot;Bump
io.spring.javaformat:spring-javaformat-checkstyle&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/f75cd2454a5d52406d8e8c4822ee654fbd72309f"><code>f75cd24</code></a>
Revert &quot;Bump
org.springframework.security:spring-security-bom&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/ca4694310104e6ecb76e089805fc0810788e5efe"><code>ca46943</code></a>
Bump org.springframework.security:spring-security-bom</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/bf09912a7f697168a21a90ba47ab275a765f8608"><code>bf09912</code></a>
Bump io.spring.javaformat:spring-javaformat-checkstyle</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/ae2f60668bcf026e651ee65589ecf6a1c082bffc"><code>ae2f606</code></a>
Bump io.spring.javaformat:spring-javaformat-gradle-plugin</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/05e9a3ec755d212de4dff85811ea8e2c27ec9c28"><code>05e9a3e</code></a>
Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/6fb972d633e144ef3c9eea8577e0074e24caab8b"><code>6fb972d</code></a>
Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to
1.0.6</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-session/compare/3.4.3...3.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.session:spring-session-core&package-manager=gradle&previous-version=3.4.3&new-version=3.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-27 12:14:42 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ea5515b614 Bump org.mockito:mockito-core from 5.17.0 to 5.18.0 (#3593)
Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito)
from 5.17.0 to 5.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mockito/mockito/releases">org.mockito:mockito-core's
releases</a>.</em></p>
<blockquote>
<h2>v5.18.0</h2>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog
generated by <a
href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog
Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted
--></p>
<h4>5.18.0</h4>
<ul>
<li>2025-05-20 - <a
href="https://github.com/mockito/mockito/compare/v5.17.0...v5.18.0">5
commit(s)</a> by Eugene Platonov, Patrick Doyle, Tim van der Lippe,
dependabot[bot]</li>
<li>Make vararg checks Scala friendly (for mockito-scala) [(<a
href="https://redirect.github.com/mockito/mockito/issues/3651">#3651</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3651">mockito/mockito#3651</a>)</li>
<li>For UnfinishedStubbingException, suggest the possibility of another
thread [(<a
href="https://redirect.github.com/mockito/mockito/issues/3636">#3636</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3636">mockito/mockito#3636</a>)</li>
<li>UnfinishedStubbingException ought to suggest the possibility of
another thread [(<a
href="https://redirect.github.com/mockito/mockito/issues/3635">#3635</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3635">mockito/mockito#3635</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mockito/mockito/commit/06737471ea19ca023581351eeac778ffbce8da74"><code>0673747</code></a>
Force Jacoco version for Android</li>
<li><a
href="https://github.com/mockito/mockito/commit/65388f01eb8a555c4df5dec692ba9abf8a2591b8"><code>65388f0</code></a>
Update Jacoco version to 0.8.13</li>
<li><a
href="https://github.com/mockito/mockito/commit/60179ca10dbd29ff959d7eae670ce95b3f19f5fd"><code>60179ca</code></a>
Bump bytebuddy from 1.15.11 to 1.16.1</li>
<li><a
href="https://github.com/mockito/mockito/commit/8f15169774cb639b5757f121f27d6c0d8ca18c97"><code>8f15169</code></a>
Make vararg checks Scala friendly (<a
href="https://redirect.github.com/mockito/mockito/issues/3651">#3651</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/3a631cb87082fff212bc00c00970508b4ce63072"><code>3a631cb</code></a>
Add hint for multithreading in <code>UnfinishedStubbingException</code>
(<a
href="https://redirect.github.com/mockito/mockito/issues/3636">#3636</a>)</li>
<li>See full diff in <a
href="https://github.com/mockito/mockito/compare/v5.17.0...v5.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.mockito:mockito-core&package-manager=gradle&previous-version=5.17.0&new-version=5.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-27 12:14:17 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b1a6e1b481 Bump org.springframework.boot from 3.4.5 to 3.5.0 (#3594)
Bumps
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
from 3.4.5 to 3.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.0</h2>
<p>Full <a
href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release
notes for Spring Boot 3.5</a> are available on the wiki.</p>
<h2> New Features</h2>
<ul>
<li>Make heapdump endpoint restricted by default <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li>
<li>Remove SSL status tag from metrics <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li>
<li>Remove 'spring.http.client' deprecation and change
'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Unable to override/set nested ConfigurationProperties by passing as
a system property <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li>
<li>ValidationAutoConfiguration triggers early initialization of
properties binding <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li>
<li>Micrometer &quot;enable&quot; annotations property does not cover
observed aspect <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li>
<li>spring.graphql.sse.timeout is no longer exposed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li>
<li>SpringApplication.setEnvironmentPrefix is ignored when reading
SPRING_PROFILES_ACTIVE <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li>
<li>IllegalStateException when extracting using layers a module with no
code of its own <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li>
<li>Removed spring.batch.initialize-schema property is still considered
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li>
<li>ReactorHttpClientBuilder does not offer a factory method to create
the HttpClient <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li>
<li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned
with Hibernate <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li>
<li>Custom default units declared on a field are ignored when binding
properties in a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li>
<li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a
fallback for the Credentials helper <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li>
<li>Various spring.datasource properties are mistakenly marked as
ignored <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li>
<li>JerseyWebApplicationInitializer always gets loaded, setting a
ServletContext initParameter <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li>
<li>DockerRegistryConfigAuthentication does not align with Docker CLI <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li>
<li>Unlike the Docker CLI, &quot;\x00&quot; characters are not trimmed
from a decoded Docker Registry password <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li>
<li>CloudFoundry security matcher logs a warning due to use of the
'ignoring()' method <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document the java info contribution <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li>
<li>Document the process info contribution <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li>
<li>Document the os info contribution <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li>
<li>Document typical spring.application.group and name use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li>
<li>Document that bean methods should be static when annotated with
<code>@ConfigurationPropertiesBinding</code> <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li>
<li>Document the way that primary Kotlin constructors are used when
binding <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li>
<li>Improve &quot;profile&quot; reference documentation with additional
admonitions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li>
<li>Improve setEnvironmentPrefix(...) reference documentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li>
<li>Document all the available Testcontainers integrations <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li>
<li>Document when a spring.config.import value is relative and when it
is fixed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li>
<li>Update org.cyclonedx.bom version in docs to 2.3.0 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li>
<li>Update link to &quot;Parameter Name Retention&quot; section of
Spring Framework's release notes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Prevent upgrade to Prometheus Client 1.3.7 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li>
<li>Upgrade to Couchbase Client 3.8.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li>
<li>Upgrade to Elasticsearch 8.18.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li>
<li>Upgrade to GraphQL Java 24.0 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li>
<li>Upgrade to Hibernate 6.6.15.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a>
Release v3.5.0</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a>
Merge branch '3.4.x'</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a>
Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a>
Ensure descendants are always recalculated on cache refresh</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a>
Merge branch '3.4.x'</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a>
Next development version (v3.4.7-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a>
Merge branch '3.4.x'</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a>
Next development version (v3.3.13-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a>
Merge branch '3.4.x'</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot&package-manager=gradle&previous-version=3.4.5&new-version=3.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-27 12:14:12 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d59e39b4b6 Bump org.mockito:mockito-core from 5.11.0 to 5.17.0 (#3551)
Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito)
from 5.11.0 to 5.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mockito/mockito/releases">org.mockito:mockito-core's
releases</a>.</em></p>
<blockquote>
<h2>v5.17.0</h2>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog
generated by <a
href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog
Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted
--></p>
<h4>5.17.0</h4>
<ul>
<li>2025-04-04 - <a
href="https://github.com/mockito/mockito/compare/v5.16.1...v5.17.0">7
commit(s)</a> by Adrian Roos, Andre Kurait, Jan Ouwens, Rafael
Winterhalter, Taeik Lim, Thach Le, Tim van der Lippe</li>
<li>Fixes <a
href="https://redirect.github.com/mockito/mockito/issues/3631">#3631</a>:
Fix broken banner image link [(<a
href="https://redirect.github.com/mockito/mockito/issues/3632">#3632</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3632">mockito/mockito#3632</a>)</li>
<li>Banner image is broken [(<a
href="https://redirect.github.com/mockito/mockito/issues/3631">#3631</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3631">mockito/mockito#3631</a>)</li>
<li>Update exception message with mockito-inline [(<a
href="https://redirect.github.com/mockito/mockito/issues/3628">#3628</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3628">mockito/mockito#3628</a>)</li>
<li>Clarify structure of commit messages [(<a
href="https://redirect.github.com/mockito/mockito/issues/3626">#3626</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3626">mockito/mockito#3626</a>)</li>
<li>Fixes <a
href="https://redirect.github.com/mockito/mockito/issues/3622">#3622</a>:
MockitoExtension fails cleanup when aborted before setup [(<a
href="https://redirect.github.com/mockito/mockito/issues/3623">#3623</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3623">mockito/mockito#3623</a>)</li>
<li>MockitoExtension fails cleanup when aborted before setup [(<a
href="https://redirect.github.com/mockito/mockito/issues/3622">#3622</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3622">mockito/mockito#3622</a>)</li>
<li>Since mockito-inline has been removed, the exception messages with
<code>mockito-inline</code> should be modified. [(<a
href="https://redirect.github.com/mockito/mockito/issues/3621">#3621</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3621">mockito/mockito#3621</a>)</li>
<li>Fixes <a
href="https://redirect.github.com/mockito/mockito/issues/3171">#3171</a>:
Fall back to Throwable Location strategy on Android [(<a
href="https://redirect.github.com/mockito/mockito/issues/3619">#3619</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3619">mockito/mockito#3619</a>)</li>
<li>Fixes <a
href="https://redirect.github.com/mockito/mockito/issues/3615">#3615</a>
: broken links to javadoc.io [(<a
href="https://redirect.github.com/mockito/mockito/issues/3616">#3616</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3616">mockito/mockito#3616</a>)</li>
<li>Broken links to javadoc.io [(<a
href="https://redirect.github.com/mockito/mockito/issues/3615">#3615</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3615">mockito/mockito#3615</a>)</li>
<li>Mocks are not working on particular devices after update Android SDK
from 33 to 34 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3171">#3171</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3171">mockito/mockito#3171</a>)</li>
</ul>
<h2>v5.16.1</h2>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog
generated by <a
href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog
Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted
--></p>
<h4>5.16.1</h4>
<ul>
<li>2025-03-15 - <a
href="https://github.com/mockito/mockito/compare/v5.16.0...v5.16.1">3
commit(s)</a> by Adrian Roos, Jérôme Prinet, Rafael Winterhalter</li>
<li>Remove Arrays.asList from critical stubbing path in
GenericMetadataSu… [(<a
href="https://redirect.github.com/mockito/mockito/issues/3610">#3610</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3610">mockito/mockito#3610</a>)</li>
<li>Rework of injection strategy in the context of modules [(<a
href="https://redirect.github.com/mockito/mockito/issues/3608">#3608</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3608">mockito/mockito#3608</a>)</li>
<li>Adjust inline mocking snippet to allow task relocatability [(<a
href="https://redirect.github.com/mockito/mockito/issues/3606">#3606</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3606">mockito/mockito#3606</a>)</li>
<li>Inline mocking configuration snippet for Gradle should allow task
relocatability [(<a
href="https://redirect.github.com/mockito/mockito/issues/3605">#3605</a>)](<a
href="https://redirect.github.com/mockito/mockito/issues/3605">mockito/mockito#3605</a>)</li>
</ul>
<h2>v5.16.0</h2>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog
generated by <a
href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog
Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted
--></p>
<h4>5.16.0</h4>
<ul>
<li>2025-03-03 - <a
href="https://github.com/mockito/mockito/compare/v5.15.2...v5.16.0">10
commit(s)</a> by Brice Dutheil, Rafael Winterhalter, TDL,
dependabot[bot]</li>
<li>Add support for including module-info in Mockito. [(<a
href="https://redirect.github.com/mockito/mockito/issues/3597">#3597</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3597">mockito/mockito#3597</a>)</li>
<li>Bump com.gradle.develocity from 3.19 to 3.19.1 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3579">#3579</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3579">mockito/mockito#3579</a>)</li>
<li>Bump org.assertj:assertj-core from 3.27.2 to 3.27.3 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3577">#3577</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3577">mockito/mockito#3577</a>)</li>
<li>Bump com.diffplug.spotless:spotless-plugin-gradle from 7.0.1 to
7.0.2 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3574">#3574</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3574">mockito/mockito#3574</a>)</li>
<li>Bump com.diffplug.spotless:spotless-plugin-gradle from 6.25.0 to
7.0.1 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3571">#3571</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3571">mockito/mockito#3571</a>)</li>
<li>Bump org.assertj:assertj-core from 3.27.1 to 3.27.2 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3569">#3569</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3569">mockito/mockito#3569</a>)</li>
<li>Tweaks documentation on mockito agent config for maven [(<a
href="https://redirect.github.com/mockito/mockito/issues/3568">#3568</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3568">mockito/mockito#3568</a>)</li>
<li>Adds <code>--info</code> to diagnose
closeAndReleaseStagingRepositories issues [(<a
href="https://redirect.github.com/mockito/mockito/issues/3567">#3567</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3567">mockito/mockito#3567</a>)</li>
<li>Refine reflection when calling management factory [(<a
href="https://redirect.github.com/mockito/mockito/issues/3566">#3566</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3566">mockito/mockito#3566</a>)</li>
<li>Avoid warning when dynamic attach is enabled [(<a
href="https://redirect.github.com/mockito/mockito/issues/3551">#3551</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3551">mockito/mockito#3551</a>)</li>
</ul>
<h2>v5.15.2</h2>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog
generated by <a
href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog
Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted
--></p>
<h4>5.15.2</h4>
<ul>
<li>2025-01-02 - <a
href="https://github.com/mockito/mockito/compare/v5.15.1...v5.15.2">2
commit(s)</a> by Brice Dutheil, dependabot[bot]</li>
<li>Fix javadoc publication [(<a
href="https://redirect.github.com/mockito/mockito/issues/3561">#3561</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3561">mockito/mockito#3561</a>)</li>
<li>Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 [(<a
href="https://redirect.github.com/mockito/mockito/issues/3560">#3560</a>)](<a
href="https://redirect.github.com/mockito/mockito/pull/3560">mockito/mockito#3560</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mockito/mockito/commit/7764992d1250f4e7f6ffd10f650dc89516139c8d"><code>7764992</code></a>
Remove mention of <code>mockito-inline</code> from mockmaker exception
(<a
href="https://redirect.github.com/mockito/mockito/issues/3628">#3628</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/ee92ad4916d9f3f6ae6836bdba5c30f8404d3d50"><code>ee92ad4</code></a>
Fix broken banner image link (<a
href="https://redirect.github.com/mockito/mockito/issues/3632">#3632</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/3edab5283552c3c6c393d8c818c8d6a8fa1f94a5"><code>3edab52</code></a>
Clarify structure of commit messages (<a
href="https://redirect.github.com/mockito/mockito/issues/3626">#3626</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/bfab74365e91135b2f88ccb0228372a8799d9279"><code>bfab743</code></a>
Fall back to Throwable Location strategy on Android (<a
href="https://redirect.github.com/mockito/mockito/issues/3619">#3619</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/4f469c830b2f6ab0e1f061e9383aff2e6f9f8376"><code>4f469c8</code></a>
MockitoExtension fails cleanup when aborted before setup (<a
href="https://redirect.github.com/mockito/mockito/issues/3623">#3623</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/1764e62102f525ff9a82b8166b8596edd25f5b7f"><code>1764e62</code></a>
Update links to javadoc.io (<a
href="https://redirect.github.com/mockito/mockito/issues/3616">#3616</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/1e029d767b33ee8de42e58459a2c3e63ab3f7c41"><code>1e029d7</code></a>
Add missing requirement to objenesis.</li>
<li><a
href="https://github.com/mockito/mockito/commit/d000e630775cfa45752eeb491a197283e7370621"><code>d000e63</code></a>
Rework of injection strategy in the context of modules (<a
href="https://redirect.github.com/mockito/mockito/issues/3608">#3608</a>)</li>
<li><a
href="https://github.com/mockito/mockito/commit/0215884a5e68016504be98599b3045070a558002"><code>0215884</code></a>
Remove Arrays.asList from critical stubbing path in
GenericMetadataSupport (#...</li>
<li><a
href="https://github.com/mockito/mockito/commit/d18503512b01eed650f5fdf78f7e3c02755c8ee5"><code>d185035</code></a>
Add reference to Gradle documentation on how to make task relocatable
(<a
href="https://redirect.github.com/mockito/mockito/issues/3606">#3606</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/mockito/mockito/compare/v5.11.0...v5.17.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.mockito:mockito-core&package-manager=gradle&previous-version=5.11.0&new-version=5.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 12:00:31 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9514370cc3 Bump org.gradle.toolchains.foojay-resolver-convention from 0.10.0 to 1.0.0 (#3552)
Bumps org.gradle.toolchains.foojay-resolver-convention from 0.10.0 to
1.0.0.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.gradle.toolchains.foojay-resolver-convention&package-manager=gradle&previous-version=0.10.0&new-version=1.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:58:23 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b9dd78ced6 Bump io.micrometer:micrometer-core from 1.14.7 to 1.15.0 (#3550)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.7 to 1.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.15.0</h2>
<h2> New Features</h2>
<ul>
<li>Further enhancement to OtlpMetricsSender <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6025">#6025</a></li>
<li>Make Prometheus Metric and Label naming conventions consistent <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5923">#5923</a></li>
<li>Metrics for Executors.newVirtualThreadPerTaskExecutor() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5488">#5488</a></li>
<li>Metrics for live virtual threads <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5950">#5950</a></li>
<li>More flexible OTLP per meter configuration <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6099">#6099</a></li>
<li>Prometheus/OpenMetrics <code>_created</code> timestamp <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/2625">#2625</a></li>
<li>Make jvm.classes.unloaded description generic <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5745">#5745</a></li>
<li>Use String.toLowerCase()/toUpperCase() with Locale.ROOT consistently
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5711">#5711</a></li>
<li>Use failWithActualExpectedAndMessage() where possible <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5696">#5696</a></li>
<li>Provide target host/port info in ObservationExecChainHandler when
HttpHostConnectException is thrown <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5615">#5615</a></li>
<li>Enable Gauge builders to take a subclass of Number <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5601">#5601</a></li>
<li>micrometer-observation-test support for assertions on events <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5576">#5576</a></li>
<li>Log delta count in addition to throughput in LoggingMeterRegistry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5548">#5548</a></li>
<li>Add peer name and port to gRPC observation contexts <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/3512">#3512</a></li>
<li>Use direct equals call instead of Objects.equals wrapper <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5840">#5840</a></li>
<li>Remove special handling of 404/301 from JDK HTTP client
instrumentation <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5838">#5838</a></li>
<li>Make Timer and LongTaskTimer output similar in LoggingMeterRegistry
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5835">#5835</a></li>
<li>Remove special handling of 404 and redirection statuses from Jetty
client instrumentation <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5825">#5825</a></li>
<li>Log deprecation warning when creating SignalFxMeterRegistry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5824">#5824</a></li>
<li>Log metrics recording failures in CountedAspect and TimedAspect <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5820">#5820</a></li>
<li>Remove special handling of 404/301 from OkHttp instrumentation <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5814">#5814</a></li>
<li>Support AutoShutdownDelegatedExecutorService in
ExecutorServiceMetrics <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5811">#5811</a></li>
<li>Deprecate micrometer-registry-signalfx in favor of
micrometer-registry-otlp <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5807">#5807</a></li>
<li>Rebind <code>Log4j2Metrics</code> when
<code>LoggerContext#reconfigure</code> is called <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5756">#5756</a></li>
<li>Send metrics via any protocol in the OTLP Registry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5690">#5690</a></li>
<li>Improve average performance of DefaultLongTaskTimer for out-of-order
stopping <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5591">#5591</a></li>
<li>Improve OtlpMetricsSender API <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5994">#5994</a></li>
<li>Support configuring exponential histograms at the meter level <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5459">#5459</a></li>
<li>Allow TimedAspect/CountedAspect to create tags based on method
result <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/3058">#3058</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Do not leak OTLP types on public-facing API <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5699">#5699</a></li>
<li>micrometer-observation-test brings unnecessary JUnit dependencies,
leading to conflicts <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6012">#6012</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump io.opentelemetry.proto:opentelemetry-proto from 1.4.0-alpha to
1.5.0-alpha <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5798">#5798</a></li>
<li>Bump com.google.cloud:libraries-bom from 26.55.0 to 26.56.0 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5991">#5991</a></li>
<li>Bump com.google.cloud:google-cloud-monitoring from 3.59.0 to 3.60.0
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5986">#5986</a></li>
<li>Bump com.google.auth:google-auth-library-oauth2-http from 1.32.1 to
1.33.0 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5963">#5963</a></li>
<li>Bump software.amazon.awssdk:cloudwatch from 2.29.46 to 2.30.11 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5863">#5863</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/e13042badcc34c2ca833bfd692924bd86e9d4c1e"><code>e13042b</code></a>
Bump software.amazon.awssdk:cloudwatch from 2.31.40 to 2.31.41 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6228">#6228</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/571793b84ed71c90012b378b94df02fdb417ecf2"><code>571793b</code></a>
Merge branch '1.14.x'</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/315c1b1817ca77b6d91b890586ae1826186b57c4"><code>315c1b1</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/a3ae027d8c6dd0fbd7851eb59a61e29341498f2b"><code>a3ae027</code></a>
Bump com.tngtech.archunit:archunit-junit5 from 1.3.1 to 1.3.2 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6225">#6225</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/ac6c26f7baf6c742a5daf509113d0197a23361d0"><code>ac6c26f</code></a>
Merge branch '1.14.x'</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/163203f98102e4e7bb8e9e4bc893257b162e2d49"><code>163203f</code></a>
Add missing colons in &quot;Environment&quot; section in bug_report.md
(<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6223">#6223</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/1713feed26a18f676b0e9f395354e4b8688731b1"><code>1713fee</code></a>
Bump maven-resolver from 1.9.22 to 1.9.23 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6222">#6222</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/e31548477ade9ab7933d2ff7f2a8817540598c5c"><code>e315484</code></a>
Bump software.amazon.awssdk:cloudwatch from 2.31.39 to 2.31.40 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6221">#6221</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/d6b8d4e8472dda214252a184ff8d244a7934e13a"><code>d6b8d4e</code></a>
Bump com.google.cloud:libraries-bom from 26.59.0 to 26.60.0 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6220">#6220</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/121056e6d59fb6995b65adf0b4a53aabbb47d63d"><code>121056e</code></a>
Bump software.amazon.awssdk:cloudwatch from 2.31.38 to 2.31.39 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6217">#6217</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.15.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.7&new-version=1.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:53:02 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f50f7230d0 Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.5 to 6.5.0 (#3549)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security)
from 6.4.5 to 6.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.5.0</h2>
<h2> New Features</h2>
<ul>
<li>Add documentation for DPoP support <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17072">#17072</a></li>
<li>Add logging to CsrfTokenRequestHandler implementations <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16994">#16994</a></li>
<li>Add mapping for DPoP in DefaultMapOAuth2AccessTokenResponseConverter
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/16806">#16806</a></li>
<li>Bump Gradle Wrapper from 8.13 to 8.14 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17018">#17018</a></li>
<li>ClientRegistrations.fromIssuerLocation does not include failure
information <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17015">#17015</a></li>
<li>Fix Typo In SubjectDnX509PrincipalExtractorTests <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16997">#16997</a></li>
<li>Implement internal cache in JtiClaimValidator <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17107">#17107</a></li>
<li>Polish javadoc <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16924">#16924</a></li>
<li>Remove unused classes <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16935">#16935</a></li>
<li>Replace NimbusOpaqueTokenIntrospector with
SpringOpaqueTokenIntrospector in Documentation <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16962">#16962</a></li>
<li>RequestHeaderAuthenticationFilter creates a session even if not
configured to do so <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17147">#17147</a></li>
</ul>
<h2>🪲 Bug Fixes</h2>
<ul>
<li>Add FunctionalInterface To X509PrincipalExtractor <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16952">#16952</a></li>
<li>Change NonNull import from reactor to spring <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16571">#16571</a></li>
<li>Fix DPoP jkt claim to be JWK SHA-256 thumbprint <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17080">#17080</a></li>
<li>Minor error in the Handling Logouts documentation <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17049">#17049</a></li>
<li>SecurityAnnotationScanner's method comparison should use .equals <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17145">#17145</a></li>
<li>Use proper configuration key in Opaque Token documentation <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17014">#17014</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17069">#17069</a></li>
<li>Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.19.0 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16995">#16995</a></li>
<li>Bump com.google.code.gson:gson from 2.13.0 to 2.13.1 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16990">#16990</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.0.RELEASE to
0.29.1.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17024">#17024</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.1.RELEASE to
0.29.2.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17095">#17095</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.6 to 1.14.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17096">#17096</a></li>
<li>Bump io.mockk:mockk from 1.14.0 to 1.14.2 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17019">#17019</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.17 to 2023.0.18 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17111">#17111</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to
1.0.6 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17040">#17040</a></li>
<li>Bump org-apache-maven-resolver from 1.9.22 to 1.9.23 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17088">#17088</a></li>
<li>Bump org-eclipse-jetty from 11.0.24 to 11.0.25 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16761">#16761</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.13.Final to
6.6.14.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17089">#17089</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.14.Final to
6.6.15.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17105">#17105</a></li>
<li>Bump org.seleniumhq.selenium:selenium-java from 4.31.0 to 4.32.0 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17037">#17037</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.4 to
2024.1.5 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16981">#16981</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.5 to
2024.1.6 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17137">#17137</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17124">#17124</a></li>
</ul>
<h2>🔩 Build Updates</h2>
<ul>
<li>Release 6.5.0 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17138">#17138</a></li>
</ul>
<h2>❤️ Contributors</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/0fd0e9335ae3a6ff3538045d098dd6b94679d99e"><code>0fd0e93</code></a>
Release 6.5.0</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/78dd02a4c18502fa668ca7736581eaed8193891c"><code>78dd02a</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/edc8735eb8ba1c378826499db5160cea44db462a"><code>edc8735</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/cae3467a8d5fdf4ef0f5c2343d48aa9c48445be2"><code>cae3467</code></a>
Improve AbstractPreAuthenticatedProcessingFilter docs</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/9a8f9a91bc1e4b97cd47dd3c61ac7451e62c15ca"><code>9a8f9a9</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/c972de5369a1261ab674a3f5e3a80e8ce3e8cdfb"><code>c972de5</code></a>
Use .equals to Compare Methods</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/bf2aaa1b1830e534ba651d422545ac08a115151b"><code>bf2aaa1</code></a>
Use .equals to Compare Methods</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/6fb0591109e3c6d9fef9ee2d1a4f215c738c22da"><code>6fb0591</code></a>
Merge branch
'gradle/6.5.x/org.springframework.data-spring-data-bom-2024.1.6'...</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/390972c4a05b3a664c0e1b936d63712559c53a1f"><code>390972c</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/36905173951d20085c226b82da552ec4ff9ab9ee"><code>3690517</code></a>
Merge branch
'gradle/6.4.x/org.springframework.data-spring-data-bom-2024.1.6'...</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.4.5...6.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.security:spring-security-saml2-service-provider&package-manager=gradle&previous-version=6.4.5&new-version=6.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:52:50 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8ecd4e9c36 Bump org.springframework:spring-webmvc from 6.2.6 to 6.2.7 (#3547)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework)
from 6.2.6 to 6.2.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.7</h2>
<h2> New Features</h2>
<ul>
<li>Forward more methods to underlying InputStream in
NonClosingInputStream <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34893">#34893</a></li>
<li>Introduce Spring property for the default property placeholder
escape character <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34865">#34865</a></li>
<li>Close ApplicationContext once AOT processing has completed <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34841">#34841</a></li>
<li>Fix
<code>AbstractJackson2HttpMessageConverter#getObjectMappersForType</code>
nullness <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34811">#34811</a></li>
<li>Add option for case-insensitive match to PatternMatchUtils <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34801">#34801</a></li>
<li>RestClient <code>@RequestBody</code> parameters lose generic type
information when creating HTTP service beans <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34793">#34793</a></li>
<li>Adds option to set Principal in MockServerWebExchange <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34789">#34789</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Beans created by FactoryBean are not considered as autowiring
candidates if another thread holds a singletonLock <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34902">#34902</a></li>
<li><code>PropertySourcesPlaceholderConfigurer</code> placeholder
resolution fails in several scenarios <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34861">#34861</a></li>
<li>HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout
not working with httpclient 5.3.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34851">#34851</a></li>
<li>Fragment.create() requires mutable map - which is unusable when used
with Kotlin <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34848">#34848</a></li>
<li>Duplicate <code>BeanOverrideHandler</code> discovered in
<code>@Nested</code> test case with superclass from different class or
in interface implemented multiple times <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34844">#34844</a></li>
<li>Accidental ClassLoader defineClass enforcement after <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a>
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34824">#34824</a></li>
<li>HttpEntity.EMPTY headers should not be possible to mutate via
HttpHeaders constructor <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34812">#34812</a></li>
<li>AbstractFileResolvingResource.exists incorrectly reports result for
resources inside of spring-boot executable jar <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34796">#34796</a></li>
<li>Correctly expand query param with same name from URI variables array
<a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34783">#34783</a></li>
<li>R2DBC <code>NamedParameterUtils</code> only expands reused
collection parameter once <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34768">#34768</a></li>
<li><code>PathMatchingResourcePatternResolver</code> wrongly assumes
that <code>target/classes</code> always exists <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34764">#34764</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Clarify <code>CompositePropertySource</code> behavior for
<code>EnumerablePropertySource</code> contract <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34886">#34886</a></li>
<li>Javadoc and <code>@Nullable</code> annotation for
<code>servletContext</code> parameter of
<code>ConfigurableWebEnvironment.initPropertySources</code> are
contradictory <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34845">#34845</a></li>
<li>Spring MVC: <code>@EnableAsync</code> needs to be redeclared for
each ApplicationContext <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34843">#34843</a></li>
<li>Provide a working example instead of unclear placeholders <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34828">#34828</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Micrometer 1.14.7 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34889">#34889</a></li>
<li>Upgrade to Reactor 2024.0.6 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34898">#34898</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/Artur"><code>@​Artur</code></a>-, <a
href="https://github.com/blake-bauman"><code>@​blake-bauman</code></a>,
<a href="https://github.com/iifawzi"><code>@​iifawzi</code></a>, <a
href="https://github.com/kilink"><code>@​kilink</code></a>, <a
href="https://github.com/quaff"><code>@​quaff</code></a>, <a
href="https://github.com/whlit"><code>@​whlit</code></a>, and <a
href="https://github.com/zzoe2346"><code>@​zzoe2346</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/ba590ac9e49b46d347dc56f4498ee436a3b5969b"><code>ba590ac</code></a>
Release v6.2.7</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/ee62701f5634e904e42e218baad142cea2bcd332"><code>ee62701</code></a>
Make use of PatternMatchUtils ignoreCase option</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/fa168ca78ae134e82db8eacc109bb29266b36fb1"><code>fa168ca</code></a>
Revise FactoryBean locking behavior for strict/lenient consistency</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/3c228a5c1d07874d0bf2b9456921ab20fc6d5e22"><code>3c228a5</code></a>
Add missing <a href="https://github.com/since"><code>@​since</code></a>
tags in PatternMatchUtils</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9bf6b8cddffac2c0034e0e2f7a799a81ddb1f09f"><code>9bf6b8c</code></a>
Upgrade to Reactor 2024.0.6</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/37ecdd14372555c018c644e980666e47c06dcbe8"><code>37ecdd1</code></a>
Forward more methods to underlying InputStream in
NonClosingInputStream</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/73f1c5a189b0f6e65b5b8507d6862b480ec7193c"><code>73f1c5a</code></a>
Polishing</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/4d296fb4ca1b3f87fe4b9cd97132f2688533de2d"><code>4d296fb</code></a>
Upgrade to Micrometer 1.14.7</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/6a9444473f1aad080bf659563e56cc2bbd8f9512"><code>6a94444</code></a>
Clarify CompositePropertySource behavior for EnumerablePropertySource
contract</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/03ae97b2ebe2ff97ed3f78253758fb3cf6cacbbd"><code>03ae97b</code></a>
Introduce Spring property for default escape character for
placeholders</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.6...v6.2.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-webmvc&package-manager=gradle&previous-version=6.2.6&new-version=6.2.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:52:38 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9aa692674f Bump org.sonarqube from 6.1.0.5360 to 6.2.0.5505 (#3546)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps org.sonarqube from 6.1.0.5360 to 6.2.0.5505.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.sonarqube&package-manager=gradle&previous-version=6.1.0.5360&new-version=6.2.0.5505)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:52:15 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
89992fe643 Bump org.springframework:spring-jdbc from 6.2.6 to 6.2.7 (#3545)
Bumps
[org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework)
from 6.2.6 to 6.2.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.7</h2>
<h2> New Features</h2>
<ul>
<li>Forward more methods to underlying InputStream in
NonClosingInputStream <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34893">#34893</a></li>
<li>Introduce Spring property for the default property placeholder
escape character <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34865">#34865</a></li>
<li>Close ApplicationContext once AOT processing has completed <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34841">#34841</a></li>
<li>Fix
<code>AbstractJackson2HttpMessageConverter#getObjectMappersForType</code>
nullness <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34811">#34811</a></li>
<li>Add option for case-insensitive match to PatternMatchUtils <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34801">#34801</a></li>
<li>RestClient <code>@RequestBody</code> parameters lose generic type
information when creating HTTP service beans <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34793">#34793</a></li>
<li>Adds option to set Principal in MockServerWebExchange <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34789">#34789</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Beans created by FactoryBean are not considered as autowiring
candidates if another thread holds a singletonLock <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34902">#34902</a></li>
<li><code>PropertySourcesPlaceholderConfigurer</code> placeholder
resolution fails in several scenarios <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34861">#34861</a></li>
<li>HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout
not working with httpclient 5.3.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34851">#34851</a></li>
<li>Fragment.create() requires mutable map - which is unusable when used
with Kotlin <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34848">#34848</a></li>
<li>Duplicate <code>BeanOverrideHandler</code> discovered in
<code>@Nested</code> test case with superclass from different class or
in interface implemented multiple times <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34844">#34844</a></li>
<li>Accidental ClassLoader defineClass enforcement after <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a>
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34824">#34824</a></li>
<li>HttpEntity.EMPTY headers should not be possible to mutate via
HttpHeaders constructor <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34812">#34812</a></li>
<li>AbstractFileResolvingResource.exists incorrectly reports result for
resources inside of spring-boot executable jar <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34796">#34796</a></li>
<li>Correctly expand query param with same name from URI variables array
<a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34783">#34783</a></li>
<li>R2DBC <code>NamedParameterUtils</code> only expands reused
collection parameter once <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34768">#34768</a></li>
<li><code>PathMatchingResourcePatternResolver</code> wrongly assumes
that <code>target/classes</code> always exists <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34764">#34764</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Clarify <code>CompositePropertySource</code> behavior for
<code>EnumerablePropertySource</code> contract <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34886">#34886</a></li>
<li>Javadoc and <code>@Nullable</code> annotation for
<code>servletContext</code> parameter of
<code>ConfigurableWebEnvironment.initPropertySources</code> are
contradictory <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34845">#34845</a></li>
<li>Spring MVC: <code>@EnableAsync</code> needs to be redeclared for
each ApplicationContext <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34843">#34843</a></li>
<li>Provide a working example instead of unclear placeholders <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34828">#34828</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Micrometer 1.14.7 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34889">#34889</a></li>
<li>Upgrade to Reactor 2024.0.6 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34898">#34898</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/Artur"><code>@​Artur</code></a>-, <a
href="https://github.com/blake-bauman"><code>@​blake-bauman</code></a>,
<a href="https://github.com/iifawzi"><code>@​iifawzi</code></a>, <a
href="https://github.com/kilink"><code>@​kilink</code></a>, <a
href="https://github.com/quaff"><code>@​quaff</code></a>, <a
href="https://github.com/whlit"><code>@​whlit</code></a>, and <a
href="https://github.com/zzoe2346"><code>@​zzoe2346</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/ba590ac9e49b46d347dc56f4498ee436a3b5969b"><code>ba590ac</code></a>
Release v6.2.7</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/ee62701f5634e904e42e218baad142cea2bcd332"><code>ee62701</code></a>
Make use of PatternMatchUtils ignoreCase option</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/fa168ca78ae134e82db8eacc109bb29266b36fb1"><code>fa168ca</code></a>
Revise FactoryBean locking behavior for strict/lenient consistency</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/3c228a5c1d07874d0bf2b9456921ab20fc6d5e22"><code>3c228a5</code></a>
Add missing <a href="https://github.com/since"><code>@​since</code></a>
tags in PatternMatchUtils</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9bf6b8cddffac2c0034e0e2f7a799a81ddb1f09f"><code>9bf6b8c</code></a>
Upgrade to Reactor 2024.0.6</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/37ecdd14372555c018c644e980666e47c06dcbe8"><code>37ecdd1</code></a>
Forward more methods to underlying InputStream in
NonClosingInputStream</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/73f1c5a189b0f6e65b5b8507d6862b480ec7193c"><code>73f1c5a</code></a>
Polishing</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/4d296fb4ca1b3f87fe4b9cd97132f2688533de2d"><code>4d296fb</code></a>
Upgrade to Micrometer 1.14.7</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/6a9444473f1aad080bf659563e56cc2bbd8f9512"><code>6a94444</code></a>
Clarify CompositePropertySource behavior for EnumerablePropertySource
contract</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/03ae97b2ebe2ff97ed3f78253758fb3cf6cacbbd"><code>03ae97b</code></a>
Introduce Spring property for default escape character for
placeholders</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.6...v6.2.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-jdbc&package-manager=gradle&previous-version=6.2.6&new-version=6.2.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:52:04 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1f56ccfc99 Bump gradle/actions from 4.3.1 to 4.4.0 (#3544)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.1 to
4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<p>This release updates 2 downstream components:</p>
<ul>
<li>Develocity injection has been updated to <a
href="https://github.com/gradle/develocity-ci-injection/releases/tag/v2.0">v2.0</a>
<ul>
<li>Some environment variables related to Develocity injection have been
renamed. All vars now being with <code>DEVELOCITY_INJECTION_</code>.
Check <a
href="https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-develocity-injection">the
docs</a> for more details.</li>
</ul>
</li>
<li>Dependency-graph plugin has been updated to <a
href="https://github.com/gradle/github-dependency-graph-gradle-plugin/releases/tag/v1.4.0">v1.4.0</a>
<ul>
<li>The 'detector' values included in the generated graph can now be
configured via environment variables.</li>
</ul>
</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update develocity-injection init script to v1.3 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/592">gradle/actions#592</a></li>
<li>Update develocity-injection init script to v2.0 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/593">gradle/actions#593</a></li>
<li>[StepSecurity] ci: Harden GitHub Actions by <a
href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li>
<li>Use v1.4.0 of dependency graph plugin by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/638">gradle/actions#638</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.3.1...v4.4.0">https://github.com/gradle/actions/compare/v4.3.1...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/8379f6a1328ee0e06e2bb424dadb7b159856a326"><code>8379f6a</code></a>
Use v1.4.0 of dependency graph plugin (<a
href="https://redirect.github.com/gradle/actions/issues/638">#638</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/9f79b5fa2c0d6f1157051630d2fb45b9f10ca6a5"><code>9f79b5f</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/e093fac84ca6df405f28ca0317458de1a4c7ad65"><code>e093fac</code></a>
Bump the npm-dependencies group in /sources with 5 updates (<a
href="https://redirect.github.com/gradle/actions/issues/636">#636</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/768a17f3488dc3fe0155ff431553e1f53d57e22e"><code>768a17f</code></a>
Bump the npm-dependencies group in /sources with 2 updates (<a
href="https://redirect.github.com/gradle/actions/issues/635">#635</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/36541137722dacf3739105e1b760c6856d5369e4"><code>3654113</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/2ad385cb2aee647fa33b18e52b479ae14fed4c6c"><code>2ad385c</code></a>
Replace use of typed-rest-client with <code>@​actions/http-client</code>
(<a
href="https://redirect.github.com/gradle/actions/issues/634">#634</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/95dcf96b0d6e55b48ba036a7d7480ce25a00e6ef"><code>95dcf96</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/2e3238a6642725202f6a5656922bbe434f25b03e"><code>2e3238a</code></a>
Bump actions/download-artifact from 4.2.1 to 4.3.0 in
/.github/actions/init-i...</li>
<li><a
href="https://github.com/gradle/actions/commit/39dddb8ae7ff59c7416189aac27a8980abd89bd0"><code>39dddb8</code></a>
Remove direct use of octokit/request-error (<a
href="https://redirect.github.com/gradle/actions/issues/632">#632</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/755ed7db09daddecb584fd9d200146c632f1af98"><code>755ed7d</code></a>
[bot] Update dist directory</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/06832c7b30a0129d7fb559bcc6e43d26f6374244...8379f6a1328ee0e06e2bb424dadb7b159856a326">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.3.1&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:51:52 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f290f62e23 Bump actions/dependency-review-action from 4.7.0 to 4.7.1 (#3543)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 4.7.0 to 4.7.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<ul>
<li>Packages added to <code>allow-dependencies-licenses</code> will be
allowed even if the package in question has no license information <a
href="https://redirect.github.com/actions/dependency-review-action/issues/889">#889</a></li>
<li>License expressions (e.g. <code>Ruby OR GPL-2.0</code>) in the allow
list are automatically discarded so that they don't invalidate the whole
allow list, which should just be license identifier (e.g.
<code>Ruby</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/da24556b548a50705dd671f47852072ea4c105d9"><code>da24556</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/933">#933</a>
from actions/dangoor/471-release</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/9af0caf0e50bd16cea055a1319f959e718f9cd5d"><code>9af0caf</code></a>
Bump version number for 4.7.1</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/d8f2df20d5605f0dd46db3bd283002c24e357724"><code>d8f2df2</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/932">#932</a>
from actions/907-disallow-expression</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/6e9307a3d4e5049e0dd8b5f9d51dfa0544391d3a"><code>6e9307a</code></a>
Discard allow list entries that are not SPDX IDs</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/8805179dc9a63c54224914839d370dd93bd37b2e"><code>8805179</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/930">#930</a>
from actions/889-allow-no-license</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/014300b08cd78d8944f631eb3415e4c079cdb3e8"><code>014300b</code></a>
Update build</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/34486f306eacc0b5ba73c8d12b5af19a58d22364"><code>34486f3</code></a>
Check namespaces when excluding license checks</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/9b155d6432a2e91d56f1d2ad084483e8cd766a23"><code>9b155d6</code></a>
Update build</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/f199659a6a39762ca0753d8a2fb41192144f257a"><code>f199659</code></a>
Allowing dependencies works with no licenses</li>
<li>See full diff in <a
href="https://github.com/actions/dependency-review-action/compare/38ecb5b593bf0eb19e335c03f97670f792489a8b...da24556b548a50705dd671f47852072ea4c105d9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.7.0&new-version=4.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:51:32 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
74fcf01d03 Bump github/codeql-action from 3.28.17 to 3.28.18 (#3542)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.17 to 3.28.18.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.18</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.18/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/ff0a06e83cb2de871e5a09832bc6a81e7276941f"><code>ff0a06e</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2896">#2896</a>
from github/update-v3.28.18-b86edfc27</li>
<li><a
href="https://github.com/github/codeql-action/commit/a41e0844be4d25fcef7ce7fa536f3e30275a9a1c"><code>a41e084</code></a>
Update changelog for v3.28.18</li>
<li><a
href="https://github.com/github/codeql-action/commit/b86edfc27a1e0d3b55127a7496a1c770a02b2f84"><code>b86edfc</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2893">#2893</a>
from github/update-bundle/codeql-bundle-v2.21.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/e93b90025f7c49dccc3ee640c4155b63eb9a6b39"><code>e93b900</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.21.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/510dfa3460b15b34a807ab5609b4691aed5ebbee"><code>510dfa3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2894">#2894</a>
from github/henrymercer/skip-validating-codeql-sarif</li>
<li><a
href="https://github.com/github/codeql-action/commit/492d7832457da825a964331d860789f3f19d105b"><code>492d783</code></a>
Merge branch 'main' into henrymercer/skip-validating-codeql-sarif</li>
<li><a
href="https://github.com/github/codeql-action/commit/83bdf3b7f92061d2f6d74e2a4555ecf719adad68"><code>83bdf3b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2859">#2859</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/cffc916774454a5ead1c8fb7925abad20cda85e4"><code>cffc916</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2891">#2891</a>
from austinpray-mixpanel/patch-1</li>
<li><a
href="https://github.com/github/codeql-action/commit/4420887272f1c68c7c58ca2970bdfb5eb657cf08"><code>4420887</code></a>
Add deprecation warning for CodeQL 2.16.5 and earlier</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e178c584157c51ff3d6fb87c764e7ed0715f82a"><code>4e178c5</code></a>
Update supported versions table in README</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/60168efe1c415ce0f5521ea06d5c2062adbeed1b...ff0a06e83cb2de871e5a09832bc6a81e7276941f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.17&new-version=3.28.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:51:13 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1346abf0e5 Bump docker/build-push-action from 6.16.0 to 6.17.0 (#3541)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.16.0 to 6.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.17.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.59.0 to 0.61.0 by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1364">docker/build-push-action#1364</a></li>
</ul>
<blockquote>
<p>[!NOTE]
Build record is now exported using the <a
href="https://docs.docker.com/reference/cli/docker/buildx/history/export/"><code>buildx
history export</code></a> command instead of the legacy export-build
tool.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0">https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/1dc73863535b631f98b2378be8619f83b136f4a0"><code>1dc7386</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1364">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="https://github.com/docker/build-push-action/commit/9c9803f36437c54a2bf7b2c9a4a9011c2a812d71"><code>9c9803f</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/db1f6c46e8d64f89ec10010e409681bcf7951c05"><code>db1f6c4</code></a>
DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export</li>
<li><a
href="https://github.com/docker/build-push-action/commit/721e8c79de660781840d3a69a11e39e1e836ef8e"><code>721e8c7</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.59.0 to 0.61.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/14487ce63c7a62a4a324b0bfb37086795e31c6c1...1dc73863535b631f98b2378be8619f83b136f4a0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.16.0&new-version=6.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:50:59 +01:00
523240554f Fix empty-parameter issue in updateUserSettings by using @RequestBody map (#3536)
# Description of Changes

