Commit Graph
100 Commits
Author SHA1 Message Date
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6aad45fcec Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#3034)
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.0 to 4.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.2.2 package by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a>
from actions/yacaovsnc/artifact_2.2.2</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a>
license cache update for artifact</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a>
Update to use artifact 2.2.2 package</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.0&new-version=4.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-23 19:55:08 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ec5018cc80 Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#3033)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action)
from 2.4.0 to 2.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>This update bumps the Scorecard version to the v5.1.1 release. For a
complete list of changes, please refer to the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a>
release notes.</li>
<li>Publishing results now uses half the API quota as before. The exact
savings depends on the repository in question.
<ul>
<li>use Scorecard library entrypoint instead of Cobra hooking by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li>
</ul>
</li>
<li>Some errors were made into annotations to make them more visible
<ul>
<li>Make default branch error more prominent by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li>
</ul>
</li>
<li>There is now an optional <code>file_mode</code> input which controls
how repository files are fetched from GitHub. The default is
<code>archive</code>, but <code>git</code> produces the most accurate
results for repositories with <code>.gitattributes</code> files at the
cost of analysis speed.
<ul>
<li>add input for specifying <code>--file-mode</code> by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li>
</ul>
</li>
<li>The underlying container for the action is now <a
href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted
on GitHub Container Registry</a>. There should be no functional changes.
<ul>
<li>🌱 publish docker images to GitHub Container Registry by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Installation docs update by <a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
made their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
<li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made
their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a>
<strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a>
bump docker to ghcr v2.4.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a>
🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a>
omit vcs info from build (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a>
add input for specifying <code>--file-mode</code> (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a>
🌱 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a>
🌱 Bump golang from 1.23.6 to 1.24.0 in the docker-images group
(<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a>
Limit codeQL push trigger to main branch (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a>
upgrade scorecard to v5.1.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.4.0&new-version=2.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-23 19:55:02 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f6654a06d9 Bump springBootVersion from 3.4.2 to 3.4.3 (#3007)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps `springBootVersion` from 3.4.2 to 3.4.3.
Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.2 to
3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-web's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.2
to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-jetty's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from
3.4.2 to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-thymeleaf's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-security` from
3.4.2 to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-security's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from
3.4.2 to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-data-jpa's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-oauth2-client`
from 3.4.2 to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-oauth2-client's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.2
to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-test's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot:spring-boot-starter-actuator` from
3.4.2 to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-actuator's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double inst...

_Description has been truncated_

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 23:37:53 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
219adb99ec Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.2 to 6.4.3 (#3009)
Bumps
[org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security)
from 6.4.2 to 6.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add Support disableDefaultRegistrationPage to WebAuthnDsl <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16395">#16395</a></li>
</ul>
<h2>🪲 Bug Fixes</h2>
<ul>
<li><code>withValue</code> used incorrectly <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16527">#16527</a></li>
<li>Fix for JdbcOneTimeTokenService cleanupExpiredTokens failing with
PostgreSQL <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16344">#16344</a></li>
<li>Fix GenerateOneTimeTokenWebFilter double publish of
chain.filter(...) <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16459">#16459</a></li>
<li>Fix Kotlin DSL webAuthn { } <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16338">#16338</a></li>
<li>Fix loader has changed while resolving nodes in
WebAuthnWebDriverTests <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16463">#16463</a></li>
<li>Fix logoutRequestRepository not set on
Saml2RelyingPartyInitiatedLogoutSuccessHandler <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16310">#16310</a></li>
<li>Implement <code>Serializable</code> for WebAuthnAuthentication <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16285">#16285</a></li>
<li>Make AuthorizationDecision Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16544">#16544</a></li>
<li>Make PublicKeyCredentialRequestOptions Serializable Backport <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16584">#16584</a></li>
<li>Make Saml2AuthenticationToken Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16287">#16287</a></li>
<li>Make WebAuthnAuthentication Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16273">#16273</a></li>
<li>Make WebAuthnAuthenticationRequestToken Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16602">#16602</a></li>
<li>Make WebAuthnAuthenticationTokenRequest Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16481">#16481</a></li>
<li>Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2
login and OAuth2 client configuration <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16466">#16466</a></li>
<li>OTT Should Use non-static member to capture the last OneTimeToken <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16471">#16471</a></li>
<li>webauthn js should ensure allowCredentials[].id is an ArrayBuffer <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16440">#16440</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16364">#16364</a></li>
<li>Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16598">#16598</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.28.4.RELEASE to
0.28.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16523">#16523</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16565">#16565</a></li>
<li>Bump io.mockk:mockk from 1.13.14 to 1.13.16 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16399">#16399</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16576">#16576</a></li>
<li>Bump io.rsocket:rsocket-bom from 1.1.4 to 1.1.5 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16534">#16534</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to
6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16610">#16610</a></li>
<li>Bump org.junit:junit-bom from 5.11.3 to 5.11.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16292">#16292</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16611">#16611</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/16597">#16597</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/16599">#16599</a></li>
<li>Update to oauth2-oidc-sdk 9.43.5 <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16583">#16583</a></li>
</ul>
<h2>🔩 Build Updates</h2>
<ul>
<li>Add TestBytes <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16461">#16461</a></li>
<li>Troubleshoot missing GChat notifications <a
href="https://redirect.github.com/spring-projects/spring-security/issues/16424">#16424</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/Kehrlann"><code>@​Kehrlann</code></a>, <a
href="https://github.com/NeoTraveler"><code>@​NeoTraveler</code></a>, <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot],
<a
href="https://github.com/franticticktick"><code>@​franticticktick</code></a>,
<a href="https://github.com/making"><code>@​making</code></a>, and <a
href="https://github.com/ngocnhan-tran1996"><code>@​ngocnhan-tran1996</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/e7431a3a72e37d18bdaf5909ddf3a459bf2fa7fd"><code>e7431a3</code></a>
Release 6.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/d2f825bc74b7afab7004aab4be373487e5ff7fcd"><code>d2f825b</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/6fcbc0ea2a61a774f9b105a245f799e04edaebbe"><code>6fcbc0e</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to
6.6.8.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/efe50dd0ebf44cd9bc401f054c1635f8ec1a8867"><code>efe50dd</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/06026684e518471a7e74ae8676e6cc8378d722b9"><code>0602668</code></a>
Bump org.springframework.data:spring-data-bom from 2024.0.8 to
2024.0.9</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/946812691e5b9c6820060b2bfef95ecb69462c38"><code>9468126</code></a>
Make AuthenticatorAttestation Serializable</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/b5a4218a0bfd91220a4cf38cdefa93ee1f4f5c26"><code>b5a4218</code></a>
Make WebAuthnAuthenticationRequestToken Serializable</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/9e1a573531e2833c2b150924d28c15a5d22d7a09"><code>9e1a573</code></a>
Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/309daf565d4322297cdaa7ee1bc624d7c1f33408"><code>309daf5</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/c3d45ae529bf8eec2a6c56b78c6bc39ba2a1e0db"><code>c3d45ae</code></a>
Bump org.springframework:spring-framework-bom from 6.1.16 to 6.1.17</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.4.2...6.4.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.security:spring-security-saml2-service-provider&package-manager=gradle&previous-version=6.4.2&new-version=6.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 23:37:22 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
23a7b11a74 Bump org.springframework.session:spring-session-core from 3.4.1 to 3.4.2 (#3014)
Bumps
[org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session)
from 3.4.1 to 3.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's
releases</a>.</em></p>
<blockquote>
<h2>3.4.2</h2>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump ch-qos-logback from 1.5.12 to 1.5.13 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3304">#3304</a></li>
<li>Bump ch-qos-logback from 1.5.13 to 1.5.14 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3306">#3306</a></li>
<li>Bump ch-qos-logback from 1.5.14 to 1.5.15 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3309">#3309</a></li>
<li>Bump ch-qos-logback from 1.5.15 to 1.5.16 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3315">#3315</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3324">#3324</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3336">#3336</a></li>
<li>Bump io.projectreactor:reactor-core from 3.6.13 to 3.6.14 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3337">#3337</a></li>
<li>Bump org-springframework-boot from 3.3.6 to 3.3.7 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3307">#3307</a></li>
<li>Bump org-springframework-boot from 3.3.7 to 3.3.8 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3332">#3332</a></li>
<li>Bump org.postgresql:postgresql from 42.7.4 to 42.7.5 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3325">#3325</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.1 to
2024.1.2 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3328">#3328</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3339">#3339</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3326">#3326</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 <a