Please provide a summary of the changes, including:


- **What was changed:**  
- Refactored the `updateUserSettings` method in `UserController` to
accept a `@RequestBody Map<String, String>` named `updates` instead of
pulling parameters from `HttpServletRequest`.
- Removed the now-unused `HashMap` import and the manual
parameter-extraction loop.

- **Why the change was made:**  
- **Bug Fix:** The previous implementation relied on
`request.getParameterMap()`, which was consistently empty, so no
settings were ever applied.
- Simplifies controller logic by leveraging Spring’s request-body
binding.
- Improves readability and maintainability, removing boilerplate and
error-prone code.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

---------

Co-authored-by: Copilot <[email protected]>
2025-05-20 07:58:27 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
70717813f6 Bump io.micrometer:micrometer-core from 1.14.6 to 1.14.7 (#3521)
Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.6 to 1.14.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.14.7</h2>
<h2> New Features</h2>
<ul>
<li>Replace Meter.Id.getTags() with cheaper alternatives <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6147">#6147</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>MultiGauge doesn't work with MeterFilter.map() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6146">#6146</a></li>
<li>Record cache.size in CaffeineCacheMetrics without enabling
recordStats() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6128">#6128</a></li>
<li>TimedHandler shutdown hanging indefinitely <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6194">#6194</a></li>
<li>Use snapshot consistently in AppOpticsMeterRegistry.writeSummary()
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6181">#6181</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/AlexElin"><code>@​AlexElin</code></a>, <a
href="https://github.com/RafeArnold"><code>@​RafeArnold</code></a>, and
<a href="https://github.com/izeye"><code>@​izeye</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/b6e5031303afbdf43073dc19377d84d8e858c048"><code>b6e5031</code></a>
Bump com.tngtech.archunit:archunit-junit5 from 1.3.1 to 1.3.2 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6226">#6226</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/6567cdccd3440b9fb1624463f4470e255d449314"><code>6567cdc</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/80d4c9d986dfddee331a22f16a533ee3e4725116"><code>80d4c9d</code></a>
Call Shutdown#check after finishing timing (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6194">#6194</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/7f82709bb221470065f23c312e7441952ff78cb4"><code>7f82709</code></a>
Bump maven-resolver from 1.9.22 to 1.9.23 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6219">#6219</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/a1a4f3d83dfaef791949c5cd042e28535e60165b"><code>a1a4f3d</code></a>
Bump maven-resolver from 1.9.22 to 1.9.23 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6218">#6218</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/a6adb3a05862e5c8896a997a755daa159e06eba5"><code>a6adb3a</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/fb2d4da16e9388852064b10b6004441848c69dce"><code>fb2d4da</code></a>
Get Google Cloud project ID from env var for integration tests</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/4f0cf532a923f31c89f80e4a85e1bf3eb61a58e9"><code>4f0cf53</code></a>
Bump com.fasterxml.jackson.core:jackson-databind from 2.18.3 to 2.18.4
(<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6214">#6214</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/33d1f7ebfd4e33bd027ced975adcd044d83fad12"><code>33d1f7e</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/79939c3958fe95b03da844c55e9ce4f03d5e2d3d"><code>79939c3</code></a>
Fix JavaDurationGetSecondsToToSeconds warnings for tests (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6207">#6207</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.6...v1.14.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.6&new-version=1.14.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-13 23:05:26 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
662c2a4dfe Bump org.apache.xmlgraphics:batik-all from 1.18 to 1.19 (#3520)
Bumps org.apache.xmlgraphics:batik-all from 1.18 to 1.19.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlgraphics:batik-all&package-manager=gradle&previous-version=1.18&new-version=1.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-13 23:05:06 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9fc174d12d Bump actions/dependency-review-action from 4.6.0 to 4.7.0 (#3519)
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<ul>
<li>Handle complex license expressions (e.g. <code>MIT AND
GPL-2.0</code>) in allow lists (fixes <a
href="https://redirect.github.com/actions/dependency-review-action/issues/809">#809</a>
and probably others)</li>
<li>Replace <code>OTHER</code> in package licenses with
<code>LicenseRef-clearlydefined-OTHER</code> so that parsing passes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/38ecb5b593bf0eb19e335c03f97670f792489a8b"><code>38ecb5b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/929">#929</a>
from actions/dangoor/4.7-release</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/0e9e935cc870609b60e95f0ca9c5439df6c5a001"><code>0e9e935</code></a>
Version 4.7.0 release</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/69d2faa36575aaf6f3b6e83344dccafd1434b31e"><code>69d2faa</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/926">#926</a>
from dangoor/dangoor/replace-other</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/7e14978e0e6d56c5c368d665cfe64859530ae43e"><code>7e14978</code></a>
Merge branch 'actions:main' into dangoor/replace-other</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/8477905b0e5eb937fce8d6d92309aee88f4a4295"><code>8477905</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/927">#927</a>
from dangoor/dangoor/multilicense</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/f3ff3564fad5f71b84386e8dd99dcdd5f25b6e9e"><code>f3ff356</code></a>
Update dist</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/c7565d44ece013dd49742989a6bd8f2042aed16a"><code>c7565d4</code></a>
Fix tests and respond to review feedback</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/82299c3bbe54c01331889c2b0f62af249dfb0ee8"><code>82299c3</code></a>
Replace OTHER with a LicenseRef</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/2013ccccfe108a74501d552608b81853e407307a"><code>2013ccc</code></a>
Update type definition for spdx-satisfies</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/3a2b68706a35b3507491b524adfe1c822821e706"><code>3a2b687</code></a>
Handle complex licenses (e.g. X AND Y)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/ce3cf9537a52e8119d91fd484ab5b8a807627bf8...38ecb5b593bf0eb19e335c03f97670f792489a8b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-13 23:04:45 +01:00
Balázs SzücsandGitHub 9ffc0037b7 Refactor permission variable names (#3457)
## Refactor: Improve clarity of permission variable names

Renamed confusing `can[Action]` boolean variables to `prevent[Action]`
(e.g., `canPrint` -> `preventPrinting`) in `PasswordController.java`,
`AddPasswordRequest.java`, and `add-password.html`.


The previous `can[Action]` convention was misleading, as `true` meant
the action was *disallowed*. The new `prevent[Action]` naming directly
reflects the intent (`true` = prevented), improving code clarity.

**Changes:**

*   Updated variable names in controller logic
*   Updated `@Schema` descriptions in `AddPasswordRequest.java`
* Updated corresponding HTML element attributes (`id`, `name`, `for`) in
`add-password.html`

**Important Notes:**

* The underlying logic still inverts the boolean when setting
permissions (e.g., `AccessPermission.setCanPrint(!preventPrinting)`).
* User-facing UI text remains unchanged per request of @Frooodle in
#3420.

**Why not invert the API logic**
*   Inverting API (to can[action] logic) would either invalidate the UI
* Inverting API AND changing UI would warrant bigger translation effort
to change it in all languages
* This version is consistent (meaning what the UI says is actually done)
and preserve the UI language (meaning no translations needed) however it
is inconsistent with PDFBox methods naming scheme

**PDFBox**

* **PDFBox Interaction:** This refactor addresses the naming *within*
Stirling-PDF's API and Front-end layers only. The controller logic
intentionally inverts the `prevent[Action]` boolean
(`ap.setCanPrint(!preventPrinting)`) to correctly interact with the
underlying PDFBox methods. No further renaming related to these
permissions is necessary as the PDFBox methods themselves retain the
`can[Action]` names.


Underlying logic is not changed so it should work but just in case I
tested locally on an Adobe PDF that contained form in Chrome.



## New variable names in API

![new API variable
names](https://github.com/user-attachments/assets/f3d56aaf-0455-4f65-af14-c1a07a02d11a)

**Related Issues:**

Closes #3427
Closes #3420

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-05-09 18:41:31 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1aff1d3480 Bump com.opencsv:opencsv from 5.10 to 5.11 (#3476)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps com.opencsv:opencsv from 5.10 to 5.11.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.opencsv:opencsv&package-manager=gradle&previous-version=5.10&new-version=5.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-06 10:43:42 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bfaffe5050 Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.6 to 2.8.8 (#3482)
Bumps
[org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi)
from 2.8.6 to 2.8.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.8</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.7...v2.8.8">https://github.com/springdoc/springdoc-openapi/compare/v2.8.7...v2.8.8</a></p>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a>
- Handle projects not using kotlin-reflect <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li>
</ul>
<h2>springdoc-openapi v2.8.7 released!</h2>
<h2>What's Changed</h2>
<h3>Added</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a>
- Introducing springdoc-openapi-bom project</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2948">#2948</a>
- Customize Servers via application.yml</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2963">#2963</a>
- Set default content type for problem details object to
application/problem+jso</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a>
- List of value classes in Kotlin</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Upgrade swagger-ui to v5.21.0</li>
<li>Upgrade swagger-core to 2.2.30</li>
<li>Upgrade spring-boot to version 3.4.5</li>
<li>Upgrade spring-security-oauth2-authorization-server to version
1.4.3</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2947">#2947</a>
- Unexpected warning &quot;Appended trailing slash to static resource
location&quot;</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2960">#2960</a>
- NPE when customizing group's open-api without specifying any
schema</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2969">#2969</a>
- fix path to register resource handler to work
SwaggerIndexPageTransformer considering /webjar path prefix</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2964">#2964</a>
- Cannot add custom description and example for java.time.Duration since
v2.8.6</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2972">#2972</a>
- <a href="https://github.com/Header"><code>@​Header</code></a>(schema =
<a href="https://github.com/Schema"><code>@​Schema</code></a>(type =
&quot;string&quot;)) generates empty or broken schema in OpenAPI output
since 2.8.0</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>,
<a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a>
- Build Failure due to Private Inner Class.</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2556">#2556</a>
- Unable to determine if it is a Kotlin type</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lagoshny"><code>@​lagoshny</code></a>
made their first contribution in <a
href="https://redirect.github.com/springdoc/springdoc-openapi/pull/2970">springdoc/springdoc-openapi#2970</a></li>
<li><a href="https://github.com/mymx2"><code>@​mymx2</code></a> made
their first contribution in <a
href="https://redirect.github.com/springdoc/springdoc-openapi/pull/2950">springdoc/springdoc-openapi#2950</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.7">https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's
changelog</a>.</em></p>
<blockquote>
<h2>[2.8.8] - 2025-05-04</h2>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a>
- Handle projects not using kotlin-reflect <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li>
</ul>
<h2>[2.8.7] - 2025-05-04</h2>
<h3>Added</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a>
- Introducing springdoc-openapi-bom project</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2948">#2948</a>
- Customize Servers via application.yml</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2963">#2963</a>
- Set default content type for problem details object to
application/problem+jso</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a>
- List of value classes in Kotlin</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Upgrade swagger-ui to v5.21.0</li>
<li>Upgrade swagger-core to 2.2.30</li>
<li>Upgrade spring-boot to version 3.4.5</li>
<li>Upgrade spring-security-oauth2-authorization-server to version
1.4.3</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2947">#2947</a>
- Unexpected warning &quot;Appended trailing slash to static resource
location&quot;</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2960">#2960</a>
- NPE when customizing group's open-api without specifying any
schema</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2969">#2969</a>
- fix path to register resource handler to work
SwaggerIndexPageTransformer considering /webjar path prefix</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2964">#2964</a>
- Cannot add custom description and example for java.time.Duration since
v2.8.6</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2972">#2972</a>
- <a href="https://github.com/Header"><code>@​Header</code></a>(schema =
<a href="https://github.com/Schema"><code>@​Schema</code></a>(type =
&quot;string&quot;)) generates empty or broken schema in OpenAPI output
since 2.8.0</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>,
<a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a>
- Build Failure due to Private Inner Class.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/bce44dbe502cbaeeff6188fe210042859aa0ed54"><code>bce44db</code></a>
[maven-release-plugin] prepare release v2.8.8</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/707fce0271fda0c713c412488247dba4cc32d98c"><code>707fce0</code></a>
Handle projects not using kotlin-reflect. Fixes <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/7a3546cb733d3ca493b6e622778a97c73b39b04a"><code>7a3546c</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/764ef2fd42040232a7a9280d826ed72a591da3df"><code>764ef2f</code></a>
[maven-release-plugin] prepare release v2.8.7</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/98dacbda5cbdb0a278aa407ddc6aa05c8f23f031"><code>98dacbd</code></a>
Prepare for the next release</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/5eb7d77e55df6b1b4ea1964fb146233f88b71e2d"><code>5eb7d77</code></a>
pom.xml cleanup for <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a></li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/9dffa3d7d43e11ee1abfa86c7bf9b1886fc23e11"><code>9dffa3d</code></a>
pom.xml cleanup for <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a></li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/a68b42edf1465f1888c42263dac5547622ebd4cc"><code>a68b42e</code></a>
List of value classes in Kotlin. Fixes <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a></li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/95fa3bbb71859e428092034efbb3deae9bf4c892"><code>95fa3bb</code></a>
Regression: <a
href="https://github.com/Header"><code>@​Header</code></a>(schema = <a
href="https://github.com/Schema"><code>@​Schema</code></a>(type =
&quot;string&quot;)) generates empty or bro...</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/3d056d8c55ec3139fc3e2d4a2f0eed7d8384d5f0"><code>3d056d8</code></a>
Build Failure due to Private Inner Class. Fixes <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>,
<a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a></li>
<li>Additional commits viewable in <a
href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springdoc:springdoc-openapi-starter-webmvc-ui&package-manager=gradle&previous-version=2.8.6&new-version=2.8.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-06 10:43:09 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3a615360a0 Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 2.0.5 to 2.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.6</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.5...v2.0.6">2.0.6</a>
(2025-05-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>replace <code>-</code> with <code>_</code> (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/246">#246</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/333678481b1f02ee31fa1443aba4f1f7cb5b08b5">3336784</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/df432ceedc7162793a195dd1713ff69aefc7379e"><code>df432ce</code></a>
build(release): 2.0.6 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/333678481b1f02ee31fa1443aba4f1f7cb5b08b5"><code>3336784</code></a>
fix: replace <code>-</code> with <code>_</code> (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/246">#246</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959...df432ceedc7162793a195dd1713ff69aefc7379e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=2.0.5&new-version=2.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-05 23:23:16 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
20f0cf1ac3 Bump pdfboxVersion from 3.0.4 to 3.0.5 (#3465)
Bumps `pdfboxVersion` from 3.0.4 to 3.0.5.
Updates `org.apache.pdfbox:pdfbox` from 3.0.4 to 3.0.5

Updates `org.apache.pdfbox:preflight` from 3.0.4 to 3.0.5

Updates `org.apache.pdfbox:xmpbox` from 3.0.4 to 3.0.5


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-03 14:32:08 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
561d3f4eed Bump actions/create-github-app-token from 2.0.2 to 2.0.5 (#3466)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 2.0.2 to 2.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.5</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.4...v2.0.5">2.0.5</a>
(2025-05-02)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 3
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/240">#240</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d64d7d73555d3f2cb08ce64bdd812e49308a2905">d64d7d7</a>)</li>
</ul>
<h2>v2.0.4</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.3...v2.0.4">2.0.4</a>
(2025-05-02)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>permission input handling (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/243">#243</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/2950cbc446a8d3030ea17d3f7cbdd3c0fce4b0f5">2950cbc</a>)</li>
</ul>
<h2>v2.0.3</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.2...v2.0.3">2.0.3</a>
(2025-05-01)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>README:</strong> use <code>v2</code> in examples (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/234">#234</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/9ba274d954c9af64fbf4cec63082d0e3f57e9b5f">9ba274d</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/232">#232</a></li>
<li>use <code>core.getBooleanInput()</code> to retrieve boolean input
values (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/223">#223</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/c3c17c79ccedec31f588e88d6ad5ff9036afe580">c3c17c7</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959"><code>db3cdf4</code></a>
build(release): 2.0.5 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d64d7d73555d3f2cb08ce64bdd812e49308a2905"><code>d64d7d7</code></a>
fix(deps): bump the production-dependencies group with 3 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/240">#240</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/1b6f53e48e3bd5e9fbd610599fc41fca986c51e9"><code>1b6f53e</code></a>
build(deps-dev): bump the development-dependencies group across 1
directory w...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/061a84d5f55008a6dfb441735e1568fcb8da8b50"><code>061a84d</code></a>
build(deps-dev): bump <code>@​octokit/openapi</code> from 18.2.0 to
19.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/242">#242</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c8f34a61a85667dfbbbc74c5468935fc8a369720"><code>c8f34a6</code></a>
build(deps): bump stefanzweifel/git-auto-commit-action from 5.1.0 to
5.2.0 in...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/4821f52fa7a8e45784f1d99cdb1c27bec9f00720"><code>4821f52</code></a>
build(release): 2.0.4 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/2950cbc446a8d3030ea17d3f7cbdd3c0fce4b0f5"><code>2950cbc</code></a>
fix: permission input handling (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/243">#243</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/30bf6253fa41bdc8d1501d202ad15287582246b4"><code>30bf625</code></a>
build(release): 2.0.3 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c3c17c79ccedec31f588e88d6ad5ff9036afe580"><code>c3c17c7</code></a>
fix: use <code>core.getBooleanInput()</code> to retrieve boolean input
values (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/223">#223</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/9ba274d954c9af64fbf4cec63082d0e3f57e9b5f"><code>9ba274d</code></a>
fix(README): use <code>v2</code> in examples (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/234">#234</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/create-github-app-token/compare/3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5...db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=2.0.2&new-version=2.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-03 14:31:49 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e239bbf89a Bump github/codeql-action from 3.28.16 to 3.28.17 (#3467)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.16 to 3.28.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.17</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.17/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/60168efe1c415ce0f5521ea06d5c2062adbeed1b"><code>60168ef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2886">#2886</a>
from github/update-v3.28.17-97a2bfd2a</li>
<li><a
href="https://github.com/github/codeql-action/commit/0d5a3115da6459f8ab4333164184f8292c0c7a7f"><code>0d5a311</code></a>
Update changelog for v3.28.17</li>
<li><a
href="https://github.com/github/codeql-action/commit/97a2bfd2a3d26d458da69e548f7f859d6fca634d"><code>97a2bfd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2872">#2872</a>
from github/update-bundle/codeql-bundle-v2.21.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/9aba20e4c91fd8c3a71d5ab2bdeba0da11713864"><code>9aba20e</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/81a9508deb02898c1a7be79bd5b49bb0ab9c787e"><code>81a9508</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2876">#2876</a>
from github/henrymercer/fix-diff-informed-multiple-a...</li>
<li><a
href="https://github.com/github/codeql-action/commit/1569f4c145413fbce7d6573c6ee9212d2612d27f"><code>1569f4c</code></a>
Disable diff-informed queries in code scanning config tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/62fbeb66b359bfbdec7d4d96af8f68aece59b4db"><code>62fbeb6</code></a>
Merge branch 'main' into
henrymercer/fix-diff-informed-multiple-analyze</li>
<li><a
href="https://github.com/github/codeql-action/commit/f122d1dc9eb83b12dc16b38495b667a2dddfa6f9"><code>f122d1d</code></a>
Address test failures from computing temporary directory too early</li>
<li><a
href="https://github.com/github/codeql-action/commit/083772aae48a3be5654921bb6e6ccb00e0e1d563"><code>083772a</code></a>
Do not fail diff informed analyses when <code>analyze</code> is run
twice in the same job</li>
<li><a
href="https://github.com/github/codeql-action/commit/5db14d0471303d6eee1e2a51393f5ae1669b6703"><code>5db14d0</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...60168efe1c415ce0f5521ea06d5c2062adbeed1b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.16&new-version=3.28.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-03 14:31:44 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9635e573d8 Bump gradle from 8.13-jdk21 to 8.14-jdk21 (#3439)
Bumps gradle from 8.13-jdk21 to 8.14-jdk21.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle&package-manager=docker&previous-version=8.13-jdk21&new-version=8.14-jdk21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-29 11:39:38 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ffb8e98dcd Bump springBootVersion from 3.4.4 to 3.4.5 (#3440)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps `springBootVersion` from 3.4.4 to 3.4.5.
Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.4 to
3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-web's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.4
to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-jetty's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from
3.4.4 to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-thymeleaf's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-security` from
3.4.4 to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-security's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from
3.4.4 to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-data-jpa's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-oauth2-client`
from 3.4.4 to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-oauth2-client's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.4
to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-test's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-actuator` from
3.4.4 to 3.4.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-actuator's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name  <a href="ht...

_Description has been truncated_

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-29 11:39:15 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b7eed4300e Bump docker/build-push-action from 6.15.0 to 6.16.0 (#3442)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.15.0 to 6.16.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.16.0</h2>
<ul>
<li>Handle no default attestations env var by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1343">docker/build-push-action#1343</a></li>
<li>Only print secret keys in build summary output by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1353">docker/build-push-action#1353</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.59.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1352">docker/build-push-action#1352</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0">https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/14487ce63c7a62a4a324b0bfb37086795e31c6c1"><code>14487ce</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1343">#1343</a>
from crazy-max/fix-no-default-attest</li>
<li><a
href="https://github.com/docker/build-push-action/commit/0ec91264d895acf7dfe05d54d8a3cc28f95b6346"><code>0ec9126</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1366">#1366</a>
from crazy-max/pr-assign-author</li>
<li><a
href="https://github.com/docker/build-push-action/commit/b749522b90af1b517f52d8c1e67b2a965cea5eae"><code>b749522</code></a>
pr-assign-author workflow</li>
<li><a
href="https://github.com/docker/build-push-action/commit/c566248492c912e39910ac79e2f05a82260233a8"><code>c566248</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1363">#1363</a>
from crazy-max/fix-codecov</li>
<li><a
href="https://github.com/docker/build-push-action/commit/13275dd76e44afdffdd61da8b8ae8e26ee11671f"><code>13275dd</code></a>
ci: fix missing source for codecov</li>
<li><a
href="https://github.com/docker/build-push-action/commit/67dc78bbaf388b3265f7e1c880e681f4b90d5f48"><code>67dc78b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1361">#1361</a>
from mschoettle/patch-1</li>
<li><a
href="https://github.com/docker/build-push-action/commit/0760504437ba8d0d98e7d5b625560bdede11b3b5"><code>0760504</code></a>
docs: add validating build configuration example</li>
<li><a
href="https://github.com/docker/build-push-action/commit/1c198f4467ce458288d816cabd773cd574f16977"><code>1c198f4</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/288d9e2e4a70c24711ba959b94c2209b9205347e"><code>288d9e2</code></a>
handle no default attestations env var</li>
<li><a
href="https://github.com/docker/build-push-action/commit/88844b95d8cbbb41035fa9c94e5967a33b92db78"><code>88844b9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1353">#1353</a>
from crazy-max/summary-secret-keys</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/471d1dc4e07e5cdedd4c2171150001c434f0b7a4...14487ce63c7a62a4a324b0bfb37086795e31c6c1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.15.0&new-version=6.16.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-29 11:38:55 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4673dbb4e7 Bump org.springframework.boot from 3.4.4 to 3.4.5 (#3441)
Bumps
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
from 3.4.4 to 3.4.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Spring Boot with native image container image build fails on podman
due to directory permissions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li>
<li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are
available <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li>
<li>Wrong jOOQ exception translator with empty db name <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li>
<li>MessageSourceMessageInterpolator does not replace a parameter when
the message matches its code <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li>
<li>IntegrationMbeanExporter is not eligible for getting processed by
all BeanPostProcessors warnings are shown when using JMX <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li>
<li>OAuth2AuthorizationServerJwtAutoConfiguration uses
<code>@ConditionalOnClass</code> incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li>
<li>MongoDB's dependency management is missing Kotlin coroutine driver
modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li>
<li>ImagePlatform can cause &quot;OS must not be empty&quot;
IllegalArgumentException <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li>
<li>TypeUtils does not handle generics with identical names in different
positions <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li>
<li>HttpClient5 5.4.3 breaks local Docker transport <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li>
<li>spring.datasource.hikari.data-source-class-name cannot be used as a
driver class name is always required and Hikari does not accept both <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li>
<li>Post-processing to apply custom JdbcConnectionDetails triggers an
NPE in Hikari if the JDBC URL is for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li>
<li>DataSourceBuilder triggers an NPE in Hikari when trying to build a
DataSource with a JDBC URL for an unknown driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li>
<li>SSL config does not watch for symlink file changes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li>
<li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li>
<li>DataSourceTransactionManagerAutoConfiguration should run after
DataSourceAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li>
<li>JsonValueWriter can throw StackOverflowError on deeply nested items
<a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li>
<li>In a reactive web app, SslBundle can no longer open store file
locations without using a 'file:' prefix <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li>
<li>Logging a Path object using structured logging throws
StackOverflowError <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Make <code>@Component</code> a javadoc link <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li>
<li>Fix documentation links to buildpacks.io <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li>
<li>Clarify the use of multiple profile expressions with
&quot;spring.config.activate.on-profile&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li>
<li>Show the use of token properties in authorization server clients
configuration example <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li>
<li>Add details of the purpose of the metrics endpoint <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li>
<li>Escape the asterisk in spring-application.adoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li>
<li>Add reference to Styra (OPA) Spring Boot SDK <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li>
<li>Update CDS documentation to cover AOTCache <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li>
<li>WebFlux security documentation incorrectly links to servlet classes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li>
<li>Replace mentions of deprecated MockBean annotation <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li>
<li>TaskExecution documentation should describe what happens when
multiple Executor beans are present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li>
<li>Documentation lists coordinates for some dependencies that are not
actually managed <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li>
<li>Polish javadoc of SpringProfileAction <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to AspectJ 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li>
<li>Upgrade to Couchbase Client 3.7.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li>
<li>Upgrade to Hibernate 6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li>
<li>Upgrade to HttpClient5 5.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li>
<li>Upgrade to HttpCore5 5.3.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li>
<li>Upgrade to Jaybird 5.0.7.java11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li>
<li>Upgrade to Jetty 12.0.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li>
<li>Upgrade to jOOQ 3.19.22 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li>
<li>Upgrade to Lombok 1.18.38 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a>
Release v3.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a>
Next development version (v3.3.12-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a>
Revert &quot;Upgrade to Netty 4.1.120.Final&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a>
Upgrade to Netty 4.1.120.Final</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a>
Fix potential null problem in actuator</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot&package-manager=gradle&previous-version=3.4.4&new-version=3.4.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-29 11:38:29 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5b34c00237 Bump actions/download-artifact from 4.2.1 to 4.3.0 (#3443)
Bumps
[actions/download-artifact](https://github.com/actions/download-artifact)
from 4.2.1 to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: implement new <code>artifact-ids</code> input by <a
href="https://github.com/GrantBirki"><code>@​GrantBirki</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li>
<li>Fix workflow example for downloading by artifact ID by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li>
<li>Prep for v4.3.0 release by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/GrantBirki"><code>@​GrantBirki</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a>
from actions/robherley/v4.3.0</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a>
prep for v4.3.0 release</li>
<li><a
href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a>
from actions/joshmgross/download-by-id-example</li>
<li><a
href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a>
Remove path filters from Check dist workflow</li>
<li><a
href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a>
Fix workflow example for downloading by artifact ID</li>
<li><a
href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a>
from actions/download-by-id</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a>
add supporting unit tests for artifact downloads with ids</li>
<li><a
href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a>
revert <code>getArtifact()</code> changes - for now we have to list and
filter by artifa...</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a>
bundle</li>
<li><a
href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a>
use the same <code>artifactClient.getArtifact</code> structure as seen
above in `isSingl...</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&package-manager=github_actions&previous-version=4.2.1&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-29 11:37:16 +01:00
LudyandGitHub 0b81dfdf7c Upgrade Gradle to 8.14 in CI Workflows and Gradle Wrapper (#3425)
# Description of Changes

This pull request upgrades the Gradle build system from version 8.12 to
8.14 across the Stirling-PDF project to enhance build stability,
compatibility, and performance. The changes include:

- **What was changed**:
- Updated the Gradle wrapper version in
`gradle/wrapper/gradle-wrapper.properties` from `8.12` to `8.14`.
- Modified the `tasks.wrapper` configuration in `build.gradle` to
specify `gradleVersion = "8.14"`.
- Updated Gradle version references in GitHub Actions workflows
(`multiOSReleases.yml`, `push-docker.yml`, `releaseArtifacts.yml`) from
`8.12` to `8.14` to ensure consistent CI/CD builds.

- **Why the change was made**:
- Gradle 8.14 includes bug fixes, performance improvements, and enhanced
compatibility with newer JDK versions (e.g., Java 17 and 21, as
supported by Stirling-PDF).
- Ensures alignment with the latest Gradle features and security
patches, reducing potential build issues in development and CI/CD
environments.
- Supports the project's recommendation to use newer JDK versions (e.g.,
Java 21) and improves integration with the Foojay Toolchains Plugin.