href="https://redirect.github.com/spring-projects/spring-session/pull/3338">#3338</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-session/commit/d600674f133157604ddee36fa6cf0b0bb214e996"><code>d600674</code></a>
Release 3.4.2</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/39dd594d667df62031105338a72b5817624bd198"><code>39dd594</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.2 to
2024.1.3</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/1f7439e28a16ae4692c798f413d1de4a4a6c3cb7"><code>1f7439e</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.1 to
2024.1.2</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/5fa21f19a34f968f0a96b821d7ac11793b16deec"><code>5fa21f1</code></a>
Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/8a6a5c0d0e29eb91f01099bbbf188aade6a9c53e"><code>8a6a5c0</code></a>
Bump io.projectreactor:reactor-core from 3.6.13 to 3.6.14</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/495dc471bd6a83c47c13cf2b42fc02f74f564faf"><code>495dc47</code></a>
Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/e902d3f11adb8b0d3030264c1662f116777bd753"><code>e902d3f</code></a>
Bump org-springframework-boot from 3.3.7 to 3.3.8</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/6ad1989745ec0fd9e8b8be4b738d6224faaaf861"><code>6ad1989</code></a>
Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/4283df46ac6dcd15aad266eaea2c958264b63f62"><code>4283df4</code></a>
Bump org.postgresql:postgresql from 42.7.4 to 42.7.5</li>
<li><a
href="https://github.com/spring-projects/spring-session/commit/13088c6ac75f5cf0d3b78ec8c2980d64dfaccb82"><code>13088c6</code></a>
Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-session/compare/3.4.1...3.4.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.session:spring-session-core&package-manager=gradle&previous-version=3.4.1&new-version=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 23:28:21 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Ludy
880ca6af7f Bump actions/create-github-app-token from 1.11.3 to 1.11.5 (#3008)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.3 to 1.11.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.5</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.4...v1.11.5">1.11.5</a>
(2025-02-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/request</code> from
9.2.0 to 9.2.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67">8cedd97</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/737">#737</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/736">#736</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/735">#735</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/734">#734</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/733">#733</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/732">#732</a></li>
<li><strong>deps:</strong> bump <code>@​octokit/request-error</code>
from 6.1.6 to 6.1.7 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566">415f6a5</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/494">#494</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/491">#491</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/490">#490</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/488">#488</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/486">#486</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/487">#487</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/485">#485</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/484">#484</a></li>
</ul>
<h2>v1.11.4</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.3...v1.11.4">1.11.4</a>
(2025-02-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/endpoint</code> from
10.1.1 to 10.1.3 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535">d30def8</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/514">#514</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/512">#512</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/511">#511</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/509">#509</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/508">#508</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/506">#506</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/505">#505</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/504">#504</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0d564482f06ca65fa9e77e2510873638c82206f2"><code>0d56448</code></a>
build(release): 1.11.5 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67"><code>8cedd97</code></a>
fix(deps): bump <code>@​octokit/request</code> from 9.2.0 to 9.2.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566"><code>415f6a5</code></a>
fix(deps): bump <code>@​octokit/request-error</code> from 6.1.6 to 6.1.7
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c14f92a8f9fd9aff60349b9d5bb2f2d9933926bd"><code>c14f92a</code></a>
build(release): 1.11.4 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535"><code>d30def8</code></a>
fix(deps): bump <code>@​octokit/endpoint</code> from 10.1.1 to 10.1.3
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a5be4722a6091c4e20293de271822a5532f23326"><code>a5be472</code></a>
build(deps-dev): bump esbuild from 0.24.2 to 0.25.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/206">#206</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7...0d564482f06ca65fa9e77e2510873638c82206f2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.3&new-version=1.11.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludy <[email protected]>
2025-02-22 22:55:09 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3797a6827c Bump docker/build-push-action from 6.13.0 to 6.14.0 (#3012)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.13.0 to 6.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.14.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.53.0 to 0.55.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1324">docker/build-push-action#1324</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0">https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/0adf9959216b96bec444f325f1e493d4aa344497"><code>0adf995</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1324">#1324</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d88cd289df60c51a4111f165d65e205c8e913937"><code>d88cd28</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/3d09a6bd705280a63155d5f61da35bb42301fe96"><code>3d09a6b</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.55.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/ca877d9245402d1537745e0e356eab47c3520991...0adf9959216b96bec444f325f1e493d4aa344497">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.13.0&new-version=6.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:54:43 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0f5d95661c Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#3010)
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.8.0 to 3.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.1</h2>
<h2>What's Changed</h2>
<ul>
<li>use cosign 2.4.3 and other updates by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/182">sigstore/cosign-installer#182</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a"><code>d7d6bc7</code></a>
use cosign 2.4.3 and other updates (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/182">#182</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/c56c2d3e59e4281cc41dea2217323ba5694b171e...d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.8.0&new-version=3.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:49:28 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d5aea7f0b6 Bump ch.qos.logback:logback-core from 1.5.15 to 1.5.16 (#3011)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback)
from 1.5.15 to 1.5.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.16</h2>
<p><strong>2025-01-05 Release of logback version 1.5.16</strong></p>
<p>• In order to ease the migration of configuration files depending on
JaninoEventEvaluator, logback-classic will emit a warning about the
removal of JaninoEventEvaluator in version 1.5.13 and suggest an online
migration tool.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag
v_1.5.16. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/74c9ebd0e784d9e9ffc6c627cf5016d0157956b2"><code>74c9ebd</code></a>
prepare release 1.5.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/9308a58e65ad415a86377f86e3f0e338a5167e66"><code>9308a58</code></a>
javadocs structure changed</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8935470736a395429ebcd0fbf75794a83ca37cec"><code>8935470</code></a>
adapt test to SLF4J version 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/cb603698a1910e9dce1f5d39a2e51cd757eb40e0"><code>cb60369</code></a>
addded StubEventEvaluator as default class for evaluator element so as
to dir...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/1da2f171dc108a2576eb33918198db7f755b1224"><code>1da2f17</code></a>
bump jxr version</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5bde644c2659115790161256016b678ee0d957d1"><code>5bde644</code></a>
bump slf4j version to 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/aa2ebae414530c458dca2892351135d617474286"><code>aa2ebae</code></a>
remove stax related code</li>
<li><a
href="https://github.com/qos-ch/logback/commit/80db86b54892d5af85b6ee69b1e97a097f64f6bd"><code>80db86b</code></a>
fix issues/860</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a8a2303ba3afeb5b26a90412501a6d1057d17669"><code>a8a2303</code></a>
start work on 1.5.16-SNAPSHOT</li>
<li><a
href="https://github.com/qos-ch/logback/commit/bf14c2c7f657f7d255a7fe9cb156b1913e99ca3c"><code>bf14c2c</code></a>
minor javadoc update</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-core&package-manager=gradle&previous-version=1.5.15&new-version=1.5.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:49:13 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0412263d01 Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 (#3015)
Bumps
[ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from
1.5.15 to 1.5.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.16</h2>
<p><strong>2025-01-05 Release of logback version 1.5.16</strong></p>
<p>• In order to ease the migration of configuration files depending on
JaninoEventEvaluator, logback-classic will emit a warning about the
removal of JaninoEventEvaluator in version 1.5.13 and suggest an online
migration tool.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag
v_1.5.16. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/74c9ebd0e784d9e9ffc6c627cf5016d0157956b2"><code>74c9ebd</code></a>
prepare release 1.5.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/9308a58e65ad415a86377f86e3f0e338a5167e66"><code>9308a58</code></a>
javadocs structure changed</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8935470736a395429ebcd0fbf75794a83ca37cec"><code>8935470</code></a>
adapt test to SLF4J version 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/cb603698a1910e9dce1f5d39a2e51cd757eb40e0"><code>cb60369</code></a>
addded StubEventEvaluator as default class for evaluator element so as
to dir...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/1da2f171dc108a2576eb33918198db7f755b1224"><code>1da2f17</code></a>
bump jxr version</li>
<li><a
href="https://github.com/qos-ch/logback/commit/5bde644c2659115790161256016b678ee0d957d1"><code>5bde644</code></a>
bump slf4j version to 2.0.16</li>
<li><a
href="https://github.com/qos-ch/logback/commit/aa2ebae414530c458dca2892351135d617474286"><code>aa2ebae</code></a>
remove stax related code</li>
<li><a
href="https://github.com/qos-ch/logback/commit/80db86b54892d5af85b6ee69b1e97a097f64f6bd"><code>80db86b</code></a>
fix issues/860</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a8a2303ba3afeb5b26a90412501a6d1057d17669"><code>a8a2303</code></a>
start work on 1.5.16-SNAPSHOT</li>
<li><a
href="https://github.com/qos-ch/logback/commit/bf14c2c7f657f7d255a7fe9cb156b1913e99ca3c"><code>bf14c2c</code></a>
minor javadoc update</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ch.qos.logback:logback-classic&package-manager=gradle&previous-version=1.5.15&new-version=1.5.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 22:47:46 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
487a82eb65 Bump org.springframework.boot from 3.4.1 to 3.4.3 (#3022)
Bumps
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
from 3.4.1 to 3.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.3</h2>
<h2> New Features</h2>
<ul>
<li>Add TWENTY_FOUR to JavaVersion enum <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Console output may be lost when using Log4j2 with something that
replaces System.out <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li>
<li>Maven plugin does not consistently use ArgFile for classpath
argument on Windows <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li>
<li>Reactive Jetty web server does not fail fast when configured to use
a server name bundle which Jetty does not support <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li>
<li>When web server application context refresh fails, the original
failure is lost if stopping or destroying the web server throws an
exception <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li>
<li>View resolver for Thymeleaf should back off if spring-webmvc is not
present <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li>
<li>WebServer is not destroyed when ReactiveWebServerApplicationContext
refresh fails <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li>
<li>Non-default DataSource candidates are not considered in
H2ConsoleAutoConfiguration <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li>
<li>Banner placeholder and defaults do not work during development <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li>
<li>Mustache templates return with ISO-8859-1 charset rather than UTF-8
in Content-Type response header <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li>
<li>Servlet EndpointRequest doesn't match web server namespace correctly
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li>
<li>java.lang.ClassCastException when using default management security
with WebFlux and health probes enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li>
<li>Logback configuration that relies on inner-classes does not work in
a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li>
<li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or
3.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li>
<li>Metrics and health do not include non-default candidate beans <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Document that auto-configuration classes should be identified using
their binary names <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li>
<li>Correct typo in MVC security when explaining when UserDetailsService
auto-configuration will back off <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li>
<li>Link to JarLauncher's javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li>
<li>When using observability annotations, recommend that care is taken
to avoid double instrumentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li>
<li>Fix typo in Running Your Application <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li>
<li>Document Kubernetes preStop handler when using a Docker image
without a shell <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li>
<li>Source snippet in Developing Your First Spring Boot Application
section uses the root package <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li>
<li>Correct the location of MyApplication.java in &quot;Developing Your
First Spring Boot Application&quot; <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li>
<li>Add links to Jackson Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li>
<li>Warn that some Quartz database schema scripts must be modified
before use <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Upgrade to Commons Pool2 2.12.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li>
<li>Upgrade to Couchbase Client 3.7.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li>
<li>Upgrade to Groovy 4.0.25 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li>
<li>Upgrade to Hibernate 6.6.8.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li>
<li>Upgrade to HttpClient5 5.4.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li>
<li>Upgrade to HttpCore5 5.3.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li>
<li>Upgrade to Infinispan 15.0.13.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li>
<li>Upgrade to jOOQ 3.19.19 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li>
<li>Upgrade to Json-smart 2.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li>
<li>Upgrade to Maven Clean Plugin 3.4.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li>
<li>Upgrade to Micrometer 1.14.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li>
<li>Upgrade to Micrometer Tracing 1.4.3 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li>
<li>Upgrade to Native Build Tools Plugin 0.10.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a>
Release v3.4.3</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a>
Next development version (v3.3.10-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a>
from nosan</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a>
Register Log42J StatusListener</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a>
Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a>
Merge branch '3.3.x' into 3.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a>
Protect against NoSuchMethodException on setReadOnly</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a>
Upgrade to Testcontainers Redis Module 2.2.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a>
Upgrade to Testcontainers 1.20.5</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.4.1...v3.4.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot&package-manager=gradle&previous-version=3.4.1&new-version=3.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-22 13:11:35 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony StirlingLudy
11a5b2e79f Bump actions/create-github-app-token from 1.11.2 to 1.11.3 (#2878)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.2 to 1.11.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.3</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3">1.11.3</a>
(2025-02-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 3
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442">8e85a3c</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/663">#663</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/662">#662</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/661">#661</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/659">#659</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/660">#660</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/658">#658</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/656">#656</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/657">#657</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/655">#655</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/731">#731</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4016">nodejs/undici#4016</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4017">nodejs/undici#4017</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4018">nodejs/undici#4018</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4008">nodejs/undici#4008</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3991">nodejs/undici#3991</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4001">nodejs/undici#4001</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3980">nodejs/undici#3980</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4003">nodejs/undici#4003</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3965">nodejs/undici#3965</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4002">nodejs/undici#4002</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4006">nodejs/undici#4006</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3956">nodejs/undici#3956</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3964">nodejs/undici#3964</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3447">nodejs/undici#3447</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3966">#3966</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3967">nodejs/undici#3967</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3971">nodejs/undici#3971</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3954">nodejs/undici#3954</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3972">nodejs/undici#3972</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3974">nodejs/undici#3974</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3976">nodejs/undici#3976</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3975">#3975</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3977">nodejs/undici#3977</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3978">nodejs/undici#3978</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3981">nodejs/undici#3981</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3983">nodejs/undici#3983</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3986">nodejs/undici#3986</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4021">#4021</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4018">#4018</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4017">#4017</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4016">#4016</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4008">#4008</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4007">#4007</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4006">#4006</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3965">#3965</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7"><code>67e27a7</code></a>
build(release): 1.11.3 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442"><code>8e85a3c</code></a>
fix(deps): bump the production-dependencies group with 3 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/136412a57a7081aa63c935a2cc2918f76c34f514...67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.2&new-version=1.11.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: Ludy <[email protected]>
2025-02-19 22:17:42 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
69c6544877 Bump io.micrometer:micrometer-core from 1.14.3 to 1.14.4 (#2927)
Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.3 to 1.14.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.14.4</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Log4j2Metrics does not work with multiple registries and non-root
loggers <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5893">#5893</a></li>
<li>Fix LongTaskTimer output for LoggingMeterRegistry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5834">#5834</a></li>
<li><code>Log4j2Metrics</code> creates more <code>MetricsFilter</code>
instances than needed <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5818">#5818</a></li>
<li>Fix unit discrepancy between Timer and FunctionTimer in
LoggingMeterRegistry <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5816">#5816</a></li>
<li>Distribution bucket_counts sum does not equal the count <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/4868">#4868</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Remove obviated GraalVM native image compilation section from
Stackdriver docs <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5819">#5819</a></li>
<li>Update Docs with right contract of MeterFilter <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5480">#5480</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump com.netflix.spectator:spectator-reg-atlas from 1.8.3 to 1.8.4
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5907">#5907</a></li>
<li>Bump org.apache.httpcomponents.client5:httpclient5 from 5.4.1 to
5.4.2 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5876">#5876</a></li>
<li>Bump io.netty:netty-bom from 4.1.116.Final to 4.1.117.Final <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5872">#5872</a></li>
<li>Bump org.postgresql:postgresql from 42.7.4 to 42.7.5 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5871">#5871</a></li>
<li>Bump jersey3 from 3.1.9 to 3.1.10 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5870">#5870</a></li>
<li>Bump software.amazon.awssdk:cloudwatch from 2.29.46 to 2.29.52 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5869">#5869</a></li>
<li>Bump jetty9 from 9.4.56.v20240826 to 9.4.57.v20241219 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5868">#5868</a></li>
<li>Bump dropwizard-metrics from 4.2.29 to 4.2.30 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5867">#5867</a></li>
<li>Bump com.signalfx.public:signalfx-java from 1.0.48 to 1.0.49 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5895">#5895</a></li>
<li>Bump org.apache.commons:commons-pool2 from 2.12.0 to 2.12.1 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5865">#5865</a></li>
</ul>
<h2>📝 Tasks</h2>
<ul>
<li>Increase sleep time to avoid exemplar sampling rate limiting for
openMetricsScrapeWithExemplars() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5908">#5908</a></li>
<li>Fix flakiness in
DynatraceMeterRegistryTest.shouldTrackPercentilesWhenDynatraceSummaryInstrumentsNotUsed()
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5900">#5900</a></li>
<li>Fix flakiness in
JmsInstrumentationTests.shouldInstrumentMessageListener() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5899">#5899</a></li>
<li>Fix flakiness in JettyClientMetricsWithObservationTest.activeTimer()
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5894">#5894</a></li>
<li>Increase wait duration in
PushMeterRegistryTest.closeRespectsInterrupt() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5890">#5890</a></li>
<li>Enable TimedAspectTest.pjpFunctionThrows() <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5889">#5889</a></li>