- **Challenges encountered**:
- Verified compatibility of Gradle 8.14 with existing plugins (e.g.,
`org.springframework.boot`, `org.sonarqube`, `com.diffplug.spotless`) to
ensure no breaking changes.
- Tested CI/CD workflows to confirm that the updated Gradle version does
not introduce failures in build, test, or deployment pipelines.
- Ensured the Gradle wrapper distribution URL is correctly updated to
avoid download issues.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-04-27 16:17:07 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1611a82a98 Bump github/codeql-action from 3.28.15 to 3.28.16 (#3413)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.15 to 3.28.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.16</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.16/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/28deaeda66b76a05916b6923827895f2b14ab387"><code>28deaed</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2865">#2865</a>
from github/update-v3.28.16-2a8cbadc0</li>
<li><a
href="https://github.com/github/codeql-action/commit/03c5d71c11f6cb2c5ba7eef371219a862be30193"><code>03c5d71</code></a>
Update changelog for v3.28.16</li>
<li><a
href="https://github.com/github/codeql-action/commit/2a8cbadc02bb64a7fd15d37c977acbad02496c80"><code>2a8cbad</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2863">#2863</a>
from github/update-bundle/codeql-bundle-v2.21.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/f76eaf51a636a5c1d927998267d92d6475363ace"><code>f76eaf5</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/e63b3f5166c15fda4eb17886f01abe9445dd13f5"><code>e63b3f5</code></a>
Update default bundle to codeql-bundle-v2.21.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c3e5362829f0b0bb62ff5f6c938d7f95574c306"><code>4c3e536</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2853">#2853</a>
from github/dependabot/npm_and_yarn/npm-7d84c66b66</li>
<li><a
href="https://github.com/github/codeql-action/commit/56dd02f26d99811d607284494ff84b7d862fe837"><code>56dd02f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2852">#2852</a>
from github/dependabot/github_actions/actions-457587...</li>
<li><a
href="https://github.com/github/codeql-action/commit/192406dd845fb2228fcea74898b98df2a6cdcef6"><code>192406d</code></a>
Merge branch 'main' into
dependabot/github_actions/actions-4575878e06</li>
<li><a
href="https://github.com/github/codeql-action/commit/c7dbb2084ed1bb623fbbb3976cd6dbae6daaf1fe"><code>c7dbb20</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2857">#2857</a>
from github/nickfyson/address-vulns</li>
<li><a
href="https://github.com/github/codeql-action/commit/9a45cd8c5025281c30bbb652197ace083c291e49"><code>9a45cd8</code></a>
move use of input variables into env vars</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.15&new-version=3.28.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 12:47:53 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f5aaa4612a Bump org.springframework.session:spring-session-core from 3.4.2 to 3.4.3 (#3412)
Bumps
[org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session)
from 3.4.2 to 3.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's
releases</a>.</em></p>
<blockquote>
<h2>3.4.3</h2>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch-qos-logback from 1.5.16 to 1.5.17 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3345">#3345</a></li>
<li>Bump ch-qos-logback from 1.5.17 to 1.5.18 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3354">#3354</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3348">#3348</a></li>
<li>Bump io.projectreactor:reactor-core from 3.6.14 to 3.6.15 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3349">#3349</a></li>
<li>Bump org-slf4j from 2.0.16 to 2.0.17 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3344">#3344</a></li>
<li>Bump org-springframework-boot from 3.3.8 to 3.3.9 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3343">#3343</a></li>
<li>Bump org-springframework-boot from 3.3.9 to 3.3.10 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3356">#3356</a></li>
<li>Bump org.aspectj:aspectjweaver from 1.9.22.1 to 1.9.23 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3350">#3350</a></li>
<li>Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.23 to
4.33.24 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3346">#3346</a></li>
<li>Bump org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.3.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3365">#3365</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.3 to
2024.1.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3352">#3352</a></li>
<li>Bump org.springframework.security:spring-security-bom from 6.4.2 to
6.4.3 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3342">#3342</a></li>
<li>Bump org.springframework.security:spring-security-bom from 6.4.3 to
6.4.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3353">#3353</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3351">#3351</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3355">#3355</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-session/commit/38b494e8707900997c72dc37120130d61877f78f"><code>38b494e</code></a>
Release 3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/f3536d97d6b2568c0e727173f1abfc23749760e8"><code>f3536d9</code></a>
Bump io.projectreactor:reactor-core from 3.6.14 to 3.6.15</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/d2528b46ba051f6c37ab820e8ded7de715b0c69b"><code>d2528b4</code></a>
Bump org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.3.4</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/2353d8b3cec4f0ed104c45f10d01acf278fe1dad"><code>2353d8b</code></a>
Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/1ce75dea70c9b2b7e2d7de76ba6c648d94ef14ac"><code>1ce75de</code></a>
Bump org-springframework-boot from 3.3.9 to 3.3.10</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/e0efae790d89339ac064888101323bbc69146ca6"><code>e0efae7</code></a>
Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/98e03e63642ee71baf2f439c28c4f59e1d1740fb"><code>98e03e6</code></a>
Bump ch-qos-logback from 1.5.17 to 1.5.18</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/e642b66a87593adf794c87e045cb9a14ef4da106"><code>e642b66</code></a>
Bump org.springframework.security:spring-security-bom</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/64b7df57658c5f808e6d3c30ddc38d76bd6bcce2"><code>64b7df5</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.3 to
2024.1.4</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/ae92843e9d6a8d0b4b04814828f9189dc27af001"><code>ae92843</code></a>
Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-session/compare/3.4.2...3.4.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.session:spring-session-core&package-manager=gradle&previous-version=3.4.2&new-version=3.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 12:36:32 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
da70980be4 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#3411)
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.8.1 to 3.8.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.2</h2>
<h2>What's Changed</h2>
<ul>
<li>install cosign v2 from main in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/186">sigstore/cosign-installer#186</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/3454372f43399081ed03b604cb2d021dabca52bb"><code>3454372</code></a>
install cosign v2 from main (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/186">#186</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/b6ee8f83b9a8b8ef7f46b5a8ff326f488b386693"><code>b6ee8f8</code></a>
Bump actions/setup-go from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/185">#185</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a...3454372f43399081ed03b604cb2d021dabca52bb">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.8.1&new-version=3.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 12:36:14 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f8dbc05006 Bump actions/setup-python from 5.5.0 to 5.6.0 (#3410)
Bumps [actions/setup-python](https://github.com/actions/setup-python)
from 5.5.0 to 5.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v5.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Workflow updates related to Ubuntu 20.04 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1065">actions/setup-python#1065</a></li>
<li>Fix for Candidate Not Iterable Error by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1082">actions/setup-python#1082</a></li>
<li>Upgrade semver and <code>@​types/semver</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1091">actions/setup-python#1091</a></li>
<li>Upgrade prettier from 2.8.8 to 3.5.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1046">actions/setup-python#1046</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1081">actions/setup-python#1081</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v5...v5.6.0">https://github.com/actions/setup-python/compare/v5...v5.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/a26af69be951a213d495a4c3e4e4022e16d87065"><code>a26af69</code></a>
Bump ts-jest from 29.1.2 to 29.3.2 (<a
href="https://redirect.github.com/actions/setup-python/issues/1081">#1081</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/30eafe95483bd95135b7eda0c66a0369af9afdf1"><code>30eafe9</code></a>
Bump prettier from 2.8.8 to 3.5.3 (<a
href="https://redirect.github.com/actions/setup-python/issues/1046">#1046</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/5d95bc16d4bc83bb56202da9630d84c6f8a2d8f5"><code>5d95bc1</code></a>
Bump semver and <code>@​types/semver</code> (<a
href="https://redirect.github.com/actions/setup-python/issues/1091">#1091</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/6ed2c67c8abe7646815dbd50364eea862d396fd9"><code>6ed2c67</code></a>
Fix for Candidate Not Iterable Error (<a
href="https://redirect.github.com/actions/setup-python/issues/1082">#1082</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/e348410e00f449ece8581cb8e88be8f0e7712da6"><code>e348410</code></a>
Remove Ubuntu 20.04 from workflows due to deprecation from 2025-04-15
(<a
href="https://redirect.github.com/actions/setup-python/issues/1065">#1065</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-python/compare/8d9ed9ac5c53483de85588cdf95a591a75ab9f55...a26af69be951a213d495a4c3e4e4022e16d87065">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-python&package-manager=github_actions&previous-version=5.5.0&new-version=5.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 12:35:47 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
119dd23d9a Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.4 to 6.4.5 (#3393)
Bumps
[org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security)
from 6.4.4 to 6.4.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.4.5</h2>
<h2> New Features</h2>
<ul>
<li>Add link to docs zip file to the reference <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16799">#16799</a></li>
<li>Fix attribute name in <code>http.adoc</code> <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16784">#16784</a></li>
<li>Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16783">#16783</a></li>
</ul>
<h2>🪲 Bug Fixes</h2>
<ul>
<li>[Docs] Broken link on Spring MVC Test Integration page <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16785">#16785</a></li>
<li><code>ServerBearerTokenAuthenticationConverter</code> validates
parameters when not enabled <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16901">#16901</a></li>
<li>Clarify WebInvocationPrivilegeEvaluator JavaDoc <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16782">#16782</a></li>
<li>CookieServerCsrfTokenRepository.withHttpOnlyFalse() ineffective if
setCookieCustomizer() is used <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16862">#16862</a></li>
<li>Correct closing tag in default PassKey HTML form <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16601">#16601</a></li>
<li>Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16606">#16606</a></li>
<li>OpenSaml support should preserve encrypted elements for further
analysis <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16367">#16367</a></li>
<li>Sorting in AuthorizationAdvisorProxyFactory should be thread-safe <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16837">#16837</a></li>
<li>WebFlux reference links to Servlet docs <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16786">#16786</a></li>
<li>XML config does not apply <code>request-handler-ref</code> to
<code>CsrfAuthenticationStrategy</code> <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16844">#16844</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16767">#16767</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.5 to 1.14.6 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16938">#16938</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.16 to 2023.0.17 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16944">#16944</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to
1.0.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16919">#16919</a></li>
<li>Bump org-aspectj from 1.9.22.1 to 1.9.24 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16928">#16928</a></li>
<li>Bump org-eclipse-jetty from 11.0.24 to 11.0.25 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16758">#16758</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.12.Final to
6.6.13.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16895">#16895</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/16960">#16960</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16959">#16959</a></li>
</ul>
<h2>🔩 Build Updates</h2>
<ul>
<li>Bump spring-io/spring-doc-actions from 0.0.19 to 0.0.20 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16894">#16894</a></li>
<li>Release 6.4.5 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16972">#16972</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/AB-xdev"><code>@​AB-xdev</code></a>, <a
href="https://github.com/Borghii"><code>@​Borghii</code></a>, and <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/e8aef09b4fe24337b42dd6556b79523bd550024b"><code>e8aef09</code></a>
Release 6.4.5</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/f8d417dc03175f3de9cbe372732d80594c891954"><code>f8d417d</code></a>
Preserve Encrypted Elements</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/79bacf8204f1e01c0c7ecae285b33fbb571460b9"><code>79bacf8</code></a>
Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/9bcfeab1d68606113d256e1a3defc985866da309"><code>9bcfeab</code></a>
Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to
3.2.12</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/254c9c9b2d427fe071f5ef4f5af5f1112c6703c2"><code>254c9c9</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/a5d963387b8fd7d66000f566f6cae77f8cee0f5b"><code>a5d9633</code></a>
Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/e5d9659b8f3a42eff30e1921509fb6ea9bafce26"><code>e5d9659</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/99c4f58c342cf93e4fe8165dd817aa3be1ba84d0"><code>99c4f58</code></a>
Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to
3.2.12</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/cb60d8b3ed1de5fe1c0fe13cf6f86299c55b037e"><code>cb60d8b</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/c1aa99fdd2113a232986e9c3a44673ae752de840"><code>c1aa99f</code></a>
Enforce BCrypt password length for new passwords only</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.4.4...6.4.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.security:spring-security-saml2-service-provider&package-manager=gradle&previous-version=6.4.4&new-version=6.4.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 10:48:28 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
62ec512dda Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.11.1 to 2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>A new option, <code>disable-sudo-and-containers</code>, is now
available to replace the <code>disable-sudo policy</code>, addressing
Docker-based privilege escalation (<a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>).
More details can be found in this <a
href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog
post</a>.</p>
</li>
<li>
<p>New detections have been added based on insights from the tj-actions
and reviewdog actions incidents.</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a>
from step-security/rc-20</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a>
Update action.yml</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a>
Update agent versions</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a>
fix disable_sudo_and_containers bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a>
fix journalctl related bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a>
from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a>
fix: run sudo command only when both disable-sudo and
disable-sudo-and-docker...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a>
Update agent</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.1&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 10:43:08 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
a52c81b340 Bump org.springframework:spring-jdbc from 6.2.5 to 6.2.6 (#3384)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework)
from 6.2.5 to 6.2.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.6</h2>
<h2> New Features</h2>
<ul>
<li>An option for SimpleAsyncTaskExecutor to throw an exception when
limit is reached <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34727">#34727</a></li>
<li>Provide first-class support for Bean Overrides with
<code>@ContextHierarchy</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34723">#34723</a></li>
<li>Micro performance optimizations <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34717">#34717</a></li>
<li>Suppress &quot;Unable to rollback against JDBC Connection&quot; in
case of timeout (connection closed) <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34714">#34714</a></li>
<li>Avoid early FactoryBean instantiation for type-based retrieval with
includeNonSingletons=false and allowEagerInit=true <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34710">#34710</a></li>
<li>ReactiveCachingHandler still not using error handler on sync cache.
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34708">#34708</a></li>
<li>Add an <code>exchangeForRequiredValue</code> variant to
<code>RestClient</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34692">#34692</a></li>
<li>Recursively boxing Kotlin nested value classes in
<code>CoroutinesUtils</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34682">#34682</a></li>
<li>ServletServerHttpRequest does not use charset parameter of
application/x-www-form-urlencoded <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34675">#34675</a></li>
<li>LifecycleGroup concurrent start and start timeout <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34634">#34634</a></li>
<li>HibernateJpaDialect exception translation misses concrete exceptions
wrapped in Hibernate's ExecutionException <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34633">#34633</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Inconsistency in <code>SseEmitter.onCompletion()</code> behavior
between Spring 6.2.3 and 6.2.5 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34762">#34762</a></li>
<li>Deadlock while creating Spring beans with parallel bootstrap threads
on IBM Liberty <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34729">#34729</a></li>
<li><code>PropertyBatchUpdateException</code>: causes of nested
<code>PropertyAccessException</code>s not shown in output <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34691">#34691</a></li>
<li>IllegalAccessError for package-private member of
AzureStorageConfiguration on WebSphere <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34684">#34684</a></li>
<li>Change in Jar usecache behavior with Spring 6.1.x causing
java.lang.IllegalStateException: zip file closed <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34678">#34678</a></li>
<li>Startup performance regression due to CGLIB class load attempts in
Spring 6.1.x <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a></li>
<li>An infinite wait on a parallel context.getBean() <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34672">#34672</a></li>
<li>InvalidObservationException: Invalid start: Observation
'http.client.requests' has already been started <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34671">#34671</a></li>
<li><code>@Configuration</code> classes can no longer be
<code>abstract</code> without <code>@Bean</code> methods <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34663">#34663</a></li>
<li>Generated-code for LinkedHashMap is missing static keyword <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34659">#34659</a></li>
<li>Detect late-set primary markers for autowiring shortcut algorithm <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34658">#34658</a></li>
<li><code>@MockitoBean</code> with custom <code>@Qualifier</code> is not
injected into <code>@Configuration</code> class <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34646">#34646</a></li>
<li>Qualifier Resolution Issue in Parent-Child Context Hierarchies <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34644">#34644</a></li>
<li>Enforced container-level acknowledge call for custom acknowledgement
mode <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34635">#34635</a></li>
<li>UriComponentsBuilder does not treat a URN as opaque if it contains a
slash <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34588">#34588</a></li>
<li>Migrating from Spring 6.1.x to 6.2.x leads to exceptions in a Pekko
setup <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34303">#34303</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Update Javadoc for <code>ignoreDependencyInterface()</code> in
<code>AbstractAutowireCapableBeanFactory</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34747">#34747</a></li>
<li>Update Javadoc to stop mentioning 5.3.x as the status quo <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34740">#34740</a></li>
<li>Fix broken link for Server-Sent Events <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34705">#34705</a></li>
<li>Fix typo in Bean Validation section of reference manual <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34686">#34686</a></li>
<li>Remove unnecessary closing curly brackets in Javadoc <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34679">#34679</a></li>
<li>Add javadoc notes on potential exception suppression in
<code>ListableBeanFactory#getBeansOfType</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34629">#34629</a></li>
<li>Remove remaining references to Forwarded headers in
MvcUriComponentsBuilder <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34625">#34625</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/acktsap"><code>@​acktsap</code></a>, <a
href="https://github.com/dmitrysulman"><code>@​dmitrysulman</code></a>,
<a href="https://github.com/iggzq"><code>@​iggzq</code></a>, <a
href="https://github.com/izeye"><code>@​izeye</code></a>, <a
href="https://github.com/ngocnhan-tran1996"><code>@​ngocnhan-tran1996</code></a>,
<a href="https://github.com/obourgain"><code>@​obourgain</code></a>, and
<a
href="https://github.com/tobias-haenel"><code>@​tobias-haenel</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/90f9c0929b8cfee22f715834d53903d492309f42"><code>90f9c09</code></a>
Release v6.2.6</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/f40d98668da2cb91df22a508dc0b22c3ec91aba2"><code>f40d986</code></a>
Revise configuration for javadoc Gradle tasks</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9c13c6b695ac70cd4288016815105d0a694b62fb"><code>9c13c6b</code></a>
Revert &quot;Use optimistic locking where possible in
<code>ResponseBodyEmitter</code>&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/b49924ba37d588afc0c5232290f5a6726115c10b"><code>b49924b</code></a>
Revert &quot;Fix handling of timeout in SseEmitter&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/7b8c1040773ab6537acc5c74964f9d8b6563c5f8"><code>7b8c104</code></a>
Upgrade to github-changelog-generator 0.0.12</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/8f62a8f579c31aaa9fd7a2b16e6ba414d3e9163c"><code>8f62a8f</code></a>
Suppress recently introduced warning</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/d0966dfb58056d2e955b555d38993bf65dac41e7"><code>d0966df</code></a>
Revise contribution</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/bb45a3ae69c8068b72ce939e16df46c7dc8bb1cd"><code>bb45a3a</code></a>
Update AbstractAutowireCapableBeanFactory.ignoreDependencyInterface()
Javadoc</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/7095f4cb664f7fcf033dde84325eda83d67ece70"><code>7095f4c</code></a>
Use proper casing for parameter and variable names</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/a22d204681c575c3f61c325d205a96fb92ea8e7a"><code>a22d204</code></a>
Remove duplicate words in Java source code</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.5...v6.2.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-jdbc&package-manager=gradle&previous-version=6.2.5&new-version=6.2.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-20 16:42:28 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c959b35639 Bump org.springframework:spring-webmvc from 6.2.5 to 6.2.6 (#3385)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework)
from 6.2.5 to 6.2.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.6</h2>
<h2> New Features</h2>
<ul>
<li>An option for SimpleAsyncTaskExecutor to throw an exception when
limit is reached <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34727">#34727</a></li>
<li>Provide first-class support for Bean Overrides with
<code>@ContextHierarchy</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34723">#34723</a></li>
<li>Micro performance optimizations <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34717">#34717</a></li>
<li>Suppress &quot;Unable to rollback against JDBC Connection&quot; in
case of timeout (connection closed) <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34714">#34714</a></li>
<li>Avoid early FactoryBean instantiation for type-based retrieval with
includeNonSingletons=false and allowEagerInit=true <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34710">#34710</a></li>
<li>ReactiveCachingHandler still not using error handler on sync cache.
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34708">#34708</a></li>
<li>Add an <code>exchangeForRequiredValue</code> variant to
<code>RestClient</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34692">#34692</a></li>
<li>Recursively boxing Kotlin nested value classes in
<code>CoroutinesUtils</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34682">#34682</a></li>
<li>ServletServerHttpRequest does not use charset parameter of
application/x-www-form-urlencoded <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34675">#34675</a></li>
<li>LifecycleGroup concurrent start and start timeout <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34634">#34634</a></li>
<li>HibernateJpaDialect exception translation misses concrete exceptions
wrapped in Hibernate's ExecutionException <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34633">#34633</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Inconsistency in <code>SseEmitter.onCompletion()</code> behavior
between Spring 6.2.3 and 6.2.5 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34762">#34762</a></li>
<li>Deadlock while creating Spring beans with parallel bootstrap threads
on IBM Liberty <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34729">#34729</a></li>
<li><code>PropertyBatchUpdateException</code>: causes of nested
<code>PropertyAccessException</code>s not shown in output <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34691">#34691</a></li>
<li>IllegalAccessError for package-private member of
AzureStorageConfiguration on WebSphere <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34684">#34684</a></li>
<li>Change in Jar usecache behavior with Spring 6.1.x causing
java.lang.IllegalStateException: zip file closed <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34678">#34678</a></li>
<li>Startup performance regression due to CGLIB class load attempts in
Spring 6.1.x <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a></li>
<li>An infinite wait on a parallel context.getBean() <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34672">#34672</a></li>
<li>InvalidObservationException: Invalid start: Observation
'http.client.requests' has already been started <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34671">#34671</a></li>
<li><code>@Configuration</code> classes can no longer be
<code>abstract</code> without <code>@Bean</code> methods <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34663">#34663</a></li>
<li>Generated-code for LinkedHashMap is missing static keyword <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34659">#34659</a></li>
<li>Detect late-set primary markers for autowiring shortcut algorithm <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34658">#34658</a></li>
<li><code>@MockitoBean</code> with custom <code>@Qualifier</code> is not
injected into <code>@Configuration</code> class <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34646">#34646</a></li>
<li>Qualifier Resolution Issue in Parent-Child Context Hierarchies <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34644">#34644</a></li>
<li>Enforced container-level acknowledge call for custom acknowledgement
mode <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34635">#34635</a></li>
<li>UriComponentsBuilder does not treat a URN as opaque if it contains a
slash <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34588">#34588</a></li>
<li>Migrating from Spring 6.1.x to 6.2.x leads to exceptions in a Pekko
setup <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34303">#34303</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Update Javadoc for <code>ignoreDependencyInterface()</code> in
<code>AbstractAutowireCapableBeanFactory</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34747">#34747</a></li>
<li>Update Javadoc to stop mentioning 5.3.x as the status quo <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34740">#34740</a></li>
<li>Fix broken link for Server-Sent Events <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34705">#34705</a></li>
<li>Fix typo in Bean Validation section of reference manual <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34686">#34686</a></li>
<li>Remove unnecessary closing curly brackets in Javadoc <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34679">#34679</a></li>
<li>Add javadoc notes on potential exception suppression in
<code>ListableBeanFactory#getBeansOfType</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34629">#34629</a></li>
<li>Remove remaining references to Forwarded headers in
MvcUriComponentsBuilder <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34625">#34625</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/acktsap"><code>@​acktsap</code></a>, <a
href="https://github.com/dmitrysulman"><code>@​dmitrysulman</code></a>,
<a href="https://github.com/iggzq"><code>@​iggzq</code></a>, <a
href="https://github.com/izeye"><code>@​izeye</code></a>, <a
href="https://github.com/ngocnhan-tran1996"><code>@​ngocnhan-tran1996</code></a>,
<a href="https://github.com/obourgain"><code>@​obourgain</code></a>, and
<a
href="https://github.com/tobias-haenel"><code>@​tobias-haenel</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/90f9c0929b8cfee22f715834d53903d492309f42"><code>90f9c09</code></a>
Release v6.2.6</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/f40d98668da2cb91df22a508dc0b22c3ec91aba2"><code>f40d986</code></a>
Revise configuration for javadoc Gradle tasks</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9c13c6b695ac70cd4288016815105d0a694b62fb"><code>9c13c6b</code></a>
Revert &quot;Use optimistic locking where possible in
<code>ResponseBodyEmitter</code>&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/b49924ba37d588afc0c5232290f5a6726115c10b"><code>b49924b</code></a>
Revert &quot;Fix handling of timeout in SseEmitter&quot;</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/7b8c1040773ab6537acc5c74964f9d8b6563c5f8"><code>7b8c104</code></a>
Upgrade to github-changelog-generator 0.0.12</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/8f62a8f579c31aaa9fd7a2b16e6ba414d3e9163c"><code>8f62a8f</code></a>
Suppress recently introduced warning</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/d0966dfb58056d2e955b555d38993bf65dac41e7"><code>d0966df</code></a>
Revise contribution</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/bb45a3ae69c8068b72ce939e16df46c7dc8bb1cd"><code>bb45a3a</code></a>
Update AbstractAutowireCapableBeanFactory.ignoreDependencyInterface()
Javadoc</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/7095f4cb664f7fcf033dde84325eda83d67ece70"><code>7095f4c</code></a>
Use proper casing for parameter and variable names</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/a22d204681c575c3f61c325d205a96fb92ea8e7a"><code>a22d204</code></a>
Remove duplicate words in Java source code</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.5...v6.2.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-webmvc&package-manager=gradle&previous-version=6.2.5&new-version=6.2.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-20 16:41:57 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
66b234f1df Bump com.fathzer:javaluator from 3.0.5 to 3.0.6 (#3386)
Bumps [com.fathzer:javaluator](https://github.com/fathzer/javaluator)
from 3.0.5 to 3.0.6.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/fathzer/javaluator/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fathzer:javaluator&package-manager=gradle&previous-version=3.0.5&new-version=3.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-20 16:41:08 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1c27944329 Bump io.micrometer:micrometer-core from 1.14.5 to 1.14.6 (#3353)
Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.5 to 1.14.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.14.6</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Gauge double registration warning for Kafka metrics <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5757">#5757</a></li>
<li>Log warning about &quot;function&quot; meter re-registration <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6070">#6070</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/izeye"><code>@​izeye</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/c3f3a809266bcf640537ecb1d68128ddc90d5640"><code>c3f3a80</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/fa523b1549ef38f44966c27ac921592196f09d3f"><code>fa523b1</code></a>
Bump io.micrometer:context-propagation from 1.1.2 to 1.1.3 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6115">#6115</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/d5f3d348ef7e147f3cf59866ba217f1dc0d4901d"><code>d5f3d34</code></a>
Bump org.junit:junit-bom from 5.12.1 to 5.12.2 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6111">#6111</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/9ebcde19324db5cbe2b347145bc250ea02c669ab"><code>9ebcde1</code></a>
Bump com.netflix.spectator:spectator-reg-atlas from 1.8.9 to 1.8.10 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6112">#6112</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/0ae9b47ecc16dfc3a0dd3d6b309b5e907ae197d0"><code>0ae9b47</code></a>
Bump org.junit:junit-bom from 5.12.1 to 5.12.2 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6107">#6107</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/d0e70fc69df111679b9ca0f83f3866da49b87a31"><code>d0e70fc</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/3b2270c885c27c3453b67631ccc2ac5be878ad6a"><code>3b2270c</code></a>
Bump uk.org.webcompere:system-stubs-jupiter from 2.1.7 to 2.1.8 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6096">#6096</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/f62f2eeea6aaf71a87703b759ad1e1afc80f0ceb"><code>f62f2ee</code></a>
Bump uk.org.webcompere:system-stubs-jupiter from 2.1.7 to 2.1.8 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6094">#6094</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/53b9a3511a3e999b53a2408cf10f81fccca16bab"><code>53b9a35</code></a>
Replace deprecated Project.task() (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6092">#6092</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/0ebdd7d5bbc1c0cb943e5cbd997a3147e3da125b"><code>0ebdd7d</code></a>
Bump com.netflix.spectator:spectator-reg-atlas from 1.8.8 to 1.8.9 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6091">#6091</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.5...v1.14.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.5&new-version=1.14.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-15 10:34:29 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
7e726f8ac9 Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#3341)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps commons-io:commons-io from 2.18.0 to 2.19.0.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io&package-manager=gradle&previous-version=2.18.0&new-version=2.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-12 17:04:11 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d47dbef41e Bump com.diffplug.spotless from 7.0.2 to 7.0.3 (#3340)
Bumps com.diffplug.spotless from 7.0.2 to 7.0.3.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.diffplug.spotless&package-manager=gradle&previous-version=7.0.2&new-version=7.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-12 17:03:46 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fd34782bcc Bump actions/setup-java from 4.7.0 to 4.7.1 (#3339)
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.7.0 to 4.7.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes</h3>
<ul>
<li>Add Documentation to Recommend Using GraalVM JDK 17 Version to
17.0.12 to Align with GFTC License Terms by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li>
<li>Remove duplicated GraalVM section in documentation by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li>
<li>Upgrade <code>@​action/cache</code> to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a>
actions/cache upgrade to 4.0.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a>
Bump ts-jest from 29.1.2 to 29.2.5 (<a
href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a>
Remove duplicated GraalVM section in documentation (<a
href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a>
upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 (<a
href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a>
Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12
to Ali...</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.7.0&new-version=4.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-12 17:03:17 +01:00
ConnorYohandGitHub 2a2aabc359 Manual Redaction: Text based redaction configured by default (#3317)
Redaction applied as soon as text highlighted
Removed  Apply button

# Description of Changes

Manual redaction: 
- Text based redaction configured by default
- Redaction applied as soon as text highlighted
- Removed  Apply button

Closes #(2704)

---

## Checklist

### General

- [x ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ x] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x ] I have performed a self-review of my own code
- [x ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [x ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-04-09 18:13:25 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
606451a589 Bump github/codeql-action from 3.28.13 to 3.28.15 (#3303)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.13 to 3.28.15.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.15</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.15/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.14</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/45775bd8235c68ba998cffa5171334d58593da47"><code>45775bd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2854">#2854</a>
from github/update-v3.28.15-a35ae8c38</li>
<li><a
href="https://github.com/github/codeql-action/commit/dd78aab4078b17a672a66d6a80a990beb672ede1"><code>dd78aab</code></a>
Update CHANGELOG.md with bug fix details</li>
<li><a
href="https://github.com/github/codeql-action/commit/e40af591743761de70080085b4e6ce37f7f6e657"><code>e40af59</code></a>
Update changelog for v3.28.15</li>
<li><a
href="https://github.com/github/codeql-action/commit/a35ae8c380fa35365cd546f9a397a46f60dd82cf"><code>a35ae8c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2843">#2843</a>
from github/cklin/diff-informed-compat</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59df6c174a91d88eec1c48f2ab0ef7b5f96e99"><code>bb59df6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2842">#2842</a>
from github/henrymercer/zip64</li>
<li><a
href="https://github.com/github/codeql-action/commit/4b508f59648bef88ef72c74f1ffff531fda55ea8"><code>4b508f5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2845">#2845</a>
from github/mergeback/v3.28.14-to-main-fc7e4a0f</li>
<li><a
href="https://github.com/github/codeql-action/commit/ca00afb5f1457cf1c85da6cda07d73e720ff061a"><code>ca00afb</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/2969c78ce0262bf75658058604498d2b4bdb0b9b"><code>2969c78</code></a>
Update changelog and version after v3.28.14</li>
<li><a
href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a>
from github/update-v3.28.14-362ef4ce2</li>
<li><a
href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a>
Update changelog for v3.28.14</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/1b549b9259bda1cb5ddde3b41741a82a2d15a841...45775bd8235c68ba998cffa5171334d58593da47">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.13&new-version=3.28.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-09 09:54:47 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
076a2d5e6a Bump actions/create-github-app-token from 1.12.0 to 2.0.2 (#3304)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.12.0 to 2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.2</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.1...v2.0.2">2.0.2</a>
(2025-04-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>improve log messages for token creation (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/226">#226</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/eaef29498fbc63724aabd0a6e832efd41baf2cc7">eaef294</a>)</li>
</ul>
<h2>v2.0.1</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.0...v2.0.1">2.0.1</a>
(2025-04-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group across
1 directory with 2 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/228">#228</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/2411bfc7923448badb7a1faf23017f382e0fb895">2411bfc</a>)</li>
</ul>
<h2>v2.0.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v1.12.0...v2.0.0">2.0.0</a>
(2025-04-03)</h1>
<ul>
<li>feat!: remove deprecated inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/213">#213</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/5cc811bc40176329bb642bff9e5d9e356099ad2a">5cc811b</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<ul>
<li>Removed deprecated inputs (<code>app_id</code>,
<code>private_key</code>, <code>skip_token_revoke</code>) and made
<code>app-id</code> and <code>private-key</code> required in the action
configuration.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5"><code>3ff1caa</code></a>
build(release): 2.0.2 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/eaef29498fbc63724aabd0a6e832efd41baf2cc7"><code>eaef294</code></a>
fix: improve log messages for token creation (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/226">#226</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/86e24964d68ec4c8b52e8e73e2592920edeef469"><code>86e2496</code></a>
build(release): 2.0.1 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/2411bfc7923448badb7a1faf23017f382e0fb895"><code>2411bfc</code></a>
fix(deps): bump the production-dependencies group across 1 directory
with 2 u...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/f17d09a7b5793a4b0dc1a459bbf5edf546efc2a6"><code>f17d09a</code></a>
build(deps-dev): bump the development-dependencies group with 3 updates
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/225">#225</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/e250d17c7aa1d7a66d86612292ee003805805f23"><code>e250d17</code></a>
ci(update-permission-inputs): add permissions (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/230">#230</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/ed258b491a44c74d929fca53dd9bdda60715a176"><code>ed258b4</code></a>
Rename workflow</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/5c652ca715a5ee7310cdd4924fdad2fa34e49f85"><code>5c652ca</code></a>
Update update-inputs.yml</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/60ee75db786fa4aab3e3f79d4f9a89671e5c05cc"><code>60ee75d</code></a>
ci(update-inputs): create initial version (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/229">#229</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/064492a9a1762067169d50c792a7dc02bc3d1254"><code>064492a</code></a>
build(release): 2.0.0 [skip ci]</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/create-github-app-token/compare/d72941d797fd3113feb6b93fd0dec494b13a2547...3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.12.0&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-09 09:54:33 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
85b0f61f92 Bump actions/dependency-review-action from 4.5.0 to 4.6.0 (#3286)
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 4.5.0 to 4.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Updating multiple dependency versions by <a
href="https://github.com/Ahmed3lmallah"><code>@​Ahmed3lmallah</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/870">actions/dependency-review-action#870</a></li>
<li>Grouping minor and patch dependabot updates to lessen the number of
PRs by <a
href="https://github.com/Ahmed3lmallah"><code>@​Ahmed3lmallah</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/876">actions/dependency-review-action#876</a></li>
<li>Bump actions/stale from 9.0.0 to 9.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/878">actions/dependency-review-action#878</a></li>
<li>Bump undici from 5.28.4 to 5.28.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/877">actions/dependency-review-action#877</a></li>
<li>DR Action should link to the proxima stamp when appropriate in error
messages by <a
href="https://github.com/AshelyTC"><code>@​AshelyTC</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li>
<li>Allow deny package removal by <a
href="https://github.com/ellenfieldn"><code>@​ellenfieldn</code></a> in
<a
href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li>
<li>Fix typos by <a
href="https://github.com/omahs"><code>@​omahs</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li>
<li>Bump esbuild from 0.19.5 to 0.25.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/900">actions/dependency-review-action#900</a></li>
<li>Bump octokit and related dependencies by <a
href="https://github.com/RomanIakovlev"><code>@​RomanIakovlev</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li>
<li>Bump <code>@​babel/helpers</code> from 7.23.2 to 7.26.10 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/905">actions/dependency-review-action#905</a></li>
<li>Bump <code>@​octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/899">actions/dependency-review-action#899</a></li>
<li>Update transitive dependency spdx-license-ids by <a
href="https://github.com/ailox"><code>@​ailox</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li>
<li>To not print OpenSSF Scorecard section if no dependencies scanned by
<a href="https://github.com/fabasoad"><code>@​fabasoad</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li>
<li>Improve usage of this action in dependency-review.yml by <a
href="https://github.com/fabasoad"><code>@​fabasoad</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/883">actions/dependency-review-action#883</a></li>
<li>Clarify comment-summary-in-pr behaviour by <a
href="https://github.com/Pantelis-Santorinios"><code>@​Pantelis-Santorinios</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li>
<li>Prepare 4.6.0 Release candidate by <a
href="https://github.com/brrygrdn"><code>@​brrygrdn</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/AshelyTC"><code>@​AshelyTC</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li>
<li><a
href="https://github.com/ellenfieldn"><code>@​ellenfieldn</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li>
<li><a href="https://github.com/omahs"><code>@​omahs</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li>
<li><a
href="https://github.com/RomanIakovlev"><code>@​RomanIakovlev</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li>
<li><a href="https://github.com/ailox"><code>@​ailox</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li>
<li><a href="https://github.com/fabasoad"><code>@​fabasoad</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li>
<li><a
href="https://github.com/Pantelis-Santorinios"><code>@​Pantelis-Santorinios</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li>
<li><a href="https://github.com/brrygrdn"><code>@​brrygrdn</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0">https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/ce3cf9537a52e8119d91fd484ab5b8a807627bf8"><code>ce3cf95</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/910">#910</a>
from actions/brrygrdn/4.6.0-release-candidate</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/479b69732e832663bc5bcaf0bdba115749c8a9bd"><code>479b697</code></a>
Prepare 4.6.0</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/aee95908eac366b40b414329f8ba60a3bfc71d5d"><code>aee9590</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/902">#902</a>
from Pantelis-Santorinios/patch-1</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/080ada628110c1782e56d699fdba17f860641e49"><code>080ada6</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/883">#883</a>
from fabasoad/fix/ci</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/430e5f0bbfde79de0a811466e75d015791b742f4"><code>430e5f0</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/884">#884</a>
from fabasoad/fix/863</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/51699b6461ee529b8c1e077ff5e7de2dbed5e1ac"><code>51699b6</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/855">#855</a>
from ailox/ailox/fix/invalid-new-licenses</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/ac9b193bebc6a308717bebfeaedd0204c20b693c"><code>ac9b193</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/899">#899</a>
from actions/dependabot/npm_and_yarn/octokit/plugin-p...</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/d630451aa0e2431936e97ac48fe650bd35af14ae"><code>d630451</code></a>
Pin <code>@​octokit/types</code> version for compatibility</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/c8dafca32b571835e7a3cf7200e7810364ce7b95"><code>c8dafca</code></a>
Add dist for <code>@​octokit/plugin-paginate-rest</code> version
bump</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/bc858b56499582a4d424a0d3a9cc9917dcb9345d"><code>bc858b5</code></a>
Bump <code>@​octokit/plugin-paginate-rest</code> from 9.1.5 to
9.2.2</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/3b139cfc5fae8b618d3eae3675e383bb1769c019...ce3cf9537a52e8119d91fd484ab5b8a807627bf8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.5.0&new-version=4.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 16:53:32 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2938fcc044 Bump step-security/harden-runner from 2.11.0 to 2.11.1 (#3285)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.11.0 to 2.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.1</h2>
<h2>What's Changed</h2>
<ul>
<li>cache: add support for GitHub Actions cache v2 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> in <a
href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a>
from step-security/rc-19</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a>
Improve error handling</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a>
from h0x0er/jatin/cache-fix</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a>
cache: added support for cache v2</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a>
from step-security/fix/security/GHSA-968p-4wvh-cqc8</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a>
Address vulnerabilities</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a>
Update README (<a
href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a>
Update Readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a>
Update readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a>
from vorburger/patch-1</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.0&new-version=2.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 16:53:13 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
30d7053150 Bump actions/create-github-app-token from 1.11.7 to 1.12.0 (#3279)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.7 to 1.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.12.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.7...v1.12.0">1.12.0</a>
(2025-03-27)</h1>
<h3>Features</h3>
<ul>
<li>permissions (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/168">#168</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361">0e0aa99</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d72941d797fd3113feb6b93fd0dec494b13a2547"><code>d72941d</code></a>
build(release): 1.12.0 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361"><code>0e0aa99</code></a>
feat: permissions (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/168">#168</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/f5779415062400dd18cb017a69efddabff4ac24c"><code>f577941</code></a>
Remove individuals form CODEOWNERS (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/215">#215</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/af35edadc00be37caa72ed9f3e6d5f7801bfdf09...d72941d797fd3113feb6b93fd0dec494b13a2547">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.7&new-version=1.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:41:56 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d00a082f66 Bump actions/setup-python from 5.4.0 to 5.5.0 (#3278)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/setup-python](https://github.com/actions/setup-python)
from 5.4.0 to 5.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v5.5.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements:</h3>
<ul>
<li>Support free threaded Python versions like '3.13t' by <a
href="https://github.com/colesbury"><code>@​colesbury</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/973">actions/setup-python#973</a></li>
<li>Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for
free threaded and Upgrade <code>@​action/cache</code> from 4.0.0 to
4.0.3 by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1056">actions/setup-python#1056</a></li>
<li>Add support for .tool-versions file in setup-python by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1043">actions/setup-python#1043</a></li>
</ul>
<h3>Bug fixes:</h3>
<ul>
<li>Fix architecture for pypy on Linux ARM64 by <a
href="https://github.com/mayeut"><code>@​mayeut</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1011">actions/setup-python#1011</a>
This update maps arm64 to aarch64 for Linux ARM64 PyPy
installations.</li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​vercel/ncc</code> from 0.38.1 to 0.38.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1016">actions/setup-python#1016</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1015">actions/setup-python#1015</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/colesbury"><code>@​colesbury</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/973">actions/setup-python#973</a></li>
<li><a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1043">actions/setup-python#1043</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v5...v5.5.0">https://github.com/actions/setup-python/compare/v5...v5.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/8d9ed9ac5c53483de85588cdf95a591a75ab9f55"><code>8d9ed9a</code></a>
Add e2e Testing for free threaded and Bump <code>@​action/cache</code>
from 4.0.0 to 4.0.3 ...</li>
<li><a
href="https://github.com/actions/setup-python/commit/19e4675e06535f6b54e894da5c1f044400bb4996"><code>19e4675</code></a>
Add support for .tool-versions file in setup-python (<a
href="https://redirect.github.com/actions/setup-python/issues/1043">#1043</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/6fd11e170a18f6ae448d1080a4a63cc987aed84c"><code>6fd11e1</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-python/issues/1015">#1015</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/9e62be81b28222addecf85e47571213eb7680449"><code>9e62be8</code></a>
Support free threaded Python versions like '3.13t' (<a
href="https://redirect.github.com/actions/setup-python/issues/973">#973</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/6ca8e8598faa206f7140a65ba31b899bebe16f58"><code>6ca8e85</code></a>
Bump <code>@​vercel/ncc</code> from 0.38.1 to 0.38.3 (<a
href="https://redirect.github.com/actions/setup-python/issues/1016">#1016</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/8039c45ed9a312fba91f3399cd0605ba2ebfe93c"><code>8039c45</code></a>
fix: install PyPy on Linux ARM64 (<a
href="https://redirect.github.com/actions/setup-python/issues/1011">#1011</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-python/compare/42375524e23c412d93fb67b49958b491fce71c38...8d9ed9ac5c53483de85588cdf95a591a75ab9f55">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-python&package-manager=github_actions&previous-version=5.4.0&new-version=5.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:41:16 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b1c8166716 Bump crazy-max/ghaction-github-labeler from 5.2.0 to 5.3.0 (#3277)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[crazy-max/ghaction-github-labeler](https://github.com/crazy-max/ghaction-github-labeler)
from 5.2.0 to 5.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crazy-max/ghaction-github-labeler/releases">crazy-max/ghaction-github-labeler's
releases</a>.</em></p>
<blockquote>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@​octokit/plugin-paginate-rest</code> from 9.2.1 to 9.2.2
in <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/229">crazy-max/ghaction-github-labeler#229</a></li>
<li>Bump <code>@​octokit/request</code> from 8.4.0 to 8.4.1 in <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/232">crazy-max/ghaction-github-labeler#232</a></li>
<li>Bump <code>@​octokit/request-error</code> from 5.1.0 to 5.1.1 in <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/228">crazy-max/ghaction-github-labeler#228</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-github-labeler/compare/v5.2.0...v5.3.0">https://github.com/crazy-max/ghaction-github-labeler/compare/v5.2.0...v5.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/24d110aa46a59976b8a7f35518cb7f14f434c916"><code>24d110a</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/229">#229</a>
from crazy-max/dependabot/npm_and_yarn/octokit/plugin...</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/38fb29f900243eb0487a528b6bcbea970fca2f96"><code>38fb29f</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/0113fc2ceb9c7de1c2ca4771bdb816a31f12b1c2"><code>0113fc2</code></a>
chore(deps): bump <code>@​octokit/plugin-paginate-rest</code> from 9.2.1
to 9.2.2</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/42f774ec78ba04d628e7d09102a2ff4bb200041c"><code>42f774e</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/228">#228</a>
from crazy-max/dependabot/npm_and_yarn/octokit/reques...</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/99839924fa2d67d0ae4c9f40e8d81b53327944ff"><code>9983992</code></a>
chore(deps): bump <code>@​octokit/request-error</code> from 5.1.0 to
5.1.1</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/32d1878445d7c4da206628cf616d981a4e098428"><code>32d1878</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/232">#232</a>
from crazy-max/dependabot/npm_and_yarn/octokit/reques...</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/3faa84509c32730067031d32c5028c779182fdde"><code>3faa845</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/16efe0430ed4435c8036492cd092bcd865e0f5d7"><code>16efe04</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/233">#233</a>
from crazy-max/ci-fix-codecov</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/7f6122ba12c5457004662d0f5af3004313ae6b2a"><code>7f6122b</code></a>
ci: fix test workflow</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/2ea799d7b8ae2d0bf3516468f26450ef655d2e2c"><code>2ea799d</code></a>
chore(deps): bump <code>@​octokit/request</code> from 8.4.0 to
8.4.1</li>
<li>Additional commits viewable in <a
href="https://github.com/crazy-max/ghaction-github-labeler/compare/31674a3852a9074f2086abcf1c53839d466a47e7...24d110aa46a59976b8a7f35518cb7f14f434c916">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=crazy-max/ghaction-github-labeler&package-manager=github_actions&previous-version=5.2.0&new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:40:52 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
472d0b14db Bump gradle/actions from 4.3.0 to 4.3.1 (#3276)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.0 to
4.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.1</h2>
<p>This release fixes a couple of minor issues, as well as keeping
dependencies up to date.</p>
<h2>Fixed issues</h2>
<ul>
<li>The develocity-allow-untrusted-server parameter should be honoured
when fetching short-lived access tokens <a
href="https://redirect.github.com/gradle/actions/issues/583">#583</a></li>
<li>Build summary may incorrectly report build success <a
href="https://redirect.github.com/gradle/actions/issues/415">#415</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update develocity-injection init script to v1.1.1 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/545">gradle/actions#545</a></li>
<li>Bump the github-actions group across 2 directories with 3 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/547">gradle/actions#547</a></li>
<li>Bump the npm-dependencies group in /sources with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/548">gradle/actions#548</a></li>
<li>Update develocity-injection init script to v1.2 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/550">gradle/actions#550</a></li>
<li>Bump the github-actions group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/552">gradle/actions#552</a></li>
<li>Bump the npm-dependencies group across 1 directory with 5 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/558">gradle/actions#558</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/560">gradle/actions#560</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19.1 to 3.19.2 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/561">gradle/actions#561</a></li>
<li>Catch more build failures in job summary by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/571">gradle/actions#571</a></li>
<li>Scope captured build failures by <a
href="https://github.com/erichaagdev"><code>@​erichaagdev</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li>
<li>Ignore SSL certificate validation when fetching Develocity
short-lived access token if
<code>develocity-allow-untrusted-server</code> is enabled by <a
href="https://github.com/remcomokveld"><code>@​remcomokveld</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li>
<li>Dependency updates by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/579">gradle/actions#579</a></li>
<li>Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in
/.github/workflow-samples/kotlin-dsl in the gradle group across 1
directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/580">gradle/actions#580</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/582">gradle/actions#582</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/erichaagdev"><code>@​erichaagdev</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li>
<li><a
href="https://github.com/remcomokveld"><code>@​remcomokveld</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.3.0...v4.3.1">https://github.com/gradle/actions/compare/v4.3.0...v4.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/06832c7b30a0129d7fb559bcc6e43d26f6374244"><code>06832c7</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/b7b029e5c461bcd4187e3922253a207372ea1d04"><code>b7b029e</code></a>
Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in
/.github/workflo...</li>
<li><a
href="https://github.com/gradle/actions/commit/a0bd2ca5cbf6404f68a1a02c2e2741218f894b90"><code>a0bd2ca</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/7974541d55b5d4265df89850a40d5063d2d3036e"><code>7974541</code></a>
Dependency updates (<a
href="https://redirect.github.com/gradle/actions/issues/579">#579</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/a58163930329ccce0ace4389791c82734e52204b"><code>a581639</code></a>
Update DSL samples to use test suites</li>
<li><a
href="https://github.com/gradle/actions/commit/acd2925667ac1dae317b3b2de03ce2d3b5da2205"><code>acd2925</code></a>
Update java-toolchain sample to use Kotlin DSL</li>
<li><a
href="https://github.com/gradle/actions/commit/aa88309fbde788037cd53df497543c8c40e5e2ae"><code>aa88309</code></a>
Update gradle-plugin sample to use Kotlin DSL</li>
<li><a
href="https://github.com/gradle/actions/commit/086c9e4b25c544ef148c374d34a7a844517c740b"><code>086c9e4</code></a>
Revert update to eslint-plugin-github</li>
<li><a
href="https://github.com/gradle/actions/commit/d31b81842d0028028432bad95773235ec859b85c"><code>d31b818</code></a>
Update patch file for actions/[email protected]</li>
<li><a
href="https://github.com/gradle/actions/commit/2778b4a120e9ad2ed71a81933fa2e09c33c15a72"><code>2778b4a</code></a>
Bump the npm-dependencies group across 1 directory with 8 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/94baf225fe0a508e581a564467443d0e2379123b...06832c7b30a0129d7fb559bcc6e43d26f6374244">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.3.0&new-version=4.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:40:34 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e449c05340 Bump org.projectlombok:lombok from 1.18.36 to 1.18.38 (#3275)
Bumps
[org.projectlombok:lombok](https://github.com/projectlombok/lombok) from
1.18.36 to 1.18.38.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown">org.projectlombok:lombok's
changelog</a>.</em></p>
<blockquote>
<h3>v1.18.38 (March 31st, 2025)</h3>
<ul>
<li>PLATFORM: JDK24 support added.</li>
<li>FEATURE: Lombok's nullity annotation now supports <a
href="https://jspecify.dev">JSpecify</a> out of the box, using <a
href="https://projectlombok.org/features/configuration">config key</a>
<code>jspecify</code>.</li>
<li>BUGFIX: Recent eclipse releases would get you 'negative length'
error. The bug had always been in lombok but didn't matter until recent
releases. [Issue <a
href="https://redirect.github.com/projectlombok/lombok/issues/3823">#3823</a>](<a
href="https://redirect.github.com/projectlombok/lombok/issues/3823">projectlombok/lombok#3823</a>).</li>
<li>BUGFIX: The 'extract local variable' refactor script of VSCode
wouldn't replace all occurrences if run on a method call to a lombok
generated method. [Issue <a
href="https://redirect.github.com/projectlombok/lombok/issues/3783">#3783</a>](<a
href="https://redirect.github.com/projectlombok/lombok/issues/3783">projectlombok/lombok#3783</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/projectlombok/lombok/commit/37b7e192c9e46ccafc26d6cab424c93cbcaf95d5"><code>37b7e19</code></a>
[release] pre-release version bump for v1.18.38</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/ec886ae07b077196eceef9bf7176ea3453ddf1ee"><code>ec886ae</code></a>
[changelog] Mention fixing of <a
href="https://redirect.github.com/projectlombok/lombok/issues/3783">#3783</a>
in changelog.</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/ed0965b5f938240ba13d8c58f4f3443477123fbe"><code>ed0965b</code></a>
[docs] Cleaned up use of <code>\&lt;p&gt;</code> in maven and edge
html.</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/b7896c5a74de2fa2c4467c21aea5469d6673f197"><code>b7896c5</code></a>
<a
href="https://redirect.github.com/projectlombok/lombok/issues/3824">#3824</a>
Our own 'Comment' ad hoc impl now also needs to provide an impl for
`...</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/8ed8234ac08ddbec9e587d58baf4ddb18c1a46e8"><code>8ed8234</code></a>
[unused-code] We kept a ref to the <code>storeEnd</code> in
PrettyPrinter but we never u...</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/975f96f37a2a5344648942aab72daf73db4dcb8c"><code>975f96f</code></a>
Merge pull request <a
href="https://redirect.github.com/projectlombok/lombok/issues/3856">#3856</a>
from mmoayyed/github-workflow-config</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/77837601a13aab5cb68005bea1ed13e0ad61e8ee"><code>7783760</code></a>
Fix github workflow YAML configuration</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/3aa9779ef41bd9097cf47183df741bec065f2315"><code>3aa9779</code></a>
[changelog] Mention fix for eclipse negative length (<a
href="https://redirect.github.com/projectlombok/lombok/issues/3823">#3823</a>)
in changelog.</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/f4e5bbb31203e6cf432b76133a2c91a4c4756ba7"><code>f4e5bbb</code></a>
[fix <a
href="https://redirect.github.com/projectlombok/lombok/issues/3839">#3839</a>]
Fixing a mistake in my merge of 3939.</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/41dfb0d752c5b1b4bc38793a498a2241403497f1"><code>41dfb0d</code></a>
[fix <a
href="https://redirect.github.com/projectlombok/lombok/issues/3825">#3825</a>]
Stub compilation requires all non-core-java classes to be stubbed.</li>
<li>Additional commits viewable in <a
href="https://github.com/projectlombok/lombok/compare/v1.18.36...v1.18.38">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.projectlombok:lombok&package-manager=gradle&previous-version=1.18.36&new-version=1.18.38)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:40:16 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c7dda21ae3 Bump org.sonarqube from 6.0.1.5171 to 6.1.0.5360 (#3274)
Bumps org.sonarqube from 6.0.1.5171 to 6.1.0.5360.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.sonarqube&package-manager=gradle&previous-version=6.0.1.5171&new-version=6.1.0.5360)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:39:57 +01:00
ConnorYohandGitHub c9853f6d5d Removed rounding causing images to scale on viewer (#3237)
# Description of Changes

Please provide a summary of the changes, including:

- What was changed

Removed forced rounding up of image sizes when added to a pdf. 
- Why the change was made

This was originally added as part of [pull
2433](https://github.com/Stirling-Tools/Stirling-PDF/pull/2433) to aid
with redaction. I assume it was added so that redactions always round up
to cover every considered pixel.

This rounding-up logic had issues on certain browsers. 