<li>Add .kotlin to .gitignore <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5888">#5888</a></li>
<li>Polish <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5886">#5886</a></li>
<li>Migrate to dependabot auto-merge function <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5874">#5874</a></li>
<li>Back-port LoggingMeterRegistry tests <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5833">#5833</a></li>
<li>Bump build machine image to ubuntu-2404:2024.11.1 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5829">#5829</a></li>
<li>Bump build JDKs to 21.0.6, 17.0.14, 11.0.26 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5828">#5828</a></li>
<li>Upgrade to Gradle Wrapper 8.12.1 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5823">#5823</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/izeye"><code>@​izeye</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/e387558fccb0d3ec1b447fc16aafb7b78ad51336"><code>e387558</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/f33456630e3e3bb53eac75ca9849ff996dcfb1f5"><code>f334566</code></a>
Increase sleep time to avoid exemplar sampling rate limiting for
openMetricsS...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/94686e88958a56def76c3d75299b84bfd7bcf5cf"><code>94686e8</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/9e4dfbf8be70eafbfd76c725b8eeacb173b181ae"><code>9e4dfbf</code></a>
Migrates post actions to java gh action</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/e44147a94202d49e4e112f48bb09ffff2df8f277"><code>e44147a</code></a>
Bump com.netflix.spectator:spectator-reg-atlas from 1.8.3 to 1.8.4 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5907">#5907</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/7c65ad65859d916c934349e6bfdcf4960403aaee"><code>7c65ad6</code></a>
Fix flakiness in
DynatraceMeterRegistryTest.shouldTrackPercentilesWhenDynatra...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/f879d3abf10bf802deda796be166c47376855787"><code>f879d3a</code></a>
Fix flakiness in
JmsInstrumentationTests.shouldInstrumentMessageListener() (#...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/20d0a9ef6eb179edc038a199921c82d4459ed54d"><code>20d0a9e</code></a>
Fix flakiness in JettyClientMetricsWithObservationTest.activeTimer() (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5894">#5894</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/fd6d438441748e3043fbdb621da9dfea19cec1fa"><code>fd6d438</code></a>
Bump com.signalfx.public:signalfx-java from 1.0.48 to 1.0.49 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5898">#5898</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/9311c173de14570946745a7e21d981762905d8e2"><code>9311c17</code></a>
Bump com.signalfx.public:signalfx-java from 1.0.48 to 1.0.49 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5895">#5895</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.3&new-version=1.14.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-19 22:08:45 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
554c112a94 Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#2980)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.4 to 2.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.4&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-18 12:07:08 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony StirlingLudy
c1d7217242 Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#2901)
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.7.0 to 3.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>test action against all non-rc releases, verify entry in rekor log
by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/179">sigstore/cosign-installer#179</a></li>
<li>bump for cosign v2.4.2 release by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/181">sigstore/cosign-installer#181</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/c56c2d3e59e4281cc41dea2217323ba5694b171e"><code>c56c2d3</code></a>
Bump actions/setup-go from 5.2.0 to 5.3.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/180">#180</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/02e36b8dc8964c61cece8f1014b0e71c92325430"><code>02e36b8</code></a>
bump for cosign v2.4.2 release (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/181">#181</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/789d2886c082e8fb7b9710810b73c3f0840573ed"><code>789d288</code></a>
test action against all non-rc releases, verify entry in rekor log (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/179">#179</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/e11c0892438d2c0a48e49dee376e4883f10f2e59"><code>e11c089</code></a>
Bump actions/setup-go from 5.1.0 to 5.2.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/178">#178</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/718228a5f85f61170ad5c3ea6c0e9871cc92f1c5"><code>718228a</code></a>
Bump actions/setup-go from 5.0.2 to 5.1.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/176">#176</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/325063e39f66c2e5225e4c88c8979af292c04829"><code>325063e</code></a>
Bump actions/checkout from 4.2.1 to 4.2.2 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/177">#177</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/b929758a8661a1dc05fce750bdb02eef5acf2c37"><code>b929758</code></a>
Bump actions/checkout from 4.2.0 to 4.2.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/175">#175</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da...c56c2d3e59e4281cc41dea2217323ba5694b171e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.7.0&new-version=3.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: Ludy <[email protected]>
2025-02-17 10:24:25 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
708ede5e26 Bump alpine from 3.21.2 to 3.21.3 (#2961)
Bumps alpine from 3.21.2 to 3.21.3.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine&package-manager=docker&previous-version=3.21.2&new-version=3.21.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-17 10:21:40 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5f81ff88e8 Bump github/codeql-action from 3.28.8 to 3.28.9 (#2921)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.8 to 3.28.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.9</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.9/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0"><code>9e8d078</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2757">#2757</a>
from github/update-v3.28.9-24e1c2d33</li>
<li><a
href="https://github.com/github/codeql-action/commit/43d9be670147092b305c63cf69481e8923af83b7"><code>43d9be6</code></a>
Update changelog for v3.28.9</li>
<li><a
href="https://github.com/github/codeql-action/commit/24e1c2d337459cce262cbca8d69998e56cd5eb8e"><code>24e1c2d</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2753">#2753</a>
from github/update-bundle/codeql-bundle-v2.20.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/57a08c0c7f05d4d8251162c9658ddd7cc7782198"><code>57a08c0</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/52189d23af4e071445f59d2e6fbbac566e49f15b"><code>52189d2</code></a>
Update default bundle to codeql-bundle-v2.20.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/08bc0cf022445eacafaa248bf48da20f26b8fd40"><code>08bc0cf</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2751">#2751</a>
from github/henrymercer/fix-init-post-without-config</li>
<li><a
href="https://github.com/github/codeql-action/commit/cf7c6879199cf6eb2a002d3b2530ea1e4ce99610"><code>cf7c687</code></a>
Send <code>init-post</code> status report in absence of config</li>
<li><a
href="https://github.com/github/codeql-action/commit/ad42dbd32d472b6fe380130655e27089c7eac343"><code>ad42dbd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2750">#2750</a>
from github/dependabot/npm_and_yarn/npm-768bd9b555</li>
<li><a
href="https://github.com/github/codeql-action/commit/a8f5935da08829e657dfc18d887df9385685a20a"><code>a8f5935</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2749">#2749</a>
from github/dependabot/github_actions/actions-29d379...</li>
<li><a
href="https://github.com/github/codeql-action/commit/9660df3fccdf5b20ab86e041325c17a2204cc1ae"><code>9660df3</code></a>
Update checked-in dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/dd746615b3b9d728a6a37ca2045b68ca76d4841a...9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.8&new-version=3.28.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-10 10:51:50 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bc3340f3ba Bump docker/setup-buildx-action from 3.8.0 to 3.9.0 (#2922)
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.8.0 to 3.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca"><code>f7ce87c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/404">#404</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/aa1e2a0b496d6cd3474071c7b0ab0eea5948de3a"><code>aa1e2a0</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/673e00877621ac201ca3084ec053b85e9b65063e"><code>673e008</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.54.0</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/ba31df4664624f17e1b1ef1c9c85ed1ca9463a6d"><code>ba31df4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/402">#402</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/5475af18ec6f58d53e9452495e8db373e6dcb469"><code>5475af1</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/acacad903e45f670c1e2d4638f4ee5f24b03e6b6"><code>acacad9</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.48.0 to
0.53.0</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/6a25f988bdfa969e96a38fc9f843ea31e0b5df27"><code>6a25f98</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/396">#396</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/ca1af179f5dc207dc723446d832eb3f77d3912dc"><code>ca1af17</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="https://github.com/docker/setup-buildx-action/compare/6524bf65af31da8d45b59e8c27de4bd072b392f5...f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.8.0&new-version=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-10 10:51:41 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
f9963a2316 Bump actions/upload-artifact from 4.3.1 to 4.6.0 (#2879)
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.3.1 to 4.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Expose env vars to control concurrency and timeout by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/662">actions/upload-artifact#662</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.0">https://github.com/actions/upload-artifact/compare/v4...v4.6.0</a></p>
<h2>v4.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: deprecated <code>Node.js</code> version in action by <a
href="https://github.com/hamirmahal"><code>@​hamirmahal</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li>
<li>Add new <code>artifact-digest</code> output by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/hamirmahal"><code>@​hamirmahal</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li>
<li><a href="https://github.com/bdehamer"><code>@​bdehamer</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0">https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0</a></p>
<h2>v4.4.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Undo indirect dependency updates from <a
href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a>
by <a href="https://github.com/joshmgross"><code>@​joshmgross</code></a>
in <a
href="https://redirect.github.com/actions/upload-artifact/pull/632">actions/upload-artifact#632</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3">https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3</a></p>
<h2>v4.4.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@actions/artifact</code> to 2.1.11 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/627">actions/upload-artifact#627</a>
<ul>
<li>Includes fix for relative symlinks not resolving properly</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2">https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2</a></p>
<h2>v4.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add a section about hidden files by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/607">actions/upload-artifact#607</a></li>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/621">actions/upload-artifact#621</a></li>
<li>Update <code>@​actions/artifact</code> to latest version, includes
symlink and timeout fixes by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/625">actions/upload-artifact#625</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/621">actions/upload-artifact#621</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1">https://github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1</a></p>
<h2>v4.4.0</h2>
<h2>Notice: Breaking Changes ⚠️</h2>
<p>We will no longer include hidden files and folders by default in the
<code>upload-artifact</code> action of this version. This reduces the
risk that credentials are accidentally uploaded into artifacts.