Closes #(3199)

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-03-25 17:57:58 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
948fa5ff6c Bump github/codeql-action from 3.28.12 to 3.28.13 (#3239)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.12 to 3.28.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.13</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/1b549b9259bda1cb5ddde3b41741a82a2d15a841"><code>1b549b9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2819">#2819</a>
from github/update-v3.28.13-e0ea14102</li>
<li><a
href="https://github.com/github/codeql-action/commit/82630c85f38b5b7c2c9cc279f06af77a080fba19"><code>82630c8</code></a>
Update changelog for v3.28.13</li>
<li><a
href="https://github.com/github/codeql-action/commit/e0ea141027937784e3c10ed1679e503fcc2245bc"><code>e0ea141</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2818">#2818</a>
from github/cklin/empty-pr-diff-range</li>
<li><a
href="https://github.com/github/codeql-action/commit/b361a915088c90790a0c458a63a4b63108a9ab0a"><code>b361a91</code></a>
Diff-informed analysis: fix empty PR handling</li>
<li><a
href="https://github.com/github/codeql-action/commit/bd1d9ab4eda903e1b5caa241368836575c6c476b"><code>bd1d9ab</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2816">#2816</a>
from github/cklin/overlay-file-list</li>
<li><a
href="https://github.com/github/codeql-action/commit/b98ae6ca52694a727f4a03c9bf7a52df66492f23"><code>b98ae6c</code></a>
Add overlay-database-utils tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/9825184a0aec625d59c8e5bcc122734a77e38e7b"><code>9825184</code></a>
Add getFileOidsUnderPath() tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/ac67cffe5c20e84b598930c8453336a7404b2786"><code>ac67cff</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2817">#2817</a>
from github/cklin/default-setup-diff-informed</li>
<li><a
href="https://github.com/github/codeql-action/commit/9c674ba4f548f8b6a6f1a7990756e80453894f56"><code>9c674ba</code></a>
build: refresh js files</li>
<li><a
href="https://github.com/github/codeql-action/commit/d109dd5d333ab79c34032e0443e15643c347e966"><code>d109dd5</code></a>
Detect PR branches for Default Setup</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...1b549b9259bda1cb5ddde3b41741a82a2d15a841">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.12&new-version=3.28.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-25 17:57:39 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2e231feb6a Bump ch.qos.logback:logback-core from 1.5.17 to 1.5.18 (#3230)
Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback)
from 1.5.17 to 1.5.18.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.18</h2>
<p><strong>2025-03-18 Release of logback version 1.5.18</strong></p>
<p>• Added<a
href="https://logback.qos.ch/manual/appenders.html#fileCompression">
support for XZ compression</a> for archived log files. Note that XZ
compression requires Tukaani project's <a
href="https://tukaani.org/xz/java.html">XZ library</a> for Java. In case
XZ compression is requested but the XZ library is missing, then logback
will substitute GZ compression as a fallback. This feature was requested
in issues/755.</p>
<p>• Removed references to <code>java.security.AccessController</code>
class. This class has been deprecated for some time and is slated for
removal in future JDK versions.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag
v_1.5.18. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/b2a02f065379a9b1ba5ff837fc08913b744774bc"><code>b2a02f0</code></a>
prepare release 1.5.18</li>
<li><a
href="https://github.com/qos-ch/logback/commit/991de5828b2afc2ddb8fbc7b233bd660096d793f"><code>991de58</code></a>
remove references to AccessController marked for deletion in the
JDK</li>
<li><a
href="https://github.com/qos-ch/logback/commit/f54ab16c8436475f16579e887c1305506212ac5a"><code>f54ab16</code></a>
If compression mode is XZ but the XZ library is missing, then fallback
to GZ ...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/fb45971e5457296abfcf706322a06563fb3df62a"><code>fb45971</code></a>
add support for XZ compression</li>
<li><a
href="https://github.com/qos-ch/logback/commit/31c1f55a1bf177922cf6a3c609a9d379f12d0693"><code>31c1f55</code></a>
add xz compression support with tests</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8968d0fd43d065f2f0e63b6679e59c89e0c2a8b8"><code>8968d0f</code></a>
introduce strategy based compression</li>
<li><a
href="https://github.com/qos-ch/logback/commit/834059cb64ea8a6ca6e51c78fa0ac2b2797df0ed"><code>834059c</code></a>
start work on 1.5.18-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-core&package-manager=gradle&previous-version=1.5.17&new-version=1.5.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:37:56 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
7a3000b926 Bump org.springframework.boot from 3.4.3 to 3.4.4 (#3229)
Bumps
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
from 3.4.3 to 3.4.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.4</h2>
<h2> Noteworthy Changes</h2>
<p>Tomcat APR support is now disabled by default if you are using Java
24 or higher. This change has been made to prevent JDK from issuing
warnings.</p>
<p>Please see <a
href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the
updated release notes</a> for details.</p>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Actuator throws an exception when using prototype scoped DataSource
bean <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li>
<li>Docker API error message is missing in some cases <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li>
<li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry
should not be public <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li>
<li>When an application contains multiple DataSource beans,
EntityManagerFactoryBuilder will default ddl-auto to a value that may
only be appropriate for the primary DataSource <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li>
<li>When the main class is not proxied, native testing that uses the
application's main method does not work <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li>
<li>When loading configuration from a Resource, Log4J2LoggingSystem may
not close the InputStream <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li>
<li>When loading from a resource, PemContent does not close the
InputStream <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li>
<li>ResourceBanner does not close the InputStream used to read the
banner <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li>
<li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded
using a potentially different class loader <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li>
<li>Kafka message sending fails with 'class SslBundleSslEngineFactory
could not be found' <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li>
<li>Kafka in native-image fails when using SSL bundles <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li>
<li>Nested test classes don't inherit properties from
<code>@DataJpaTest</code> on enclosing class <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li>
<li>Failure diagnostics are poor when trying to use an image platform
that is not supported by the builder <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li>
<li>Checking if APR is available logs a warning on Java 24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Multiline properties in documentation are missing backslashes <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li>
<li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li>
<li>Document support for Java 24 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li>
<li>Remove OpenShift link that 404s <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li>
<li>Fix link to javadoc for JavaExec.setArgsString <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li>
<li>Fix typo in documentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li>
<li>Update descriptions of properties that no longer require Flyway
Teams <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li>
<li>Fix typo in javadoc of
CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li>
<li>Samples for metadata annotation processers have invalid fold
attribute <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li>
<li>Clarify which Mongo properties are ignored when URI property is set
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li>
<li>Adapt Javadoc reference of JooqExceptionTranslator to use
ExceptionTranslatorExecuteListener <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to ActiveMQ 6.1.6 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li>
<li>Upgrade to AspectJ 1.9.23 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li>
<li>Upgrade to Groovy 4.0.26 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li>
<li>Upgrade to Hibernate 6.6.11.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li>
<li>Upgrade to Infinispan 15.0.14.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li>
<li>Upgrade to Jackson Bom 2.18.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li>
<li>Upgrade to Jetty 12.0.18 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li>
<li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li>
<li>Upgrade to jOOQ 3.19.21 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li>
<li>Upgrade to Logback 1.5.18 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li>
<li>Upgrade to Maven Deploy Plugin 3.1.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a>
Increase Nexus timeouts</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a>
Release v3.4.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a>
Next development version (v3.3.11-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a>
Upgrade to Spring Framework 6.2.5</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a>
Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a>
Upgrade to Spring Batch 5.2.2</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a>
Improve debuggability of DockerComposeTestExtension</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot&package-manager=gradle&previous-version=3.4.3&new-version=3.4.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:37:41 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1f8b5ce41e Bump actions/create-github-app-token from 1.11.6 to 1.11.7 (#3227)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.6 to 1.11.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.7</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.6...v1.11.7">1.11.7</a>
(2025-03-20)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump undici from 5.28.4 to 7.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/214">#214</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/a24b46a4626bf0f67abb297b82d863218920d5e2">a24b46a</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/af35edadc00be37caa72ed9f3e6d5f7801bfdf09"><code>af35eda</code></a>
build(release): 1.11.7 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a24b46a4626bf0f67abb297b82d863218920d5e2"><code>a24b46a</code></a>
fix(deps): bump undici from 5.28.4 to 7.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/214">#214</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/21cfef2b496dd8ef5b904c159339626a10ad380e...af35edadc00be37caa72ed9f3e6d5f7801bfdf09">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.6&new-version=1.11.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:37:23 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fa2a439121 Bump github/codeql-action from 3.28.11 to 3.28.12 (#3226)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.11 to 3.28.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.12</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.12/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/5f8171a638ada777af81d42b55959a643bb29017"><code>5f8171a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2814">#2814</a>
from github/update-v3.28.12-6349095d1</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59f7707d836b040802dbdf2ad1a16482d319da"><code>bb59f77</code></a>
Update changelog for v3.28.12</li>
<li><a
href="https://github.com/github/codeql-action/commit/6349095d19ec30397ffb02a63b7aa4f867deb563"><code>6349095</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2810">#2810</a>
from github/update-bundle/codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/d7d03fda1241f6b0b3fae460c9f19c6e887158ad"><code>d7d03fd</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e3a5342c5e8e627915b9a29b363f49da8c4a32e"><code>4e3a534</code></a>
Update default bundle to codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/55f023701cfc1e7d11ef2ae0c5ec3193dae4fce4"><code>55f0237</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2802">#2802</a>
from github/mbg/dependency-caching/java-buildless</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a151cd77488e58567da1dcf953e7aeeaca4950c"><code>6a151cd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2811">#2811</a>
from github/dependabot/github_actions/actions-c2c311...</li>
<li><a
href="https://github.com/github/codeql-action/commit/7866bcdb1b15b5d5cba0021b87f36d9f6d977156"><code>7866bcd</code></a>
Manually bump workflow to match autogenerated file</li>
<li><a
href="https://github.com/github/codeql-action/commit/611289e0b0ce1f6fc14820f1b72edaed2de4ba2c"><code>611289e</code></a>
build(deps): bump ruby/setup-ruby in the actions group</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c409a5b664afa7d5b12cd8487e310f286487472"><code>4c409a5</code></a>
Remove temporary dependency directory in <code>analyze</code> post
action</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/6bb031afdd8eb862ea3fc1848194185e076637e5...5f8171a638ada777af81d42b55959a643bb29017">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.11&new-version=3.28.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:37:09 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f159c62a36 Bump actions/download-artifact from 4.1.9 to 4.2.1 (#3225)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/download-artifact](https://github.com/actions/download-artifact)
from 4.1.9 to 4.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add unit tests by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/392">actions/download-artifact#392</a></li>
<li>Fix bug introduced in 4.2.0 by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/391">actions/download-artifact#391</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1">https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1</a></p>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/lkfortuna"><code>@​lkfortuna</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li>
<li>Bump artifact version, do digest check by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lkfortuna"><code>@​lkfortuna</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li>
<li><a href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0">https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/95815c38cf2ff2164869cbab79da8d1f422bc89e"><code>95815c3</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/391">#391</a>
from GhadimiR/main</li>
<li><a
href="https://github.com/actions/download-artifact/commit/278fca438a0f334c0505181835b4796f2785949b"><code>278fca4</code></a>
Move log statements</li>
<li><a
href="https://github.com/actions/download-artifact/commit/68909842a1073010f1cf920ed7f153e2948f9c16"><code>6890984</code></a>
Merge branch 'main' into main</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9415c0ec30f02c18e075f091cafcfe4159168d0"><code>f9415c0</code></a>
Run unit tests in CI</li>
<li><a
href="https://github.com/actions/download-artifact/commit/76a6eb5cbca98dccb5e14c0116e53f5df13b220d"><code>76a6eb5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/392">#392</a>
from GhadimiR/add_unit_tests</li>
<li><a
href="https://github.com/actions/download-artifact/commit/a2426d7c4522072f4d5824c9508d7ea97107cb8e"><code>a2426d7</code></a>
Merge branch 'main' into add_unit_tests</li>
<li><a
href="https://github.com/actions/download-artifact/commit/3ffa694f6f7e3d53f63807f78267796f57911dd4"><code>3ffa694</code></a>
lint</li>
<li><a
href="https://github.com/actions/download-artifact/commit/53f6aa5f93b626e252398abac720a28f6eb048ed"><code>53f6aa5</code></a>
Add extra assertion to download single artifact test</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b456700053c87aa7d6b31d212292755e1e6eb923"><code>b456700</code></a>
lint</li>
<li><a
href="https://github.com/actions/download-artifact/commit/9eab798a9885c1be58a1c4381da1109644016e98"><code>9eab798</code></a>
Configure tsconfig</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/cc203385981b70ca67e1cc392babf9cc229d5806...95815c38cf2ff2164869cbab79da8d1f422bc89e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&package-manager=github_actions&previous-version=4.1.9&new-version=4.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:22:46 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b2ca702301 Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#3223)
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.1 to 4.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.3.2 package &amp; prepare for new
upload-artifact release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a>
from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a>
Prepare for new release of actions/upload-artifact with new toolkit
cache ver...</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.1&new-version=4.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:21:36 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
902341565d Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18 (#3222)
Bumps
[ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from
1.5.17 to 1.5.18.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.18</h2>
<p><strong>2025-03-18 Release of logback version 1.5.18</strong></p>
<p>• Added<a
href="https://logback.qos.ch/manual/appenders.html#fileCompression">
support for XZ compression</a> for archived log files. Note that XZ
compression requires Tukaani project's <a
href="https://tukaani.org/xz/java.html">XZ library</a> for Java. In case
XZ compression is requested but the XZ library is missing, then logback
will substitute GZ compression as a fallback. This feature was requested
in issues/755.</p>
<p>• Removed references to <code>java.security.AccessController</code>
class. This class has been deprecated for some time and is slated for
removal in future JDK versions.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag
v_1.5.18. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/b2a02f065379a9b1ba5ff837fc08913b744774bc"><code>b2a02f0</code></a>
prepare release 1.5.18</li>
<li><a
href="https://github.com/qos-ch/logback/commit/991de5828b2afc2ddb8fbc7b233bd660096d793f"><code>991de58</code></a>
remove references to AccessController marked for deletion in the
JDK</li>
<li><a
href="https://github.com/qos-ch/logback/commit/f54ab16c8436475f16579e887c1305506212ac5a"><code>f54ab16</code></a>
If compression mode is XZ but the XZ library is missing, then fallback
to GZ ...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/fb45971e5457296abfcf706322a06563fb3df62a"><code>fb45971</code></a>
add support for XZ compression</li>
<li><a
href="https://github.com/qos-ch/logback/commit/31c1f55a1bf177922cf6a3c609a9d379f12d0693"><code>31c1f55</code></a>
add xz compression support with tests</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8968d0fd43d065f2f0e63b6679e59c89e0c2a8b8"><code>8968d0f</code></a>
introduce strategy based compression</li>
<li><a
href="https://github.com/qos-ch/logback/commit/834059cb64ea8a6ca6e51c78fa0ac2b2797df0ed"><code>834059c</code></a>
start work on 1.5.18-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-classic&package-manager=gradle&previous-version=1.5.17&new-version=1.5.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:20:45 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
40fa725578 Bump org.springframework:spring-jdbc from 6.2.3 to 6.2.4 (#3189)
Bumps
[org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework)
from 6.2.3 to 6.2.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.4</h2>
<h2> New Features</h2>
<ul>
<li>JettyCoreHttpHandlerAdapter compatibility with Jetty 12.0.17 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34561">#34561</a></li>
<li>HandlerMethodValidationException.Visitor should support RequestBody
with method parameter constraints <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34549">#34549</a></li>
<li>Allow <code>ContentResultMatchersDsl</code> matchers for supertypes
of the checked type <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34542">#34542</a></li>
<li>Avoid <code>JarURLConnection</code> resource leak in
<code>AbstractFileResolvingResource.exists()</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34528">#34528</a></li>
<li>Deprecate <code>rowsExpected</code> property of
<code>SqlQuery</code> for removal <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34526">#34526</a></li>
<li>Supply <code>RuntimeHints</code> to an <code>AotContextLoader</code>
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34513">#34513</a></li>
<li>Deprecate and remove use of UrlPathHelper in
ServletWebSocketHandlerRegistry <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34508">#34508</a></li>
<li>Avoid unnecessary CGLIB processing on configuration classes <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34486">#34486</a></li>
<li>Inconsistent default class loaders in hint classes <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34470">#34470</a></li>
<li>Add missing converters to <code>DefaultRestClientBuilder</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34439">#34439</a></li>
<li>Improve <code>BeanFactory</code>/<code>ObjectProvider</code> to
select the only one default candidate among non-default candidates <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34432">#34432</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li><code>MockCookie.parse()</code> fails to parse custom attribute with
a value <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34575">#34575</a></li>
<li><code>BeanNotOfRequiredTypeException</code> if <code>@Bean</code>
factory method returns <code>null</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34543">#34543</a></li>
<li>Regression in 6.2.3: No unique bean available for injection point
with unresolvable generics <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34541">#34541</a></li>
<li>GenericConversionService cannot find a converter when converting to
a Kotlin list of maps <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34535">#34535</a></li>
<li>isClientDisconnectedException needs to protect against null input <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34533">#34533</a></li>
<li>spring boot 3.4.3 + TimedAspect causes thread to hang <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34522">#34522</a></li>
<li>Missing Partitioned cookie support in reactive HTTP clients <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34521">#34521</a></li>
<li>DefaultManagedTaskExecutor throws
java.lang.UnsupportedOperationException: isShutdown when rejecting tasks
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34514">#34514</a></li>
<li>FileSystemResource location does not end with slash for
RouterFunction check <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34509">#34509</a></li>
<li>AbstractJackson2HttpMessageConverter not resolving generic type for
request body since 6.2.3 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34504">#34504</a></li>
<li>Request param handling in HttpRequestValues overrides existing URI
variables with same name <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34499">#34499</a></li>
<li>MockHttpServletResponse - handle multiple values for
Content-Language header <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34488">#34488</a></li>
<li>Endless loop with DataSourceUtils in spring-jdbc <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34484">#34484</a></li>
<li>MockHttpServletResponse#setHeader does not remove header for null
values <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34464">#34464</a></li>
<li>ContentCachingResponseWrapper.setHeader does not handle null value
properly. <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34460">#34460</a></li>
<li>Component scan fails to find bean candidates in the embedded jar
file in META-INF/context.xml for embedded Tomcat application <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34446">#34446</a></li>
<li>6.2.0 broke with &quot;Could not register object
[<code>@someHash</code>] under bean name 'blabla': there is already
object [<code>@sameHash</code>] bound&quot; <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34427">#34427</a></li>
<li>503 status code after completing SseEmitter in onTimeout <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34426">#34426</a></li>
<li><code>NullPointerException</code> thrown when
<code>ConfigurationClassEnhancer</code> creates CGLIB proxy <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34423">#34423</a></li>
<li>Add onRequest() hook for propagating request from downstream <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34388">#34388</a></li>
<li>Content-Type response header duplicated for failed
StreamingResponseBody return value <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34366">#34366</a></li>
<li>Task scheduler configured by XML is not eligible for getting
processed by all BeanPostProcessors <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34015">#34015</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Fix typo in Spring MVC error responses documentation <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34552">#34552</a></li>
<li>Document that Spring Framework 6.x does not yet support JSpecify
annotations <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34551">#34551</a></li>
<li>Fix web and webflux reference links <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34517">#34517</a></li>
<li>Document default KeyGenerator in spring-cache XSD <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34468">#34468</a></li>
<li>Fix broken antora task <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34454">#34454</a></li>
<li>Add <code>@since</code> tag for formField() and formFields in
MockHttpServletRequestDsl <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34448">#34448</a></li>
<li>Improve Javadoc of ObjectProvider to clarify what is unique <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34447">#34447</a></li>
<li>rest-http-interface example code can't run <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34443">#34443</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/eb3f034cd9d9982abfbd20c3f78da80c6a204bd0"><code>eb3f034</code></a>
Release v6.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/387677eae8ebc2b641e24d274c87980743c6d1cc"><code>387677e</code></a>
Upgrade to JUnit 5.12</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/4a314867d733fa39c3f749b4664812f44fb3b91f"><code>4a31486</code></a>
Upgrade to Reactor 2024.0.4 and Micrometer 1.14.5</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/020f556841a60071add53144365358f4f1fd5d7b"><code>020f556</code></a>
Support custom attribute with a value in MockCookie.parse()</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/6ea3b5a0e887a0f1ad7cf593ee1ded2c87de3d81"><code>6ea3b5a</code></a>
Fix Javadoc failure</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/d764087dbf2b40031d271bf14184eecab307878c"><code>d764087</code></a>
Correct since tag</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9ab43b138aafca1dfbdfe4b300cf25f5b5a9e1db"><code>9ab43b1</code></a>
Enhancement in HandlerMethodValidationException</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/09ae080b99c454a2020100eecd0c1bff241cdf3a"><code>09ae080</code></a>
isDisconnectedClientException protected for null</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/70a1b2fae3d1fe3c7ec7754947d5f532997cc3dc"><code>70a1b2f</code></a>
Upgrade to Checkstyle 10.21.4</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/90ddb40d7a26798c340cdfdd74f379a57e931ed1"><code>90ddb40</code></a>
Upgrade to Jetty 12.0.17 and Jetty Reactive HttpClient 4.0.9</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-jdbc&package-manager=gradle&previous-version=6.2.3&new-version=6.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-20 08:23:19 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f41dc25987 Bump org.springframework:spring-webmvc from 6.2.3 to 6.2.4 (#3190)
Bumps
[org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework)
from 6.2.3 to 6.2.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.4</h2>
<h2> New Features</h2>
<ul>
<li>JettyCoreHttpHandlerAdapter compatibility with Jetty 12.0.17 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34561">#34561</a></li>
<li>HandlerMethodValidationException.Visitor should support RequestBody
with method parameter constraints <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34549">#34549</a></li>
<li>Allow <code>ContentResultMatchersDsl</code> matchers for supertypes
of the checked type <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34542">#34542</a></li>
<li>Avoid <code>JarURLConnection</code> resource leak in
<code>AbstractFileResolvingResource.exists()</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34528">#34528</a></li>
<li>Deprecate <code>rowsExpected</code> property of
<code>SqlQuery</code> for removal <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34526">#34526</a></li>
<li>Supply <code>RuntimeHints</code> to an <code>AotContextLoader</code>
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34513">#34513</a></li>
<li>Deprecate and remove use of UrlPathHelper in
ServletWebSocketHandlerRegistry <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34508">#34508</a></li>
<li>Avoid unnecessary CGLIB processing on configuration classes <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34486">#34486</a></li>
<li>Inconsistent default class loaders in hint classes <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34470">#34470</a></li>
<li>Add missing converters to <code>DefaultRestClientBuilder</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34439">#34439</a></li>
<li>Improve <code>BeanFactory</code>/<code>ObjectProvider</code> to
select the only one default candidate among non-default candidates <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34432">#34432</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li><code>MockCookie.parse()</code> fails to parse custom attribute with
a value <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34575">#34575</a></li>
<li><code>BeanNotOfRequiredTypeException</code> if <code>@Bean</code>
factory method returns <code>null</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34543">#34543</a></li>
<li>Regression in 6.2.3: No unique bean available for injection point
with unresolvable generics <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34541">#34541</a></li>
<li>GenericConversionService cannot find a converter when converting to
a Kotlin list of maps <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34535">#34535</a></li>
<li>isClientDisconnectedException needs to protect against null input <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34533">#34533</a></li>
<li>spring boot 3.4.3 + TimedAspect causes thread to hang <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34522">#34522</a></li>
<li>Missing Partitioned cookie support in reactive HTTP clients <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34521">#34521</a></li>
<li>DefaultManagedTaskExecutor throws
java.lang.UnsupportedOperationException: isShutdown when rejecting tasks
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34514">#34514</a></li>
<li>FileSystemResource location does not end with slash for
RouterFunction check <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34509">#34509</a></li>
<li>AbstractJackson2HttpMessageConverter not resolving generic type for
request body since 6.2.3 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34504">#34504</a></li>
<li>Request param handling in HttpRequestValues overrides existing URI
variables with same name <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34499">#34499</a></li>
<li>MockHttpServletResponse - handle multiple values for
Content-Language header <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34488">#34488</a></li>
<li>Endless loop with DataSourceUtils in spring-jdbc <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34484">#34484</a></li>
<li>MockHttpServletResponse#setHeader does not remove header for null
values <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34464">#34464</a></li>
<li>ContentCachingResponseWrapper.setHeader does not handle null value
properly. <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34460">#34460</a></li>
<li>Component scan fails to find bean candidates in the embedded jar
file in META-INF/context.xml for embedded Tomcat application <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34446">#34446</a></li>
<li>6.2.0 broke with &quot;Could not register object
[<code>@someHash</code>] under bean name 'blabla': there is already
object [<code>@sameHash</code>] bound&quot; <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34427">#34427</a></li>
<li>503 status code after completing SseEmitter in onTimeout <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34426">#34426</a></li>
<li><code>NullPointerException</code> thrown when
<code>ConfigurationClassEnhancer</code> creates CGLIB proxy <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34423">#34423</a></li>
<li>Add onRequest() hook for propagating request from downstream <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34388">#34388</a></li>
<li>Content-Type response header duplicated for failed
StreamingResponseBody return value <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34366">#34366</a></li>
<li>Task scheduler configured by XML is not eligible for getting
processed by all BeanPostProcessors <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34015">#34015</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Fix typo in Spring MVC error responses documentation <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34552">#34552</a></li>
<li>Document that Spring Framework 6.x does not yet support JSpecify
annotations <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34551">#34551</a></li>
<li>Fix web and webflux reference links <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34517">#34517</a></li>
<li>Document default KeyGenerator in spring-cache XSD <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34468">#34468</a></li>
<li>Fix broken antora task <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34454">#34454</a></li>
<li>Add <code>@since</code> tag for formField() and formFields in
MockHttpServletRequestDsl <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34448">#34448</a></li>
<li>Improve Javadoc of ObjectProvider to clarify what is unique <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34447">#34447</a></li>
<li>rest-http-interface example code can't run <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34443">#34443</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/eb3f034cd9d9982abfbd20c3f78da80c6a204bd0"><code>eb3f034</code></a>
Release v6.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/387677eae8ebc2b641e24d274c87980743c6d1cc"><code>387677e</code></a>
Upgrade to JUnit 5.12</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/4a314867d733fa39c3f749b4664812f44fb3b91f"><code>4a31486</code></a>
Upgrade to Reactor 2024.0.4 and Micrometer 1.14.5</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/020f556841a60071add53144365358f4f1fd5d7b"><code>020f556</code></a>
Support custom attribute with a value in MockCookie.parse()</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/6ea3b5a0e887a0f1ad7cf593ee1ded2c87de3d81"><code>6ea3b5a</code></a>
Fix Javadoc failure</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/d764087dbf2b40031d271bf14184eecab307878c"><code>d764087</code></a>
Correct since tag</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9ab43b138aafca1dfbdfe4b300cf25f5b5a9e1db"><code>9ab43b1</code></a>
Enhancement in HandlerMethodValidationException</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/09ae080b99c454a2020100eecd0c1bff241cdf3a"><code>09ae080</code></a>
isDisconnectedClientException protected for null</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/70a1b2fae3d1fe3c7ec7754947d5f532997cc3dc"><code>70a1b2f</code></a>
Upgrade to Checkstyle 10.21.4</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/90ddb40d7a26798c340cdfdd74f379a57e931ed1"><code>90ddb40</code></a>
Upgrade to Jetty 12.0.17 and Jetty Reactive HttpClient 4.0.9</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-webmvc&package-manager=gradle&previous-version=6.2.3&new-version=6.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-20 08:21:31 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
976342e10a Bump docker/login-action from 3.3.0 to 3.4.0 (#3188)
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.3.0 to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.766.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.758.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a>
<a
href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a>
<a
href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li>
<li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/856">#856</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a>
build(deps): bump the aws-sdk-dependencies group across 1 directory with
2 up...</li>
<li><a
href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/844">#844</a>
from graysonpike/master</li>
<li><a
href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/823">#823</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/812">#812</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a>
build(deps): bump https-proxy-agent</li>
<li><a
href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a>
ci: update deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/858">#858</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-20 07:58:56 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f0fd6526b6 Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.3 to 6.4.4 (#3197)
Bumps
[org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security)
from 6.4.3 to 6.4.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.4.4</h2>
<h2>🪲 Bug Fixes</h2>
<ul>
<li>Add testRuntimeOnly junit-platform-launcher <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16756">#16756</a></li>
<li>Align Method Traversal Algorithm with Spring Framework <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16751">#16751</a></li>
<li>Disable Flaky WebAuthnWebDriverTests <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16753">#16753</a></li>
<li>Fix <code>@PostResult</code> example in method-security doc <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16628">#16628</a></li>
<li>Grammar Fixes in OAuth 2.0 JavaDoc <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16619">#16619</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16649">#16649</a></li>
<li>Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16692">#16692</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.28.5.RELEASE to
0.28.6.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16691">#16691</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16715">#16715</a></li>
<li>Bump io.mockk:mockk from 1.13.16 to 1.13.17 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16675">#16675</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16725">#16725</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to
6.6.11.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16748">#16748</a></li>
<li>Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.23 to
4.33.24 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16669">#16669</a></li>
<li>Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16650">#16650</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.3 to
2024.1.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16749">#16749</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16733">#16733</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/Kuba15"><code>@​Kuba15</code></a>, <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot],
and <a
href="https://github.com/pat-mccusker"><code>@​pat-mccusker</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/3d9cd31122161aed337655e68da5c395f8b6c3f6"><code>3d9cd31</code></a>
Release 6.4.4</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/04f530bc1bf75fe3251c2adbf3f58ce6579d496b"><code>04f530b</code></a>
opensamlFiveTest.extendsFrom testRuntimeOnly</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/bf619fc3dc43acf7d943149348f5538394ec1358"><code>bf619fc</code></a>
Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/488de5af701ee7a0a3ac3634a451aa19fb0d0303"><code>488de5a</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/709d9bc039ea45642a2748e18764f51fe886a48b"><code>709d9bc</code></a>
Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/067ed2bab42fb5a86f4f6e7328982b2c1f4f1785"><code>067ed2b</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.3 to
2024.1.4</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/1db6718f69d0899745e1c620b46729dc6fe3beba"><code>1db6718</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to
6.6.11.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/41fc38397416ff1cb880ed62ca8ec00f7acb77db"><code>41fc383</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/d9bb16e913ddb0086f06f49236e16f5509a0c6da"><code>d9bb16e</code></a>
Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/11114919ec545492621fde37b0cd420df05a7b38"><code>1111491</code></a>
Bump org.springframework.data:spring-data-bom from 2024.0.9 to
2024.0.10</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.4.3...6.4.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.security:spring-security-saml2-service-provider&package-manager=gradle&previous-version=6.4.3&new-version=6.4.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-20 07:54:06 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0747ea68f5 Bump io.micrometer:micrometer-core from 1.14.4 to 1.14.5 (#3159)
Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.4 to 1.14.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.14.5</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li><code>Distribution value with |count| of 0 has a non-zero |mean|
value of XXX</code> errors in logs - similar to <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/4868">#4868</a>
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5927">#5927</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to
2.18.3 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5989">#5989</a></li>
<li>Bump com.netflix.spectator:spectator-reg-atlas from 1.8.4 to 1.8.6
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5941">#5941</a></li>
<li>Bump io.prometheus:prometheus-metrics-bom from 1.3.5 to 1.3.6 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5938">#5938</a></li>
<li>Bump me.champeau.gradle:japicmp-gradle-plugin from 0.4.5 to 0.4.6 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5940">#5940</a></li>
<li>Bump spring6 from 6.1.16 to 6.1.17 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5926">#5926</a></li>
<li>Bump testcontainers from 1.20.4 to 1.20.5 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5949">#5949</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/AlexElin"><code>@​AlexElin</code></a>,
and <a href="https://github.com/izeye"><code>@​izeye</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/4ff1bbf5b1326419d3a044ef9e2fac23377a51f9"><code>4ff1bbf</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/c92ff3dae61458523e1ca623db3b18476dd8e7ab"><code>c92ff3d</code></a>
Added release train gh action workflow</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/7cdce348561c9021e6ce42375f9e9fb26dc43ce2"><code>7cdce34</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/3a55d71bc2c711fbe1a099ad4f087a4afd28d53a"><code>3a55d71</code></a>
Clarify JavaDoc for JMS <code>DESTINATION_NAME</code> (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5988">#5988</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/0d6bcec434656a34a4aeebe209ac1eb61513c8dd"><code>0d6bcec</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/6e70957c4c8438889b1a9d6ee20a973516511683"><code>6e70957</code></a>
Fix flakiness in
JmsInstrumentationTests.shouldInstrumentMessageListener() (#...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/a5fe903b82fcd778cc0536a0928ea7ceaa9667c2"><code>a5fe903</code></a>
Try to reduce flakiness in
JvmGcMetricsTest.gcTimingIsCorrectForPauseCycleCol...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/41069635c0db2c7cb550f0008903054d1f071ee4"><code>4106963</code></a>
Bump testcontainers from 1.20.5 to 1.20.6 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5998">#5998</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/c3d8dcf4591eb7f3d663f2bde375f738fba99a16"><code>c3d8dcf</code></a>
Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.18.3
(<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5989">#5989</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/d73e34108b63e328b8f31536dec5908f00b5c8d2"><code>d73e341</code></a>
Bump io.netty:netty-bom from 4.1.118.Final to 4.1.119.Final (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5980">#5980</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.4...v1.14.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.4&new-version=1.14.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-13 10:19:49 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
885b3f049e Bump gradle from 8.12-jdk21 to 8.13-jdk21 (#3158)
Bumps gradle from 8.12-jdk21 to 8.13-jdk21.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle&package-manager=docker&previous-version=8.12-jdk21&new-version=8.13-jdk21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-13 10:19:27 +00:00
leo-jmateoGitHubAnthony Stirlinggithub-actions[bot] <github-actions[bot]@users.noreply.github.com>github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
6b35049894 Update Catalan translations (#3134)
# Update Catalan translations