Customers who need to continue to upload these files can use a new
option, <code>include-hidden-files</code>, to continue to do so.</p>
<p>See <a
href="https://github.blog/changelog/2024-08-19-notice-of-upcoming-deprecations-and-breaking-changes-in-github-actions-runners/">&quot;Notice
of upcoming deprecations and breaking changes in GitHub Actions
runners&quot;</a> changelog and <a
href="https://redirect.github.com/actions/upload-artifact/issues/602">this
issue</a> for more details.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08"><code>65c4c4a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/662">#662</a>
from actions/yacaovsnc/add_variable_for_concurrency_a...</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/020761922861c5b0a0a9b98ae4adccf1f675862c"><code>0207619</code></a>
move files back to satisfy licensed ci</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/1ecca81102de35b6c140e930a09ea6144c27abf1"><code>1ecca81</code></a>
licensed cache updates</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/97422693d3a0493fc2d725fe8c0ac1c1097e9128"><code>9742269</code></a>
Expose env vars to controll concurrency and timeout</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/6f51ac03b9356f520e9adb1b1b7802705f340c2b"><code>6f51ac0</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/656">#656</a>
from bdehamer/bdehamer/artifact-digest</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/c40c16d999899d3642ba1597014ba7ef8ff611e7"><code>c40c16d</code></a>
add new artifact-digest output</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/735efb4a0a50bb1a533b000483f2d0a23effbd26"><code>735efb4</code></a>
bump <code>@​actions/artifact</code> from 2.1.11 to 2.2.0</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/184d73b71b93c222403b2e7f1ffebe4508014249"><code>184d73b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/578">#578</a>
from hamirmahal/fix/deprecated-nodejs-usage-in-action</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b4a0a984a056f94abb1db07895e844b9422e1e41"><code>b4a0a98</code></a>
Merge branch 'main' into fix/deprecated-nodejs-usage-in-action</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882"><code>b4b15b8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/632">#632</a>
from actions/joshmgross/undo-dependency-changes</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/upload-artifact/compare/v4.3.1...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.1&new-version=4.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-10 10:47:45 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
0aeb22e7c8 Bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#2902)
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.3.0 to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/193">docker/setup-qemu-action#193</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/197">docker/setup-qemu-action#197</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0">https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/4574d27a4764455b42196d70a065bc6853246a25"><code>4574d27</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/195">#195</a>
from radarhere/patch-1</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7a38281c3546ccdb3cedcebedb702dd0cbde7836"><code>7a38281</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/197">#197</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7a1c63f9e5c282d0c95da1f77892cf8c8c73d8a1"><code>7a1c63f</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.54.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/2825a1268fb8489c1191bf37f6dacdd9be57a0c6"><code>2825a12</code></a>
Fixed typo</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/f30d974279f970cd3ed4ee3bcf1ff7795e271f00"><code>f30d974</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/193">#193</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/568bf0683b44cd63a947ab731d3ab8f7a92eb901"><code>568bf06</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/a1aad7b5f5e239fca9be1aa9b4621816ef297d84"><code>a1aad7b</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.49.0 to
0.53.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/e5daf5da4ebfd37300852e88eac67cc6ad147f38"><code>e5daf5d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/189">#189</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/faec242d1f0d2bfa2d6a297ff61687ce6c005846"><code>faec242</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="https://github.com/docker/setup-qemu-action/compare/53851d14592bedcffcf25ea515637cff71ef929a...4574d27a4764455b42196d70a065bc6853246a25">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-10 10:47:34 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
e382d254ee Bump org.panteleyev.jpackageplugin from 1.6.0 to 1.6.1 (#2851)
Bumps org.panteleyev.jpackageplugin from 1.6.0 to 1.6.1.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.panteleyev.jpackageplugin&package-manager=gradle&previous-version=1.6.0&new-version=1.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-04 21:04:49 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
b9bfcd59cd Bump gradle/actions from 4.2.2 to 4.3.0 (#2870)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.2 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<p>This release brings some significant improvements to cache-cleanup
and dependency-submission:</p>
<ul>
<li>Cleanup cache entries written by newly released Gradle versions (<a
href="https://redirect.github.com/gradle/actions/issues/436">#436</a>)</li>
<li>Use existing Gradle wrapper distribution for cache-cleanup where
possible (<a
href="https://redirect.github.com/gradle/actions/issues/515">#515</a>)</li>
<li>Automatically save each dependency-graph that is submitted by
<code>dependency-submission</code> (<a
href="https://redirect.github.com/gradle/actions/issues/519">#519</a>)</li>
<li>Fix deprecation warnings emitted by Gradle 8.12+ when:
<ul>
<li>Using <code>build-scan-publish: true</code> or Develocity injection
(<a
href="https://redirect.github.com/gradle/actions/issues/543">#543</a>)</li>
<li>Using dependency-submission with an authenticated plugin repository
with Gradle (<a
href="https://redirect.github.com/gradle/actions/issues/541">#541</a>)</li>
</ul>
</li>
<li>Fix warning when using toolchain support with Gradle 7.x (<a
href="https://redirect.github.com/gradle/actions/issues/511">#511</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/493">gradle/actions#493</a></li>
<li>Fix typo in <code>cache-reporting.ts</code> by <a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/499">gradle/actions#499</a></li>
<li>Bump the github-actions group across 3 directories with 7 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/510">gradle/actions#510</a></li>
<li>Bump the npm-dependencies group across 1 directory with 6 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/512">gradle/actions#512</a></li>
<li>Clean-up missing imports for tests by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/513">gradle/actions#513</a></li>
<li>Bump the npm-dependencies group in /sources with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/521">gradle/actions#521</a></li>
<li>Add npm build scans by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/517">gradle/actions#517</a></li>
<li>Avoid env-var interpolation in toolchains.xml by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/518">gradle/actions#518</a></li>
<li>Avoid saving build-results for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/520">gradle/actions#520</a></li>
<li>Save dependency graph as workflow artifact by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/522">gradle/actions#522</a></li>
<li>Update to CCUDGP 2.1 by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/524">gradle/actions#524</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/527">gradle/actions#527</a></li>
<li>Choose best Gradle version to use for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/526">gradle/actions#526</a></li>
<li>Uppercase cache-encryption-key by <a
href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/528">gradle/actions#528</a></li>
<li>Attempt to use gradle wrapper for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/525">gradle/actions#525</a></li>
<li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/529">gradle/actions#529</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/509">gradle/actions#509</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/535">gradle/actions#535</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/538">gradle/actions#538</a></li>
<li>Update undici to resolve vulnerability by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/536">gradle/actions#536</a></li>
<li>Bump the npm-dependencies group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/539">gradle/actions#539</a></li>
<li>Update docs for dependency review by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/540">gradle/actions#540</a></li>
<li>Fix space assignment deprecations in init-scripts by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/542">gradle/actions#542</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/94baf225fe0a508e581a564467443d0e2379123b"><code>94baf22</code></a>
Fix space assignment deprecations in init-scripts (<a
href="https://redirect.github.com/gradle/actions/issues/542">#542</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/6f10c21ec5f599a0b89667926d38072802b3d6fc"><code>6f10c21</code></a>
Make it easier to produce 'prerelease' versions</li>
<li><a
href="https://github.com/gradle/actions/commit/0b492c475f504e36ead18a16150445eff0744fbc"><code>0b492c4</code></a>
Fix deprecation warnings in develocity init-script</li>
<li><a
href="https://github.com/gradle/actions/commit/79bad900c08bc46eaf2277d99d548b968994ebbe"><code>79bad90</code></a>
Fix deprecation warnings in dependency-graph init-script</li>
<li><a
href="https://github.com/gradle/actions/commit/986922f6a6cae731e74a1101cfb48c1928f94d64"><code>986922f</code></a>
Update docs for dependency review (<a
href="https://redirect.github.com/gradle/actions/issues/540">#540</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/65a3beb9413b5a43f94e1eea10a51c507e62b78f"><code>65a3beb</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/0e67f6d83b0113c903ae9b9cf26c587076a01d82"><code>0e67f6d</code></a>
Bump the npm-dependencies group across 1 directory with 2 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/b6ac71fd86906618fa352cfa92ab29a0b53daa81"><code>b6ac71f</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/9053a599ae356ff00d824e690d556ddbec068864"><code>9053a59</code></a>
Update undici to resolve vulnerability</li>
<li><a
href="https://github.com/gradle/actions/commit/7560c304a61cfac10bf3a196e0769a30d4ecd4aa"><code>7560c30</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/0bdd871935719febd78681f197cd39af5b6e16a6...94baf225fe0a508e581a564467443d0e2379123b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-04 10:42:29 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f725f92e1a Bump github/codeql-action from 3.28.6 to 3.28.8 (#2857)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.6 to 3.28.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.8</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/dd746615b3b9d728a6a37ca2045b68ca76d4841a"><code>dd74661</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2746">#2746</a>
from github/update-v3.28.8-a91a3f767</li>
<li><a
href="https://github.com/github/codeql-action/commit/3210a3cda6446234a897a079af1b684aa4c73326"><code>3210a3c</code></a>
Fix Kotlin version in changelog</li>
<li><a
href="https://github.com/github/codeql-action/commit/72f9d0296b7b9c91564f67ddf9def81c815ce0c6"><code>72f9d02</code></a>
Update changelog for v3.28.8</li>
<li><a
href="https://github.com/github/codeql-action/commit/a91a3f76789881261b540fb7aa8a527214f8ac01"><code>a91a3f7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2744">#2744</a>
from github/igfoo/kot2.1.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/c520fb59d4c28e13147ed378b4c12599df187412"><code>c520fb5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2745">#2745</a>
from github/mergeback/v3.28.7-to-main-6e545590</li>
<li><a
href="https://github.com/github/codeql-action/commit/3879c5766041d8b2b7504c5c4b2d6dbd289f7634"><code>3879c57</code></a>
Add changelog entry</li>
<li><a
href="https://github.com/github/codeql-action/commit/0c2193725f360a9b0adcad3a71ce0d9cd4acb219"><code>0c21937</code></a>
Run &quot;npm run build&quot;</li>
<li><a
href="https://github.com/github/codeql-action/commit/5a61bf07fab8324ecda8ebb1d817463b17b717d9"><code>5a61bf0</code></a>
Kotlin: The 2.20.3 release supports Kotlin 2.1.10.</li>
<li><a
href="https://github.com/github/codeql-action/commit/163d1195df65a0e49551cd9b4fa0383e68d64a39"><code>163d119</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/bcf5cecbc6b147de017e1841778fa8d8644bf8a2"><code>bcf5cec</code></a>
Update changelog and version after v3.28.7</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/17a820bf2e43b47be2c72b39cc905417bc1ab6d0...dd746615b3b9d728a6a37ca2045b68ca76d4841a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.6&new-version=3.28.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:10:37 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9d2c23f612 Bump actions/setup-python from 5.3.0 to 5.4.0 (#2856)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/setup-python](https://github.com/actions/setup-python)
from 5.3.0 to 5.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements:</h3>
<ul>
<li>Update cache error message by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/968">actions/setup-python#968</a></li>
<li>Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/985">actions/setup-python#985</a></li>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1008">actions/setup-python#1008</a></li>
</ul>
<h3>Documentation changes:</h3>
<ul>
<li>Readme update - recommended permissions by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1009">actions/setup-python#1009</a></li>
<li>Improve Advanced Usage examples by <a
href="https://github.com/lrq3000"><code>@​lrq3000</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/645">actions/setup-python#645</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>undici</code> from 5.28.4 to 5.28.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1012">actions/setup-python#1012</a></li>
<li>Upgrade <code>urllib3</code> from 1.25.9 to 1.26.19 in
/<strong>tests</strong>/data by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/895">actions/setup-python#895</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1014">actions/setup-python#1014</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1020">actions/setup-python#1020</a></li>
<li>Upgrade <code>requests</code> from 2.24.0 to 2.32.2 in
/<strong>tests</strong>/data by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1019">actions/setup-python#1019</a></li>
<li>Upgrade <code>@actions/cache</code> to <code>^4.0.0</code> by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1007">actions/setup-python#1007</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1009">actions/setup-python#1009</a></li>
<li><a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1008">actions/setup-python#1008</a></li>
<li><a href="https://github.com/lrq3000"><code>@​lrq3000</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/645">actions/setup-python#645</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v5...v5.4.0">https://github.com/actions/setup-python/compare/v5...v5.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/42375524e23c412d93fb67b49958b491fce71c38"><code>4237552</code></a>
Improve Advanced Usage examples (<a
href="https://redirect.github.com/actions/setup-python/issues/645">#645</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/709bfa58ba5a9cefd64220decb43e45cc2a85775"><code>709bfa5</code></a>
Bump requests from 2.24.0 to 2.32.2 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1019">#1019</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/ceb20b242df24c1f8bf064b3c943c31c2555ddd8"><code>ceb20b2</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-python/issues/1020">#1020</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/0dc2d2cf0c96a1befa4c9f1803d3b9eb03458031"><code>0dc2d2c</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-python/issues/1014">#1014</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/feb9c6e7c63362340a8853582968731d6adb0454"><code>feb9c6e</code></a>
Bump urllib3 from 1.25.9 to 1.26.19 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/895">#895</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/d0b4fc497a1daddb64da40799d80949aa3a0c559"><code>d0b4fc4</code></a>
Bump undici from 5.28.4 to 5.28.5 (<a
href="https://redirect.github.com/actions/setup-python/issues/1012">#1012</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/e3dfaac0fd011839eef87186e3b48165c3ba0162"><code>e3dfaac</code></a>
Configure Dependabot settings (<a
href="https://redirect.github.com/actions/setup-python/issues/1008">#1008</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/b8cf3eb1ebc9c7f906e4ca96fcdf2e289e25d230"><code>b8cf3eb</code></a>
Use the new cache service: upgrade <code>@actions/cache</code> to
<code>^4.0.0</code> (<a
href="https://redirect.github.com/actions/setup-python/issues/1007">#1007</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/1928ae624dc06094d8c65f021a4700ea8fa56b9d"><code>1928ae6</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-python/issues/1009">#1009</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/3fddbee7870211eda9047db10474808be43c71ec"><code>3fddbee</code></a>
Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 (<a
href="https://redirect.github.com/actions/setup-python/issues/985">#985</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-python/compare/0b93645e9fea7318ecaed2b359559ac225c90a2b...42375524e23c412d93fb67b49958b491fce71c38">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-python&package-manager=github_actions&previous-version=5.3.0&new-version=5.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:09:15 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
637446fab8 Bump actions/setup-java from 4.6.0 to 4.7.0 (#2855)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a>
Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a
href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a>
Create dependabot.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a>
Update cache from 3.2.4 to 4.0.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/7a6d8a8234af8eb26422e24e3006232cccaa061b...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:08:34 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
196c0f4a39 Bump crazy-max/ghaction-github-labeler from 5.1.0 to 5.2.0 (#2854)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[crazy-max/ghaction-github-labeler](https://github.com/crazy-max/ghaction-github-labeler)
from 5.1.0 to 5.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crazy-max/ghaction-github-labeler/releases">crazy-max/ghaction-github-labeler's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.0</h2>
<ul>
<li>Load yaml files using the failsafe schema option by <a
href="https://github.com/pjpires"><code>@​pjpires</code></a> in <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/226">crazy-max/ghaction-github-labeler#226</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/223">crazy-max/ghaction-github-labeler#223</a></li>
<li>Bump undici from 5.28.4 to 5.28.5 in <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/225">crazy-max/ghaction-github-labeler#225</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-github-labeler/compare/v5.1.0...v5.2.0">https://github.com/crazy-max/ghaction-github-labeler/compare/v5.1.0...v5.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/31674a3852a9074f2086abcf1c53839d466a47e7"><code>31674a3</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/225">#225</a>
from crazy-max/dependabot/npm_and_yarn/undici-5.28.5</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/0f4f1ecca56e8e1a1e615bbc436d54828e01a00f"><code>0f4f1ec</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/44d83ee511e162b02b718ed456ee3882fffc7c81"><code>44d83ee</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/227">#227</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/758a9097e3639d1edc2829ea3d2136c810a5a1cc"><code>758a909</code></a>
ci: update bake-action to v6</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/1c66a35688619c585f02137ecb6f7cb576818bf2"><code>1c66a35</code></a>
chore(deps): bump undici from 5.28.4 to 5.28.5</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/989e392f847856b8f6348a8c215fb49f29349f28"><code>989e392</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/222">#222</a>
from crazy-max/dependabot/github_actions/codecov/code...</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/ec65374351c8d78e339a717641926251ef98e52b"><code>ec65374</code></a>
ci: fix deprecated input for codecov-action</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/765a634205fd65497949f578b2bafaa237a03af6"><code>765a634</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/223">#223</a>
from crazy-max/dependabot/npm_and_yarn/cross-spawn-7.0.6</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/98f4f2b495310cd7cc227f50d353683251df45a3"><code>98f4f2b</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/226">#226</a>
from pjpires/yaml-failsafe-schema</li>
<li><a
href="https://github.com/crazy-max/ghaction-github-labeler/commit/c0910be814912e2cf299e9ebd539b9d5078ac121"><code>c0910be</code></a>
Update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/crazy-max/ghaction-github-labeler/compare/b54af0c25861143e7c8813d7cbbf46d2c341680c...31674a3852a9074f2086abcf1c53839d466a47e7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=crazy-max/ghaction-github-labeler&package-manager=github_actions&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:07:54 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f9b92eec71 Bump actions/create-github-app-token from 1.11.1 to 1.11.2 (#2853)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.1 to 1.11.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.2</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2">1.11.2</a>
(2025-01-30)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/request</code> from
9.1.3 to 9.1.4 in the production-dependencies group (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/196">#196</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579">b4192a5</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/730">#730</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/730">#730</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/729">#729</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/727">#727</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/726">#726</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/723">#723</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/724">#724</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/722">#722</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/721">#721</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/720">#720</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/719">#719</a></li>
<li><strong>deps:</strong> bump undici from 6.19.8 to 7.2.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/198">#198</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6">29aa051</a>),
closes <a
href="https://redirect.github.com/nodejs/undici/issues/3958">nodejs/undici#3958</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3955">nodejs/undici#3955</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3962">nodejs/undici#3962</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3921">nodejs/undici#3921</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3923">nodejs/undici#3923</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3925">nodejs/undici#3925</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3926">nodejs/undici#3926</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3924">nodejs/undici#3924</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3933">nodejs/undici#3933</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3916">nodejs/undici#3916</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3930">nodejs/undici#3930</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3938">nodejs/undici#3938</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3937">#3937</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3940">nodejs/undici#3940</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3931">nodejs/undici#3931</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3941">nodejs/undici#3941</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3911">nodejs/undici#3911</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3888">nodejs/undici#3888</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3939">nodejs/undici#3939</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3947">nodejs/undici#3947</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3945">nodejs/undici#3945</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3916">nodejs/undici#3916</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3893">nodejs/undici#3893</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3902">nodejs/undici#3902</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3901">#3901</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3903">nodejs/undici#3903</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3905">nodejs/undici#3905</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3900">nodejs/undici#3900</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3913">nodejs/undici#3913</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3910">nodejs/undici#3910</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3909">nodejs/undici#3909</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3906">nodejs/undici#3906</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3922">nodejs/undici#3922</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3962">#3962</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3955">#3955</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3958">#3958</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3945">#3945</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3947">#3947</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3939">#3939</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3888">#3888</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3911">#3911</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3941">#3941</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/136412a57a7081aa63c935a2cc2918f76c34f514"><code>136412a</code></a>
build(release): 1.11.2 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579"><code>b4192a5</code></a>
fix(deps): bump <code>@​octokit/request</code> from 9.1.3 to 9.1.4 in
the production-depend...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6"><code>29aa051</code></a>
fix(deps): bump undici from 6.19.8 to 7.2.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/198">#198</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a5f8600f5881d59ee9299dfd57605d0ccbd561f5"><code>a5f8600</code></a>
build(deps-dev): bump <code>@​sinonjs/fake-timers</code> from 13.0.2 to
14.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/199">#199</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0edddd70c80d313f6d5fac3b29df92440abb9e33"><code>0edddd7</code></a>
build(deps-dev): bump the development-dependencies group with 2 updates
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/197">#197</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/bb3ca765afdde129dbde9599979c21f6d97e9b0a"><code>bb3ca76</code></a>
docs(README): remove extra space in variable syntax in README example
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/201">#201</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/c1a285145b9d317df6ced56c09f525b5c2b6f755...136412a57a7081aa63c935a2cc2918f76c34f514">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.1&new-version=1.11.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:07:37 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b2dfb4f863 Bump org.postgresql:postgresql from 42.7.4 to 42.7.5 (#2757)
Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from
42.7.4 to 42.7.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/releases">org.postgresql:postgresql's
releases</a>.</em></p>
<blockquote>
<h2>v42.7.5</h2>
<h2>Changes</h2>
<ul>
<li>update changelogs and increment version in gradle.properties for
release <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3478">#3478</a>)</li>
<li>regression: revert change in <a
href="https://github.com/pgjdbc/pgjdbc/commit/fc60537">https://github.com/pgjdbc/pgjdbc/commit/fc60537</a>
<a href="https://github.com/davecramer"><code>@​davecramer</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3476">#3476</a>)</li>
<li>Fix PgDatabaseMetaData implementation of catalog as param and return
value <a
href="https://github.com/SophiahHo"><code>@​SophiahHo</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3390">#3390</a>)</li>
<li>Support default GSS credentials in the Java Postgres client <a