- Translated and revised various entries for PDF validation,
organization, and conversion features.
- Improved consistency in technical terminology and language usage.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

---------

Signed-off-by: GitHub Action <[email protected]>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-03-10 20:35:28 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b99ad89db0 Bump github/codeql-action from 3.28.10 to 3.28.11 (#3144)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.10 to 3.28.11.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.11</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.11/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/6bb031afdd8eb862ea3fc1848194185e076637e5"><code>6bb031a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2798">#2798</a>
from github/update-v3.28.11-56b25d5d5</li>
<li><a
href="https://github.com/github/codeql-action/commit/6bca7dd940f38115b5e3696bd79bbb020563bb1f"><code>6bca7dd</code></a>
Update changelog for v3.28.11</li>
<li><a
href="https://github.com/github/codeql-action/commit/56b25d5d5251df651f82070735778784aa383094"><code>56b25d5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2793">#2793</a>
from github/update-bundle/codeql-bundle-v2.20.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/256aa1658211f7bf42a0ee5b18a106fe81baa524"><code>256aa16</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.20.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/911d845ab60270de25813c5a148ec9501e857340"><code>911d845</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2796">#2796</a>
from github/nickfyson/adjust-rate-error-string</li>
<li><a
href="https://github.com/github/codeql-action/commit/7b7ed635033f63c6f84ab377f726dc0b933bd593"><code>7b7ed63</code></a>
adjust string for handling rate limit error</li>
<li><a
href="https://github.com/github/codeql-action/commit/608ccd6cd915d2c43d3059c3da518f36f07a56b0"><code>608ccd6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2794">#2794</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/35d04d3627f40144b1b19daa99f2449297367ec9"><code>35d04d3</code></a>
Update supported GitHub Enterprise Server versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/ec3b22164b6b09c9b3d63ff4e9d41084895602b0"><code>ec3b221</code></a>
Update supported GitHub Enterprise Server versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/8dc01f6342a3f934d1a339917531a4d8beda41bc"><code>8dc01f6</code></a>
Add changelog note</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d...6bb031afdd8eb862ea3fc1848194185e076637e5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.10&new-version=3.28.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-10 08:21:28 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d65974a7e1 Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (#3145)
Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.7 to 7.0.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.8</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3751">peter-evans/create-pull-request#3751</a></li>
<li>build(deps-dev): bump eslint-import-resolver-typescript from 3.8.1
to 3.8.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3752">peter-evans/create-pull-request#3752</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.2 to 11.4.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3753">peter-evans/create-pull-request#3753</a></li>
<li>build(deps-dev): bump prettier from 3.5.1 to 3.5.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3754">peter-evans/create-pull-request#3754</a></li>
<li>fix: suppress output for some git operations by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3776">peter-evans/create-pull-request#3776</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.7...v7.0.8">https://github.com/peter-evans/create-pull-request/compare/v7.0.7...v7.0.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/271a8d0340265f705b14b6d32b9829c1cb33d45e"><code>271a8d0</code></a>
fix: suppress output for some git operations (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3776">#3776</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/6f7efd1c24d02e0d947dd3f6f9618019afb36781"><code>6f7efd1</code></a>
test: update cpr-example-command</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/13c47c574799c8eb0a033eba252619135e70f392"><code>13c47c5</code></a>
build(deps-dev): bump prettier from 3.5.1 to 3.5.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3754">#3754</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/63e58290d72e889603c931363c5169ba1bbe3fed"><code>63e5829</code></a>
build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.2 to 11.4.3 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3753">#3753</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a92c90fcab983421cc9bc736a06daea58c68d0db"><code>a92c90f</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3752">#3752</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b23b62d48799ec46790610dd74b29cb9ba2eef30"><code>b23b62d</code></a>
build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3751">#3751</a>)</li>
<li>See full diff in <a
href="https://github.com/peter-evans/create-pull-request/compare/dd2324fc52d5d43c699a5636bcf19fceaa70c284...271a8d0340265f705b14b6d32b9829c1cb33d45e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.7&new-version=7.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-10 08:21:15 +00:00
swanemarandGitHub 68421d4190 translated newly added strings re business & user interaction (#3116)
# Description of Changes

Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)