href="https://github.com/nrhall"><code>@​nrhall</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3451">#3451</a>)</li>
<li>fix: return only the transactions accessible by the current_user in
XAResource.recover <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3450">#3450</a>)</li>
<li>feat: don't force send extra_float_digits for PostgreSQL &gt;= 12
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3432">#3432</a>)
<a href="https://github.com/damienb-opt"><code>@​damienb-opt</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3446">#3446</a>)</li>
<li>fix: exclude &quot;include columns&quot; from the list of primary
keys <a
href="https://github.com/priteshranjan01"><code>@​priteshranjan01</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3434">#3434</a>)</li>
<li>Enhance the meta query performance by specifying the oid. <a
href="https://github.com/dh-cloud"><code>@​dh-cloud</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3427">#3427</a>)</li>
<li>feat: support getObject(int, byte[].class) for bytea <a
href="https://github.com/anesterenok"><code>@​anesterenok</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3274">#3274</a>)</li>
<li>docs: document infinity and some minor edits <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3407">#3407</a>)</li>
<li>Added way to check for major server version, fixed check for RULE <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3402">#3402</a>)</li>
<li>fixed remaining paragraphs <a
href="https://github.com/Zopsss"><code>@​Zopsss</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3398">#3398</a>)</li>
<li>fixed paragraphs in javadoc comments <a
href="https://github.com/Zopsss"><code>@​Zopsss</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3397">#3397</a>)</li>
<li>Reuse buffers and reduce allocations in GSSInputStream addresses
Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3251">#3251</a>
<a href="https://github.com/davecramer"><code>@​davecramer</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3255">#3255</a>)</li>
<li>chore: Update Gradle to 8.10.2 <a
href="https://github.com/jorsol"><code>@​jorsol</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3388">#3388</a>)</li>
<li>ci: Test with Java 23 <a
href="https://github.com/jorsol"><code>@​jorsol</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3381">#3381</a>)</li>
<li>Fix getSchemas() <a
href="https://github.com/SophiahHo"><code>@​SophiahHo</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3386">#3386</a>)</li>
<li>Update rpm postgresql-jdbc.spec.tpl with scram-client <a
href="https://github.com/jorsol"><code>@​jorsol</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3324">#3324</a>)</li>
<li>Clearing thisRow and rowBuffer on close() of ResultSet <a
href="https://github.com/reallyinsane"><code>@​reallyinsane</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3384">#3384</a>)</li>
<li>Package was renamed to maven-bundle-plugin <a
href="https://github.com/ljavorsk"><code>@​ljavorsk</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3382">#3382</a>)</li>
<li>As of version 18 the RULE privilege has been removed <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3378">#3378</a>)</li>
<li>fix: use buffered inputstream to create GSSInputStream <a
href="https://github.com/Sasasu"><code>@​Sasasu</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3373">#3373</a>)</li>
<li>get rid of 8.4, 9.0 pg versions and use &gt;= jdk version 17 <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3372">#3372</a>)</li>
<li>Changed docker-compose version and renamed script file in
instructions to match the real file name <a
href="https://github.com/MohanadKh03"><code>@​MohanadKh03</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3363">#3363</a>)</li>
<li>Do not assume &quot;test&quot; database in
DatabaseMetaDataTransactionIsolationTest <a
href="https://github.com/nvanbenschoten"><code>@​nvanbenschoten</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3364">#3364</a>)</li>
<li>try to categorize dependencies <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3362">#3362</a>)</li>
</ul>
<h2>⬆️ Dependencies</h2>
<!-- raw HTML omitted -->
<ul>
<li>chore(deps): update dependency gradle to v8.12 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3473">#3473</a>)</li>
<li>chore(deps): update codecov/codecov-action digest to adfacf2 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3468">#3468</a>)</li>
<li>chore(deps): update dependency sbt/sbt to v1.10.7 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3470">#3470</a>)</li>
<li>fix(deps): update dependency org.ops4j.pax.url:pax-url-aether to
v2.6.15 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3471">#3471</a>)</li>
<li>fix(deps): update junit5 monorepo to v5.11.4 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3472">#3472</a>)</li>
<li>fix(deps): update dependency
com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6.1.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3469">#3469</a>)</li>
<li>chore(deps): update plugin biz.aqute.bnd.builder to v7.1.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3455">#3455</a>)</li>
<li>chore(deps): update dependency gradle to v8.11.1 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3454">#3454</a>)</li>
<li>chore(deps): update dependency com.typesafe.play:sbt-plugin to
v2.9.6 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3452">#3452</a>)</li>
<li>chore(deps): update dependency sbt/sbt to v1.10.6 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3453">#3453</a>)</li>
<li>chore(deps): update plugin org.jetbrains.kotlin.jvm to v2.1.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3456">#3456</a>)</li>
<li>chore(deps): update codecov/codecov-action digest to 015f24e <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3438">#3438</a>)</li>
<li>chore(deps): update dependency sbt/sbt to v1.10.5 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3439">#3439</a>)</li>
<li>chore(deps): update plugin com.github.burrunan.s3-build-cache to
v1.8.4 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3440">#3440</a>)</li>
<li>fix(deps): update dependency
com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6.0.26 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3441">#3441</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md">org.postgresql:postgresql's
changelog</a>.</em></p>
<blockquote>
<h2>[42.7.5] (2025-01-14 08:00:00 -0400)</h2>
<h3>Added</h3>
<ul>
<li>ci: Test with Java 23 [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3381">#3381</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3381">pgjdbc/pgjdbc#3381</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>regression: revert change in fc60537 [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3476">#3476</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3476">pgjdbc/pgjdbc#3476</a>)</li>
<li>fix: PgDatabaseMetaData implementation of catalog as param and
return value [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3390">#3390</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3390">pgjdbc/pgjdbc#3390</a>)</li>
<li>fix: Support default GSS credentials in the Java Postgres client [PR
<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3451">#3451</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3451">pgjdbc/pgjdbc#3451</a>)</li>
<li>fix: return only the transactions accessible by the current_user in
XAResource.recover [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3450">#3450</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3450">pgjdbc/pgjdbc#3450</a>)</li>
<li>feat: don't force send extra_float_digits for PostgreSQL &gt;= 12
fix [Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3432">#3432</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3432">pgjdbc/pgjdbc#3432</a>)
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3446">#3446</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3446">pgjdbc/pgjdbc#3446</a>)</li>
<li>fix: exclude &quot;include columns&quot; from the list of primary
keys [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3434">#3434</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3434">pgjdbc/pgjdbc#3434</a>)</li>
<li>perf: Enhance the meta query performance by specifying the oid. [PR
<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3427">#3427</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3427">pgjdbc/pgjdbc#3427</a>)</li>
<li>feat: support getObject(int, byte[].class) for bytea [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3274">#3274</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3274">pgjdbc/pgjdbc#3274</a>)</li>
<li>docs: document infinity and some minor edits [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3407">#3407</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3407">pgjdbc/pgjdbc#3407</a>)</li>
<li>fix: Added way to check for major server version, fixed check for
RULE [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3402">#3402</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3402">pgjdbc/pgjdbc#3402</a>)</li>
<li>docs: fixed remaining paragraphs [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3398">#3398</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3398">pgjdbc/pgjdbc#3398</a>)</li>
<li>docs: fixed paragraphs in javadoc comments [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3397">#3397</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3397">pgjdbc/pgjdbc#3397</a>)</li>
<li>fix: Reuse buffers and reduce allocations in GSSInputStream
addresses [Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3251">#3251</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3251">pgjdbc/pgjdbc#3251</a>)
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3255">#3255</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3255">pgjdbc/pgjdbc#3255</a>)</li>
<li>chore: Update Gradle to 8.10.2 [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3388">#3388</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3388">pgjdbc/pgjdbc#3388</a>)</li>
<li>fix: getSchemas() [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3386">#3386</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3386">pgjdbc/pgjdbc#3386</a>)</li>
<li>fix: Update rpm postgresql-jdbc.spec.tpl with scram-client [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3324">#3324</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3324">pgjdbc/pgjdbc#3324</a>)</li>
<li>fix: Clearing thisRow and rowBuffer on close() of ResultSet [Issue
<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3383">#3383</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3383">pgjdbc/pgjdbc#3383</a>)
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3384">#3384</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3384">pgjdbc/pgjdbc#3384</a>)</li>
<li>fix: Package was renamed to maven-bundle-plugin [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3382">#3382</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3382">pgjdbc/pgjdbc#3382</a>)</li>
<li>fix: As of version 18 the RULE privilege has been removed [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3378">#3378</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3378">pgjdbc/pgjdbc#3378</a>)</li>
<li>fix: use buffered inputstream to create GSSInputStream [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3373">#3373</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3373">pgjdbc/pgjdbc#3373</a>)</li>
<li>test: get rid of 8.4, 9.0 pg versions and use &gt;= jdk version 17
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3372">#3372</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3372">pgjdbc/pgjdbc#3372</a>)</li>
<li>Changed docker-compose version and renamed script file in
instructions to match the real file name [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3363">#3363</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3363">pgjdbc/pgjdbc#3363</a>)</li>
<li>test:Do not assume &quot;test&quot; database in
DatabaseMetaDataTransactionIsolationTest [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3364">#3364</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3364">pgjdbc/pgjdbc#3364</a>)</li>
<li>try to categorize dependencies [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3362">#3362</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3362">pgjdbc/pgjdbc#3362</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/94a1693a61d612dcdbb9c4d01c1e217326a0c044"><code>94a1693</code></a>
update changelogs and increment version in gradle.properties for release
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3478">#3478</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/ce54dfdee80cf307ead81881565e4c358e7ae1ec"><code>ce54dfd</code></a>
chore: replace deprecated kotlinOptions with a replacement API</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/398029efe9ea1cd39b805a4e70537f6bb59c1505"><code>398029e</code></a>
chore: avoid failure in osgi-test/onlyIf if -PjdkBuildVersion is missing
at t...</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/7245443f163efbc1a0d09c87143a2d4521fa6105"><code>7245443</code></a>
test: skip :pgjdbc-osgi-test:test when runnning tests with Java 8</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/77475279046c52cd946e577c38b5ddfa5096a292"><code>7747527</code></a>
chore(deps): update dependency gradle to v8.12</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/bb07a4bd0111cd212b9f54bc36034ee7bdbd4378"><code>bb07a4b</code></a>
chore(deps): update codecov/codecov-action digest to adfacf2</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/f545514893809633d28b77c9d3732e9ce8815d52"><code>f545514</code></a>
chore(deps): update dependency sbt/sbt to v1.10.7</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/45df56c7bc90fcecd184db4a9653319227c5facb"><code>45df56c</code></a>
fix(deps): update dependency org.ops4j.pax.url:pax-url-aether to
v2.6.15</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/b87e106d55b334efa3f61ccaba808e405f5190d4"><code>b87e106</code></a>
fix(deps): update junit5 monorepo to v5.11.4</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/560347762cec21516a5fd864be3ad27e31113cb0"><code>5603477</code></a>
fix(deps): update dependency
com.github.spotbugs:com.github.spotbugs.gradle.p...</li>
<li>Additional commits viewable in <a
href="https://github.com/pgjdbc/pgjdbc/compare/REL42.7.4...REL42.7.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.postgresql:postgresql&package-manager=gradle&previous-version=42.7.4&new-version=42.7.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 11:02:07 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
565208edbf Bump pdfboxVersion from 3.0.3 to 3.0.4 (#2790)
Bumps `pdfboxVersion` from 3.0.3 to 3.0.4.