---

## Checklist

### General

- [X] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [X] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [X] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [X] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [X] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-03-06 10:03:22 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
58edc777c0 Bump actions/create-github-app-token from 1.11.5 to 1.11.6 (#3109)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.5 to 1.11.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.6</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.5...v1.11.6">1.11.6</a>
(2025-03-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 2
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/210">#210</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b">1ff1dea</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/21cfef2b496dd8ef5b904c159339626a10ad380e"><code>21cfef2</code></a>
build(release): 1.11.6 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b"><code>1ff1dea</code></a>
fix(deps): bump the production-dependencies group with 2 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/210">#210</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/0d564482f06ca65fa9e77e2510873638c82206f2...21cfef2b496dd8ef5b904c159339626a10ad380e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.5&new-version=1.11.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-05 08:39:41 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ba7c949d1a Bump actions/download-artifact from 4.1.8 to 4.1.9 (#3090)
Bumps
[actions/download-artifact](https://github.com/actions/download-artifact)
from 4.1.8 to 4.1.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li>docs: small migration fix by <a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li>Update MIGRATION.md by <a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li>Update artifact package to 2.2.2 by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li><a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li><a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li><a href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a>
from actions/yacaovsnc/release_4_1_9</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a>
Update artifact package to 2.2.2</li>
<li><a
href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a>
from andyfeller/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a>
Update MIGRATION.md</li>
<li><a
href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a>
from froblesmartin/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a>
docs: small migration fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li>See full diff in <a
href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&package-manager=github_actions&previous-version=4.1.8&new-version=4.1.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-01 19:40:33 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
04cfa9b0f3 Bump docker/build-push-action from 6.14.0 to 6.15.0 (#3091)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.14.0 to 6.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.15.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.55.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1330">docker/build-push-action#1330</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0">https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/471d1dc4e07e5cdedd4c2171150001c434f0b7a4"><code>471d1dc</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1330">#1330</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/b89ff0a6f27deae3d7f5803e80f1de9415b673c8"><code>b89ff0a</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/1e3ae3a4d3bba144fbd440e91219e1cd3bc38d69"><code>1e3ae3a</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.55.0 to
0.56.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/b16f42f92abaeb7610fd7fc99ab230d13e79e275"><code>b16f42f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1325">#1325</a>
from crazy-max/buildx-edge</li>
<li><a
href="https://github.com/docker/build-push-action/commit/dc0fea5e62c3379ed8d79ee70c09796499a5f799"><code>dc0fea5</code></a>
ci: update buildx to edge and buildkit to latest</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/0adf9959216b96bec444f325f1e493d4aa344497...471d1dc4e07e5cdedd4c2171150001c434f0b7a4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.14.0&new-version=6.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-01 19:37:06 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bc9148073c Bump docker/setup-qemu-action from 3.4.0 to 3.6.0 (#3092)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.4.0 to 3.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.6.0</h2>
<ul>
<li>Display binfmt version by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/202">docker/setup-qemu-action#202</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0">https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0</a></p>
<h2>v3.5.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/205">docker/setup-qemu-action#205</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0">https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/29109295f81e9208d7d86ff1c6c12d2833863392"><code>2910929</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/202">#202</a>
from crazy-max/binfmt-version</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7ffe24aa9a8440b164354dd7e2e6793b43bc73fa"><code>7ffe24a</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/17bc18bb05034c78f2ede32a8bbefcb428ed3f54"><code>17bc18b</code></a>
display binfmt version</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/5964de0df58d5ad28b04d8fe2e6b80ad47105b91"><code>5964de0</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/205">#205</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/862b6633f805f5f6aa43ff50a2177924d5a38852"><code>862b663</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/138de3b6464b863fed6a98c1fae46faa58f98dee"><code>138de3b</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.54.0 to
0.56.0</li>
<li>See full diff in <a
href="https://github.com/docker/setup-qemu-action/compare/4574d27a4764455b42196d70a065bc6853246a25...29109295f81e9208d7d86ff1c6c12d2833863392">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.4.0&new-version=3.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-01 19:36:23 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5c4f463cc8 Bump docker/setup-buildx-action from 3.9.0 to 3.10.0 (#3093)
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.9.0 to 3.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.10.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2"><code>b5ca514</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/1418a4ef330cff3d80e8707b47780be815fb20db"><code>1418a4e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/93acf831ce48bc806b62b1e892b89fca8bf213e0"><code>93acf83</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.54.0 to
0.56.0</li>
<li>See full diff in <a
href="https://github.com/docker/setup-buildx-action/compare/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca...b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.9.0&new-version=3.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-01 19:35:43 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
127256c3da Bump docker/metadata-action from 5.6.1 to 5.7.0 (#3094)
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action) from
5.6.1 to 5.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.7.0</h2>
<ul>
<li>Global expressions support for labels and annotations by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/489">docker/metadata-action#489</a></li>
<li>Support disabling outputs as environment variables by <a
href="https://github.com/omus"><code>@​omus</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/497">docker/metadata-action#497</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.44.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/507">docker/metadata-action#507</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/509">docker/metadata-action#509</a></li>
<li>Bump csv-parse from 5.5.6 to 5.6.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/482">docker/metadata-action#482</a></li>
<li>Bump moment-timezone from 0.5.46 to 0.5.47 in <a
href="https://redirect.github.com/docker/metadata-action/pull/501">docker/metadata-action#501</a></li>
<li>Bump semver from 7.6.3 to 7.7.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/504">docker/metadata-action#504</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0">https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/metadata-action/commit/902fa8ec7d6ecbf8d84d538b9b233a880e428804"><code>902fa8e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/504">#504</a>
from docker/dependabot/npm_and_yarn/semver-7.7.1</li>
<li><a
href="https://github.com/docker/metadata-action/commit/c30b9c27e61e950956355394454702216b74bd42"><code>c30b9c2</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/metadata-action/commit/0698804aabf8041ea6b78301daf0baeb8dad2496"><code>0698804</code></a>
chore(deps): Bump semver from 7.6.3 to 7.7.1</li>
<li><a
href="https://github.com/docker/metadata-action/commit/bb3eecaaf832752e6a3e352de3b1ff2d11194b49"><code>bb3eeca</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/501">#501</a>
from docker/dependabot/npm_and_yarn/moment-timezone-0...</li>
<li><a
href="https://github.com/docker/metadata-action/commit/94a839cf6aa9c58e06cf1ea8c8490eae3ef9794b"><code>94a839c</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/metadata-action/commit/ecd51a0f6a5f2594db412c7e8304064c1be02f6a"><code>ecd51a0</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/509">#509</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/metadata-action/commit/a85b1dbfe6a9f73e361ba3404493fe57f9d783e7"><code>a85b1db</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.55.0 to
0.56.0</li>
<li><a
href="https://github.com/docker/metadata-action/commit/5a76a0efcf13a52fea4449d4e07d44d6f1e61046"><code>5a76a0e</code></a>
chore(deps): Bump moment-timezone from 0.5.46 to 0.5.47</li>
<li><a
href="https://github.com/docker/metadata-action/commit/1cc4a9856a30691d5bd4376b110fab84260af4b5"><code>1cc4a98</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/482">#482</a>
from docker/dependabot/npm_and_yarn/csv-parse-5.6.0</li>
<li><a
href="https://github.com/docker/metadata-action/commit/d84de1e022f1b49a635274988425c331f19d0f7a"><code>d84de1e</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/metadata-action/compare/369eb591f429131d6889c46b94e711f089e6ca96...902fa8ec7d6ecbf8d84d538b9b233a880e428804">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5.6.1&new-version=5.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-01 19:35:32 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8f7153b30a Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 (#3069)
Bumps
[ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from
1.5.16 to 1.5.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.17</h2>
<p><strong>2025-02-25 Release of logback version 1.5.17</strong></p>
<p>• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe
console when the default terminal application is set to &quot;Windows
Console Host&quot;. This problem was reported in issues/753 by Michael
Lyubkin.</p>
<p>• Fixed race condition occurring in case MDC class is initialized
while org.slf4j.LoggerFactory is initializing logback-classic's
LoggerContext. When this race conditions occurs, the MDCAdapter instance
used by MDC does not match the instance used by logback-classic. This
issue was reported in SLF4J issues/450. While logback-classic version
1.5.17 remains compatible with SLF4J versions in the 2.0.x series,
fixing this particular MDC issue requires SLF4J version 2.0.17.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag
v_1.5.17. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/10358724ed723b3745c010aa40cb02a2dfed4593"><code>1035872</code></a>
prepare release 1.5.17</li>
<li><a
href="https://github.com/qos-ch/logback/commit/2e6984d1e16c78c703a62bf2789a9c157d7bc050"><code>2e6984d</code></a>
bump to slf4j version 2.0.17</li>
<li><a
href="https://github.com/qos-ch/logback/commit/100995244bf75ded9cb51bade91f84e63f349474"><code>1009952</code></a>
use a new LoggerContert instance when running LogbackListenerTest. This
shoul...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a3bb4b096aa32874eec304cb0456e526711402f4"><code>a3bb4b0</code></a>
Merge branch 'master' of github.com:qos-ch/logback</li>
<li><a
href="https://github.com/qos-ch/logback/commit/b507297eaa2868479b2d41a666f0aef750fe0079"><code>b507297</code></a>
Fixed race condition occurring in case MDC class is initialized while
org.slf...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/f5b3bc56cd1c1bcf4e8419383c1049912bc51c6f"><code>f5b3bc5</code></a>
add warning about the deprecation of SerializedModelConfigurator if
activated</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5bc0998ce1899195bd6c57b9708493197a68db95"><code>5bc0998</code></a>
Update README.md</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5610c96b4d705a4fe6ded9c42d4f47cb92bbbd95"><code>5610c96</code></a>
correct relocation address</li>
<li><a
href="https://github.com/qos-ch/logback/commit/f3d100b89d1546b10da553b1d8f741ad404504bd"><code>f3d100b</code></a>
update logback-access evaluator examples</li>
<li><a
href="https://github.com/qos-ch/logback/commit/51e390303eb27a70b16b0b8902e0240bb79f7d51"><code>51e3903</code></a>
fix issues/753 for the second time</li>
<li>Additional commits viewable in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-classic&package-manager=gradle&previous-version=1.5.16&new-version=1.5.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-26 16:23:09 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
366bec602d Bump ch.qos.logback:logback-core from 1.5.16 to 1.5.17 (#3068)
Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback)
from 1.5.16 to 1.5.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.17</h2>
<p><strong>2025-02-25 Release of logback version 1.5.17</strong></p>
<p>• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe
console when the default terminal application is set to &quot;Windows
Console Host&quot;. This problem was reported in issues/753 by Michael
Lyubkin.</p>
<p>• Fixed race condition occurring in case MDC class is initialized
while org.slf4j.LoggerFactory is initializing logback-classic's
LoggerContext. When this race conditions occurs, the MDCAdapter instance
used by MDC does not match the instance used by logback-classic. This
issue was reported in SLF4J issues/450. While logback-classic version
1.5.17 remains compatible with SLF4J versions in the 2.0.x series,
fixing this particular MDC issue requires SLF4J version 2.0.17.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag
v_1.5.17. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/10358724ed723b3745c010aa40cb02a2dfed4593"><code>1035872</code></a>
prepare release 1.5.17</li>
<li><a
href="https://github.com/qos-ch/logback/commit/2e6984d1e16c78c703a62bf2789a9c157d7bc050"><code>2e6984d</code></a>
bump to slf4j version 2.0.17</li>
<li><a
href="https://github.com/qos-ch/logback/commit/100995244bf75ded9cb51bade91f84e63f349474"><code>1009952</code></a>
use a new LoggerContert instance when running LogbackListenerTest. This
shoul...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a3bb4b096aa32874eec304cb0456e526711402f4"><code>a3bb4b0</code></a>
Merge branch 'master' of github.com:qos-ch/logback</li>
<li><a
href="https://github.com/qos-ch/logback/commit/b507297eaa2868479b2d41a666f0aef750fe0079"><code>b507297</code></a>
Fixed race condition occurring in case MDC class is initialized while
org.slf...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/f5b3bc56cd1c1bcf4e8419383c1049912bc51c6f"><code>f5b3bc5</code></a>
add warning about the deprecation of SerializedModelConfigurator if
activated</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5bc0998ce1899195bd6c57b9708493197a68db95"><code>5bc0998</code></a>
Update README.md</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5610c96b4d705a4fe6ded9c42d4f47cb92bbbd95"><code>5610c96</code></a>
correct relocation address</li>
<li><a
href="https://github.com/qos-ch/logback/commit/f3d100b89d1546b10da553b1d8f741ad404504bd"><code>f3d100b</code></a>
update logback-access evaluator examples</li>
<li><a
href="https://github.com/qos-ch/logback/commit/51e390303eb27a70b16b0b8902e0240bb79f7d51"><code>51e3903</code></a>
fix issues/753 for the second time</li>
<li>Additional commits viewable in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-core&package-manager=gradle&previous-version=1.5.16&new-version=1.5.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-26 15:56:35 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f64d7d42d9 Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (#3051)
Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.6 to 7.0.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.7</h2>
<p>⚙️ Fixes an issue with commit signing where modifications to the same
file in multiple commits squash into the first commit.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump <code>@​octokit/core</code> from 6.1.2 to 6.1.3 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3593">peter-evans/create-pull-request#3593</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.68 to
18.19.70 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3594">peter-evans/create-pull-request#3594</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3603">peter-evans/create-pull-request#3603</a></li>
<li>build(deps-dev): bump typescript from 5.7.2 to 5.7.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3610">peter-evans/create-pull-request#3610</a></li>
<li>build(deps): bump octokit dependencies by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3618">peter-evans/create-pull-request#3618</a></li>
<li>docs: add workflow tip for showing message via workflow command by
<a href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3626">peter-evans/create-pull-request#3626</a></li>
<li>build(deps-dev): bump eslint-plugin-prettier from 5.2.1 to 5.2.3 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3628">peter-evans/create-pull-request#3628</a></li>
<li>build(deps): bump node-fetch-native from 1.6.4 to 1.6.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3627">peter-evans/create-pull-request#3627</a></li>
<li>build(deps-dev): bump undici from 6.21.0 to 6.21.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3630">peter-evans/create-pull-request#3630</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.70 to
18.19.71 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3629">peter-evans/create-pull-request#3629</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3647">peter-evans/create-pull-request#3647</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.71 to
18.19.74 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3657">peter-evans/create-pull-request#3657</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.74 to
18.19.75 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3663">peter-evans/create-pull-request#3663</a></li>
<li>build(deps): bump
<code>@​octokit/plugin-rest-endpoint-methods</code> from 13.3.0 to
13.3.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3670">peter-evans/create-pull-request#3670</a></li>
<li>build(deps-dev): bump prettier from 3.4.2 to 3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3671">peter-evans/create-pull-request#3671</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3680">peter-evans/create-pull-request#3680</a></li>
<li>build(deps): bump <code>@​octokit/request-error</code> from 6.1.6 to
6.1.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3685">peter-evans/create-pull-request#3685</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.0 to 11.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3688">peter-evans/create-pull-request#3688</a></li>
<li>build(deps): bump <code>@​octokit/endpoint</code> from 10.1.2 to
10.1.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3700">peter-evans/create-pull-request#3700</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3691">peter-evans/create-pull-request#3691</a></li>
<li>build(deps-dev): bump prettier from 3.5.0 to 3.5.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3709">peter-evans/create-pull-request#3709</a></li>
<li>build(deps-dev): bump eslint-import-resolver-typescript from 3.7.0
to 3.8.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3710">peter-evans/create-pull-request#3710</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.1 to 11.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3713">peter-evans/create-pull-request#3713</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.75 to
18.19.76 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3712">peter-evans/create-pull-request#3712</a></li>
<li>build(deps): bump <code>@​octokit/core</code> from 6.1.3 to 6.1.4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3711">peter-evans/create-pull-request#3711</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3736">peter-evans/create-pull-request#3736</a></li>
<li>Use showFileAtRefBase64 to read per-commit file contents by <a
href="https://github.com/grahamc"><code>@​grahamc</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3744">peter-evans/create-pull-request#3744</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3626">peter-evans/create-pull-request#3626</a></li>
<li><a href="https://github.com/grahamc"><code>@​grahamc</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3744">peter-evans/create-pull-request#3744</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.6...v7.0.7">https://github.com/peter-evans/create-pull-request/compare/v7.0.6...v7.0.7</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/dd2324fc52d5d43c699a5636bcf19fceaa70c284"><code>dd2324f</code></a>
fix: use showFileAtRefBase64 to read per-commit file contents (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3744">#3744</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/367180cbdfa0448fc1ca9136e4adb020658cf4e5"><code>367180c</code></a>
ci: remove testv5 cmd</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/25575a12f382fb9c68692ffce1174138b61417d7"><code>25575a1</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3736">#3736</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a56e7a56e9186132269996d8937494f12ff51f77"><code>a56e7a5</code></a>
build(deps): bump <code>@​octokit/core</code> from 6.1.3 to 6.1.4 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3711">#3711</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/eac17dc6a391b3ae789deacc22d4d36f5e62ef6b"><code>eac17dc</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.75 to
18.19.76 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3712">#3712</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a2e685f8147c673583a881447134a26d6fa3d0f7"><code>a2e685f</code></a>
build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.1 to 11.4.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3713">#3713</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/6cfd146ec94d1142c1ea0bd8b540622c50f3a34b"><code>6cfd146</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3710">#3710</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b38e8d38a18a291242f9072a0d9843d4c0ed6792"><code>b38e8d3</code></a>
build(deps-dev): bump prettier from 3.5.0 to 3.5.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3709">#3709</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/8a41570d993b6f7de42d9533f6b785fc151c96e6"><code>8a41570</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3691">#3691</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/2e9b4cc10ed4becca3a04f63d54db8baf010d424"><code>2e9b4cc</code></a>
build(deps): bump <code>@​octokit/endpoint</code> from 10.1.2 to 10.1.3
(<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3700">#3700</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/peter-evans/create-pull-request/compare/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f...dd2324fc52d5d43c699a5636bcf19fceaa70c284">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.6&new-version=7.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-25 21:29:06 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9df5e2aca0 Bump github/codeql-action from 3.28.9 to 3.28.10 (#3035)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.9 to 3.28.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d"><code>b56ba49</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2778">#2778</a>
from github/update-v3.28.10-9856c48b1</li>
<li><a
href="https://github.com/github/codeql-action/commit/60c9c77c33f2cd66390a3778d54de88b735b2526"><code>60c9c77</code></a>
Update changelog for v3.28.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/9856c48b1a54789454314b4c32ef2354fe213208"><code>9856c48</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2773">#2773</a>
from github/redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/9572e09da430b4c71f7488e4195b4ca6ce1c6ef0"><code>9572e09</code></a>
Rust: fix log string</li>
<li><a
href="https://github.com/github/codeql-action/commit/1a529366ac3620317d953e2d4018eafa7459cb1c"><code>1a52936</code></a>
Rust: special case default setup</li>
<li><a
href="https://github.com/github/codeql-action/commit/cf7e90952bcceaebd4a548c2809ea6a5d461a1bc"><code>cf7e909</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2772">#2772</a>
from github/update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/b7006aab6d38638d18e38a27c18f67138529c2f8"><code>b7006aa</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/cfedae723eaced5e13052b529375e7b00d49a9cd"><code>cfedae7</code></a>
Rust: throw configuration errors if requested and not correctly
enabled</li>
<li><a
href="https://github.com/github/codeql-action/commit/3971ed2a74ede0669fa7f4f5af4292030280dbfd"><code>3971ed2</code></a>
Merge branch 'main' into redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/d38c6e60dfb0232f85e388dd416559ed07da5f3a"><code>d38c6e6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2775">#2775</a>
from github/angelapwen/bump-octokit</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.9&new-version=3.28.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-23 19:55:21 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6aad45fcec Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#3034)
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.0 to 4.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.2.2 package by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a>
from actions/yacaovsnc/artifact_2.2.2</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a>
license cache update for artifact</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a>
Update to use artifact 2.2.2 package</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.0&new-version=4.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-23 19:55:08 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ec5018cc80 Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#3033)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action)
from 2.4.0 to 2.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>This update bumps the Scorecard version to the v5.1.1 release. For a
complete list of changes, please refer to the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a>
release notes.</li>
<li>Publishing results now uses half the API quota as before. The exact
savings depends on the repository in question.
<ul>
<li>use Scorecard library entrypoint instead of Cobra hooking by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li>
</ul>
</li>
<li>Some errors were made into annotations to make them more visible
<ul>
<li>Make default branch error more prominent by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li>
</ul>
</li>
<li>There is now an optional <code>file_mode</code> input which controls
how repository files are fetched from GitHub. The default is
<code>archive</code>, but <code>git</code> produces the most accurate
results for repositories with <code>.gitattributes</code> files at the
cost of analysis speed.
<ul>
<li>add input for specifying <code>--file-mode</code> by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li>
</ul>
</li>
<li>The underlying container for the action is now <a
href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted
on GitHub Container Registry</a>. There should be no functional changes.
<ul>
<li>🌱 publish docker images to GitHub Container Registry by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Installation docs update by <a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
made their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
<li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made
their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a>
<strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a>
bump docker to ghcr v2.4.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a>
🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a>
omit vcs info from build (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a>
add input for specifying <code>--file-mode</code> (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a>
🌱 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a>
🌱 Bump golang from 1.23.6 to 1.24.0 in the docker-images group
(<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a>
Limit codeQL push trigger to main branch (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a>
upgrade scorecard to v5.1.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.4.0&new-version=2.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-23 19:55:02 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
219adb99ec Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.2 to 6.4.3 (#3009)
Bumps
[org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security)
from 6.4.2 to 6.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add Support disableDefaultRegistrationPage to WebAuthnDsl <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16395">#16395</a></li>
</ul>
<h2>🪲 Bug Fixes</h2>
<ul>
<li><code>withValue</code> used incorrectly <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16527">#16527</a></li>
<li>Fix for JdbcOneTimeTokenService cleanupExpiredTokens failing with
PostgreSQL <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16344">#16344</a></li>
<li>Fix GenerateOneTimeTokenWebFilter double publish of
chain.filter(...) <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16459">#16459</a></li>
<li>Fix Kotlin DSL webAuthn { } <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16338">#16338</a></li>
<li>Fix loader has changed while resolving nodes in
WebAuthnWebDriverTests <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16463">#16463</a></li>
<li>Fix logoutRequestRepository not set on
Saml2RelyingPartyInitiatedLogoutSuccessHandler <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16310">#16310</a></li>
<li>Implement <code>Serializable</code> for WebAuthnAuthentication <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16285">#16285</a></li>
<li>Make AuthorizationDecision Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16544">#16544</a></li>
<li>Make PublicKeyCredentialRequestOptions Serializable Backport <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16584">#16584</a></li>
<li>Make Saml2AuthenticationToken Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16287">#16287</a></li>
<li>Make WebAuthnAuthentication Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16273">#16273</a></li>
<li>Make WebAuthnAuthenticationRequestToken Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16602">#16602</a></li>
<li>Make WebAuthnAuthenticationTokenRequest Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16481">#16481</a></li>
<li>Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2
login and OAuth2 client configuration <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16466">#16466</a></li>
<li>OTT Should Use non-static member to capture the last OneTimeToken <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16471">#16471</a></li>
<li>webauthn js should ensure allowCredentials[].id is an ArrayBuffer <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16440">#16440</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16364">#16364</a></li>
<li>Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16598">#16598</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.28.4.RELEASE to
0.28.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16523">#16523</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16565">#16565</a></li>
<li>Bump io.mockk:mockk from 1.13.14 to 1.13.16 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16399">#16399</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16576">#16576</a></li>
<li>Bump io.rsocket:rsocket-bom from 1.1.4 to 1.1.5 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16534">#16534</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to
6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16610">#16610</a></li>
<li>Bump org.junit:junit-bom from 5.11.3 to 5.11.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16292">#16292</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16611">#16611</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/16597">#16597</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16599">#16599</a></li>
<li>Update to oauth2-oidc-sdk 9.43.5 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16583">#16583</a></li>
</ul>
<h2>🔩 Build Updates</h2>
<ul>
<li>Add TestBytes <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16461">#16461</a></li>
<li>Troubleshoot missing GChat notifications <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16424">#16424</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/Kehrlann"><code>@​Kehrlann</code></a>, <a
href="https://github.com/NeoTraveler"><code>@​NeoTraveler</code></a>, <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot],
<a
href="https://github.com/franticticktick"><code>@​franticticktick</code></a>,
<a href="https://github.com/making"><code>@​making</code></a>, and <a
href="https://github.com/ngocnhan-tran1996"><code>@​ngocnhan-tran1996</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/e7431a3a72e37d18bdaf5909ddf3a459bf2fa7fd"><code>e7431a3</code></a>
Release 6.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/d2f825bc74b7afab7004aab4be373487e5ff7fcd"><code>d2f825b</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/6fcbc0ea2a61a774f9b105a245f799e04edaebbe"><code>6fcbc0e</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to
6.6.8.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/efe50dd0ebf44cd9bc401f054c1635f8ec1a8867"><code>efe50dd</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/06026684e518471a7e74ae8676e6cc8378d722b9"><code>0602668</code></a>
Bump org.springframework.data:spring-data-bom from 2024.0.8 to
2024.0.9</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/946812691e5b9c6820060b2bfef95ecb69462c38"><code>9468126</code></a>
Make AuthenticatorAttestation Serializable</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/b5a4218a0bfd91220a4cf38cdefa93ee1f4f5c26"><code>b5a4218</code></a>
Make WebAuthnAuthenticationRequestToken Serializable</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/9e1a573531e2833c2b150924d28c15a5d22d7a09"><code>9e1a573</code></a>
Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/309daf565d4322297cdaa7ee1bc624d7c1f33408"><code>309daf5</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/c3d45ae529bf8eec2a6c56b78c6bc39ba2a1e0db"><code>c3d45ae</code></a>
Bump org.springframework:spring-framework-bom from 6.1.16 to 6.1.17</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.4.2...6.4.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.security:spring-security-saml2-service-provider&package-manager=gradle&previous-version=6.4.2&new-version=6.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 23:37:22 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
23a7b11a74 Bump org.springframework.session:spring-session-core from 3.4.1 to 3.4.2 (#3014)
Bumps
[org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session)
from 3.4.1 to 3.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's
releases</a>.</em></p>
<blockquote>
<h2>3.4.2</h2>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch-qos-logback from 1.5.12 to 1.5.13 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3304">#3304</a></li>
<li>Bump ch-qos-logback from 1.5.13 to 1.5.14 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3306">#3306</a></li>
<li>Bump ch-qos-logback from 1.5.14 to 1.5.15 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3309">#3309</a></li>
<li>Bump ch-qos-logback from 1.5.15 to 1.5.16 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3315">#3315</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3324">#3324</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3336">#3336</a></li>
<li>Bump io.projectreactor:reactor-core from 3.6.13 to 3.6.14 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3337">#3337</a></li>
<li>Bump org-springframework-boot from 3.3.6 to 3.3.7 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3307">#3307</a></li>
<li>Bump org-springframework-boot from 3.3.7 to 3.3.8 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3332">#3332</a></li>
<li>Bump org.postgresql:postgresql from 42.7.4 to 42.7.5 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3325">#3325</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.1 to
2024.1.2 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3328">#3328</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3339">#3339</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3326">#3326</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3338">#3338</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-session/commit/d600674f133157604ddee36fa6cf0b0bb214e996"><code>d600674</code></a>
Release 3.4.2</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/39dd594d667df62031105338a72b5817624bd198"><code>39dd594</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/1f7439e28a16ae4692c798f413d1de4a4a6c3cb7"><code>1f7439e</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.1 to
2024.1.2</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/5fa21f19a34f968f0a96b821d7ac11793b16deec"><code>5fa21f1</code></a>
Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/8a6a5c0d0e29eb91f01099bbbf188aade6a9c53e"><code>8a6a5c0</code></a>
Bump io.projectreactor:reactor-core from 3.6.13 to 3.6.14</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/495dc471bd6a83c47c13cf2b42fc02f74f564faf"><code>495dc47</code></a>
Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/e902d3f11adb8b0d3030264c1662f116777bd753"><code>e902d3f</code></a>
Bump org-springframework-boot from 3.3.7 to 3.3.8</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/6ad1989745ec0fd9e8b8be4b738d6224faaaf861"><code>6ad1989</code></a>
Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/4283df46ac6dcd15aad266eaea2c958264b63f62"><code>4283df4</code></a>
Bump org.postgresql:postgresql from 42.7.4 to 42.7.5</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/13088c6ac75f5cf0d3b78ec8c2980d64dfaccb82"><code>13088c6</code></a>
Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-session/compare/3.4.1...3.4.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.session:spring-session-core&package-manager=gradle&previous-version=3.4.1&new-version=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 23:28:21 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Ludy
880ca6af7f Bump actions/create-github-app-token from 1.11.3 to 1.11.5 (#3008)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.3 to 1.11.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.5</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.4...v1.11.5">1.11.5</a>
(2025-02-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/request</code> from
9.2.0 to 9.2.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67">8cedd97</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/737">#737</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/736">#736</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/735">#735</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/734">#734</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/733">#733</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/732">#732</a></li>
<li><strong>deps:</strong> bump <code>@​octokit/request-error</code>
from 6.1.6 to 6.1.7 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566">415f6a5</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/494">#494</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/491">#491</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/490">#490</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/488">#488</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/486">#486</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/487">#487</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/485">#485</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/484">#484</a></li>
</ul>
<h2>v1.11.4</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.3...v1.11.4">1.11.4</a>
(2025-02-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/endpoint</code> from
10.1.1 to 10.1.3 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535">d30def8</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/514">#514</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/512">#512</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/511">#511</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/509">#509</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/508">#508</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/506">#506</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/505">#505</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/504">#504</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0d564482f06ca65fa9e77e2510873638c82206f2"><code>0d56448</code></a>
build(release): 1.11.5 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67"><code>8cedd97</code></a>
fix(deps): bump <code>@​octokit/request</code> from 9.2.0 to 9.2.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566"><code>415f6a5</code></a>
fix(deps): bump <code>@​octokit/request-error</code> from 6.1.6 to 6.1.7
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c14f92a8f9fd9aff60349b9d5bb2f2d9933926bd"><code>c14f92a</code></a>
build(release): 1.11.4 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535"><code>d30def8</code></a>
fix(deps): bump <code>@​octokit/endpoint</code> from 10.1.1 to 10.1.3
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a5be4722a6091c4e20293de271822a5532f23326"><code>a5be472</code></a>
build(deps-dev): bump esbuild from 0.24.2 to 0.25.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/206">#206</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7...0d564482f06ca65fa9e77e2510873638c82206f2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.3&new-version=1.11.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludy <[email protected]>
2025-02-22 22:55:09 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3797a6827c Bump docker/build-push-action from 6.13.0 to 6.14.0 (#3012)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.13.0 to 6.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.14.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.53.0 to 0.55.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1324">docker/build-push-action#1324</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0">https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/0adf9959216b96bec444f325f1e493d4aa344497"><code>0adf995</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1324">#1324</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d88cd289df60c51a4111f165d65e205c8e913937"><code>d88cd28</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/3d09a6bd705280a63155d5f61da35bb42301fe96"><code>3d09a6b</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.55.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/ca877d9245402d1537745e0e356eab47c3520991...0adf9959216b96bec444f325f1e493d4aa344497">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.13.0&new-version=6.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:54:43 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0f5d95661c Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#3010)
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.8.0 to 3.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.1</h2>
<h2>What's Changed</h2>
<ul>
<li>use cosign 2.4.3 and other updates by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/182">sigstore/cosign-installer#182</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a"><code>d7d6bc7</code></a>
use cosign 2.4.3 and other updates (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/182">#182</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/c56c2d3e59e4281cc41dea2217323ba5694b171e...d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.8.0&new-version=3.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:49:28 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d5aea7f0b6 Bump ch.qos.logback:logback-core from 1.5.15 to 1.5.16 (#3011)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback)
from 1.5.15 to 1.5.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.16</h2>
<p><strong>2025-01-05 Release of logback version 1.5.16</strong></p>
<p>• In order to ease the migration of configuration files depending on
JaninoEventEvaluator, logback-classic will emit a warning about the
removal of JaninoEventEvaluator in version 1.5.13 and suggest an online
migration tool.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag
v_1.5.16. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/74c9ebd0e784d9e9ffc6c627cf5016d0157956b2"><code>74c9ebd</code></a>
prepare release 1.5.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/9308a58e65ad415a86377f86e3f0e338a5167e66"><code>9308a58</code></a>
javadocs structure changed</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8935470736a395429ebcd0fbf75794a83ca37cec"><code>8935470</code></a>
adapt test to SLF4J version 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/cb603698a1910e9dce1f5d39a2e51cd757eb40e0"><code>cb60369</code></a>
addded StubEventEvaluator as default class for evaluator element so as
to dir...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/1da2f171dc108a2576eb33918198db7f755b1224"><code>1da2f17</code></a>
bump jxr version</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5bde644c2659115790161256016b678ee0d957d1"><code>5bde644</code></a>
bump slf4j version to 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/aa2ebae414530c458dca2892351135d617474286"><code>aa2ebae</code></a>
remove stax related code</li>
<li><a
href="https://github.com/qos-ch/logback/commit/80db86b54892d5af85b6ee69b1e97a097f64f6bd"><code>80db86b</code></a>
fix issues/860</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a8a2303ba3afeb5b26a90412501a6d1057d17669"><code>a8a2303</code></a>
start work on 1.5.16-SNAPSHOT</li>
<li><a
href="https://github.com/qos-ch/logback/commit/bf14c2c7f657f7d255a7fe9cb156b1913e99ca3c"><code>bf14c2c</code></a>
minor javadoc update</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-core&package-manager=gradle&previous-version=1.5.15&new-version=1.5.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:49:13 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0412263d01 Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 (#3015)
Bumps
[ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from
1.5.15 to 1.5.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.16</h2>
<p><strong>2025-01-05 Release of logback version 1.5.16</strong></p>
<p>• In order to ease the migration of configuration files depending on
JaninoEventEvaluator, logback-classic will emit a warning about the
removal of JaninoEventEvaluator in version 1.5.13 and suggest an online
migration tool.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag
v_1.5.16. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/74c9ebd0e784d9e9ffc6c627cf5016d0157956b2"><code>74c9ebd</code></a>
prepare release 1.5.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/9308a58e65ad415a86377f86e3f0e338a5167e66"><code>9308a58</code></a>
javadocs structure changed</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8935470736a395429ebcd0fbf75794a83ca37cec"><code>8935470</code></a>
adapt test to SLF4J version 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/cb603698a1910e9dce1f5d39a2e51cd757eb40e0"><code>cb60369</code></a>
addded StubEventEvaluator as default class for evaluator element so as
to dir...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/1da2f171dc108a2576eb33918198db7f755b1224"><code>1da2f17</code></a>
bump jxr version</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5bde644c2659115790161256016b678ee0d957d1"><code>5bde644</code></a>
bump slf4j version to 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/aa2ebae414530c458dca2892351135d617474286"><code>aa2ebae</code></a>
remove stax related code</li>
<li><a
href="https://github.com/qos-ch/logback/commit/80db86b54892d5af85b6ee69b1e97a097f64f6bd"><code>80db86b</code></a>
fix issues/860</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a8a2303ba3afeb5b26a90412501a6d1057d17669"><code>a8a2303</code></a>
start work on 1.5.16-SNAPSHOT</li>
<li><a
href="https://github.com/qos-ch/logback/commit/bf14c2c7f657f7d255a7fe9cb156b1913e99ca3c"><code>bf14c2c</code></a>
minor javadoc update</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-classic&package-manager=gradle&previous-version=1.5.15&new-version=1.5.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:47:46 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
487a82eb65 Bump org.springframework.boot from 3.4.1 to 3.4.3 (#3022)
Bumps
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
from 3.4.1 to 3.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.1...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot&package-manager=gradle&previous-version=3.4.1&new-version=3.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 13:11:35 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony StirlingLudy
11a5b2e79f Bump actions/create-github-app-token from 1.11.2 to 1.11.3 (#2878)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.2 to 1.11.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.3</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3">1.11.3</a>
(2025-02-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 3
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442">8e85a3c</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/663">#663</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/662">#662</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/661">#661</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/659">#659</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/660">#660</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/658">#658</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/656">#656</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/657">#657</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/655">#655</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/731">#731</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4016">nodejs/undici#4016</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4017">nodejs/undici#4017</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4018">nodejs/undici#4018</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4008">nodejs/undici#4008</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3991">nodejs/undici#3991</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4001">nodejs/undici#4001</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3980">nodejs/undici#3980</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4003">nodejs/undici#4003</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3965">nodejs/undici#3965</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4002">nodejs/undici#4002</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4006">nodejs/undici#4006</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3956">nodejs/undici#3956</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3964">nodejs/undici#3964</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3447">nodejs/undici#3447</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3966">#3966</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3967">nodejs/undici#3967</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3971">nodejs/undici#3971</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3954">nodejs/undici#3954</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3972">nodejs/undici#3972</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3974">nodejs/undici#3974</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3976">nodejs/undici#3976</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3975">#3975</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3977">nodejs/undici#3977</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3978">nodejs/undici#3978</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3981">nodejs/undici#3981</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3983">nodejs/undici#3983</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3986">nodejs/undici#3986</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4021">#4021</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4018">#4018</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4017">#4017</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4016">#4016</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4008">#4008</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4007">#4007</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4006">#4006</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3965">#3965</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7"><code>67e27a7</code></a>
build(release): 1.11.3 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442"><code>8e85a3c</code></a>
fix(deps): bump the production-dependencies group with 3 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/136412a57a7081aa63c935a2cc2918f76c34f514...67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.2&new-version=1.11.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: Ludy <[email protected]>
2025-02-19 22:17:42 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
69c6544877 Bump io.micrometer:micrometer-core from 1.14.3 to 1.14.4 (#2927)
Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.3 to 1.14.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.14.4</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Log4j2Metrics does not work with multiple registries and non-root
loggers <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5893">#5893</a></li>
<li>Fix LongTaskTimer output for LoggingMeterRegistry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5834">#5834</a></li>
<li><code>Log4j2Metrics</code> creates more <code>MetricsFilter</code>
instances than needed <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5818">#5818</a></li>
<li>Fix unit discrepancy between Timer and FunctionTimer in
LoggingMeterRegistry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5816">#5816</a></li>
<li>Distribution bucket_counts sum does not equal the count <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/4868">#4868</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Remove obviated GraalVM native image compilation section from
Stackdriver docs <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5819">#5819</a></li>
<li>Update Docs with right contract of MeterFilter <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5480">#5480</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump com.netflix.spectator:spectator-reg-atlas from 1.8.3 to 1.8.4
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5907">#5907</a></li>
<li>Bump org.apache.httpcomponents.client5:httpclient5 from 5.4.1 to
5.4.2 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5876">#5876</a></li>
<li>Bump io.netty:netty-bom from 4.1.116.Final to 4.1.117.Final <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5872">#5872</a></li>
<li>Bump org.postgresql:postgresql from 42.7.4 to 42.7.5 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5871">#5871</a></li>
<li>Bump jersey3 from 3.1.9 to 3.1.10 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5870">#5870</a></li>
<li>Bump software.amazon.awssdk:cloudwatch from 2.29.46 to 2.29.52 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5869">#5869</a></li>
<li>Bump jetty9 from 9.4.56.v20240826 to 9.4.57.v20241219 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5868">#5868</a></li>
<li>Bump dropwizard-metrics from 4.2.29 to 4.2.30 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5867">#5867</a></li>
<li>Bump com.signalfx.public:signalfx-java from 1.0.48 to 1.0.49 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5895">#5895</a></li>
<li>Bump org.apache.commons:commons-pool2 from 2.12.0 to 2.12.1 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5865">#5865</a></li>
</ul>
<h2>📝 Tasks</h2>
<ul>
<li>Increase sleep time to avoid exemplar sampling rate limiting for
openMetricsScrapeWithExemplars() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5908">#5908</a></li>
<li>Fix flakiness in
DynatraceMeterRegistryTest.shouldTrackPercentilesWhenDynatraceSummaryInstrumentsNotUsed()
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5900">#5900</a></li>
<li>Fix flakiness in
JmsInstrumentationTests.shouldInstrumentMessageListener() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5899">#5899</a></li>
<li>Fix flakiness in JettyClientMetricsWithObservationTest.activeTimer()
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5894">#5894</a></li>
<li>Increase wait duration in
PushMeterRegistryTest.closeRespectsInterrupt() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5890">#5890</a></li>
<li>Enable TimedAspectTest.pjpFunctionThrows() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5889">#5889</a></li>
<li>Add .kotlin to .gitignore <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5888">#5888</a></li>
<li>Polish <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5886">#5886</a></li>
<li>Migrate to dependabot auto-merge function <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5874">#5874</a></li>
<li>Back-port LoggingMeterRegistry tests <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5833">#5833</a></li>
<li>Bump build machine image to ubuntu-2404:2024.11.1 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5829">#5829</a></li>
<li>Bump build JDKs to 21.0.6, 17.0.14, 11.0.26 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5828">#5828</a></li>
<li>Upgrade to Gradle Wrapper 8.12.1 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5823">#5823</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/izeye"><code>@​izeye</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/e387558fccb0d3ec1b447fc16aafb7b78ad51336"><code>e387558</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/f33456630e3e3bb53eac75ca9849ff996dcfb1f5"><code>f334566</code></a>
Increase sleep time to avoid exemplar sampling rate limiting for
openMetricsS...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/94686e88958a56def76c3d75299b84bfd7bcf5cf"><code>94686e8</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/9e4dfbf8be70eafbfd76c725b8eeacb173b181ae"><code>9e4dfbf</code></a>
Migrates post actions to java gh action</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/e44147a94202d49e4e112f48bb09ffff2df8f277"><code>e44147a</code></a>
Bump com.netflix.spectator:spectator-reg-atlas from 1.8.3 to 1.8.4 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5907">#5907</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/7c65ad65859d916c934349e6bfdcf4960403aaee"><code>7c65ad6</code></a>
Fix flakiness in
DynatraceMeterRegistryTest.shouldTrackPercentilesWhenDynatra...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/f879d3abf10bf802deda796be166c47376855787"><code>f879d3a</code></a>
Fix flakiness in
JmsInstrumentationTests.shouldInstrumentMessageListener() (#...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/20d0a9ef6eb179edc038a199921c82d4459ed54d"><code>20d0a9e</code></a>
Fix flakiness in JettyClientMetricsWithObservationTest.activeTimer() (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5894">#5894</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/fd6d438441748e3043fbdb621da9dfea19cec1fa"><code>fd6d438</code></a>
Bump com.signalfx.public:signalfx-java from 1.0.48 to 1.0.49 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5898">#5898</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/9311c173de14570946745a7e21d981762905d8e2"><code>9311c17</code></a>
Bump com.signalfx.public:signalfx-java from 1.0.48 to 1.0.49 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5895">#5895</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.3&new-version=1.14.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-19 22:08:45 +00:00
LudyandGitHub e145f25ba4 Enhance Java Development Configuration and Code Formatting (#2991)
# Description of Changes

Please provide a summary of the changes, including:

This PR improves Java development settings and code formatting by:
- Removing the deprecated `Checkstyle` extension from
`.vscode/extensions.json`.
- Updating `.vscode/settings.json` with:
  - Structured formatting for better readability.
  - Improved Java formatting with `google-java-format`.
  - Enhanced auto-save behavior.
  - Additional Java cleanup actions for better code quality.
  - Optimized project resource filtering.
  - More precise import sorting and ordering.
- Refining `build.gradle` to:
- Extend the `importOrder` rule to include `jakarta`, `lombok`, `me`,
and `stirling`.
  - Improve `spotless` formatting configurations.

These changes streamline the development workflow, enhance code
consistency, and improve maintainability.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-02-19 21:41:02 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
554c112a94 Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#2980)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.4 to 2.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.4&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-18 12:07:08 +00:00