Updates `org.apache.pdfbox:pdfbox` from 3.0.3 to 3.0.4

Updates `org.apache.pdfbox:preflight` from 3.0.3 to 3.0.4

Updates `org.apache.pdfbox:xmpbox` from 3.0.3 to 3.0.4


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 11:01:56 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e690b09ed2 Bump docker/build-push-action from 6.12.0 to 6.13.0 (#2800)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.12.0 to 6.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.13.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.51.0 to 0.53.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1308">docker/build-push-action#1308</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0">https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/ca877d9245402d1537745e0e356eab47c3520991"><code>ca877d9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1308">#1308</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d2fe919bb5012a6186426dc91c361c4980d10c2d"><code>d2fe919</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/f0fc9ece82cf2ace13ec8f35687697ae511bdf74"><code>f0fc9ec</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.51.0 to
0.53.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/67a2d409c0a876cbe6b11854e3e25193efe4e62d...ca877d9245402d1537745e0e356eab47c3520991">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.12.0&new-version=6.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 10:46:23 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
595da7acd9 Bump actions/stale from 9.0.0 to 9.1.0 (#2803)
Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to
9.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/stale/releases">actions/stale's
releases</a>.</em></p>
<blockquote>
<h2>v9.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Documentation update by <a
href="https://github.com/Marukome0743"><code>@​Marukome0743</code></a>
in <a
href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li>
<li>Update undici from 5.28.2 to 5.28.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1150">actions/stale#1150</a></li>
<li>Update actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1091">actions/stale#1091</a></li>
<li>Update actions/publish-action from 0.2.2 to 0.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1147">actions/stale#1147</a></li>
<li>Update ts-jest from 29.1.1 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1175">actions/stale#1175</a></li>
<li>Update <code>@​actions/core</code> from 1.10.1 to 1.11.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1191">actions/stale#1191</a></li>
<li>Update <code>@​types/jest</code> from 29.5.11 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1193">actions/stale#1193</a></li>
<li>Update <code>@​actions/cache</code> from 3.2.2 to 4.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1194">actions/stale#1194</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/Marukome0743"><code>@​Marukome0743</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/stale/compare/v9...v9.1.0">https://github.com/actions/stale/compare/v9...v9.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/stale/commit/5bef64f19d7facfb25b37b414482c7164d639639"><code>5bef64f</code></a>
build(deps): bump <code>@​actions/cache</code> from 3.2.2 to 4.0.0 (<a
href="https://redirect.github.com/actions/stale/issues/1194">#1194</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/fa77dfddd04682b7d96dbc4e016318e681fdc10e"><code>fa77dfd</code></a>
build(deps-dev): bump <code>@​types/jest</code> from 29.5.11 to 29.5.14
(<a
href="https://redirect.github.com/actions/stale/issues/1193">#1193</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/f04443dce335c74ba15c65f4cbb3688e6cb6a6ec"><code>f04443d</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 (<a
href="https://redirect.github.com/actions/stale/issues/1191">#1191</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/5c715b0513651880806e14d529f014b12fdd50eb"><code>5c715b0</code></a>
build(deps-dev): bump ts-jest from 29.1.1 to 29.2.5 (<a
href="https://redirect.github.com/actions/stale/issues/1175">#1175</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/f69122271d990fd11f5594ccff2296f00ff59b49"><code>f691222</code></a>
build(deps): bump actions/publish-action from 0.2.2 to 0.3.0 (<a
href="https://redirect.github.com/actions/stale/issues/1147">#1147</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/df990c2cf5ae92c90653c9485d6882a0a09feac7"><code>df990c2</code></a>
build(deps): bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/actions/stale/issues/1091">#1091</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/6e472ce44ab4197b0154601c59c54a75b73b340b"><code>6e472ce</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/stale/issues/1179">#1179</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/stale/commit/d10ba64261d965f75165f74c55cd3ffbf690d442"><code>d10ba64</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/stale/issues/1150">#1150</a>
from actions/dependabot/npm_and_yarn/undici-5.28.4</li>
<li><a
href="https://github.com/actions/stale/commit/bbf3da5f64eebd003932d93293857400f7f7e18d"><code>bbf3da5</code></a>
resolve check failures</li>
<li><a
href="https://github.com/actions/stale/commit/6a2e61d18b155e538f85ef1bf7bd0470775e9703"><code>6a2e61d</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/stale/compare/28ca1036281a5e5922ead5184a1bbf96e5fc984e...5bef64f19d7facfb25b37b414482c7164d639639">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/stale&package-manager=github_actions&previous-version=9.0.0&new-version=9.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 10:43:17 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
78f1d2b843 Bump github/codeql-action from 3.28.1 to 3.28.6 (#2802)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.1 to 3.28.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.2</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.8 - 12 Dec 2024</h2>
<ul>
<li>Fixed an issue where streaming the download and extraction of the
CodeQL bundle did not respect proxy settings. <a
href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li>
</ul>
<h2>3.27.7 - 10 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/17a820bf2e43b47be2c72b39cc905417bc1ab6d0"><code>17a820b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2735">#2735</a>
from github/aeisenberg/fix-permissions</li>
<li><a
href="https://github.com/github/codeql-action/commit/3a4eae00ff23d411ccf7ed58d680071d84b6f8b7"><code>3a4eae0</code></a>
Add extra permission to mergeback workflow</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e83f6b818d7c9f52143570963b2c7f7f055decb"><code>4e83f6b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2732">#2732</a>
from github/update-v3.28.6-b49419044</li>
<li><a
href="https://github.com/github/codeql-action/commit/64ad47c7c184c89d0665bab67b8bd53e42425e85"><code>64ad47c</code></a>
Update changelog for v3.28.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/b494190443a6ef5636b96529b698caabed0a8248"><code>b494190</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2726">#2726</a>
from github/aeisenberg/reenable-artifact-upload</li>
<li><a
href="https://github.com/github/codeql-action/commit/a8797048056402d6b6e8d3b3b5e67bb0ba32a6a1"><code>a879704</code></a>
Clarify test fail;ure message</li>
<li><a
href="https://github.com/github/codeql-action/commit/62c322fad9e33d39a2f7517e621a0e07516f5b48"><code>62c322f</code></a>
Add better comments around artifact upload tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/c6b286132edd6f7f497542488a5a4d70768a2363"><code>c6b2861</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2731">#2731</a>
from github/dependabot/npm_and_yarn/npm-e1e9e6cd15</li>
<li><a
href="https://github.com/github/codeql-action/commit/297e89a0d9ede0e543f8d0e122332129f9a65d86"><code>297e89a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2723">#2723</a>
from github/marcogario/start-proxy_tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/357e0ceaa944420266db3ff50182959161a023f0"><code>357e0ce</code></a>
Update checked-in dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c...17a820bf2e43b47be2c72b39cc905417bc1ab6d0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.1&new-version=3.28.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 10:33:47 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d2fe4364c2 Bump testdriverai/action from 1.0.0 to 1.1.3 (#2801)
Bumps [testdriverai/action](https://github.com/testdriverai/action) from
1.0.0 to 1.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/testdriverai/action/releases">testdriverai/action's
releases</a>.</em></p>
<blockquote>
<h2>1.1.3</h2>
<h2>What's Changed</h2>
<p>Ensure proper context is considered when testing from
<code>workflow_run</code> action.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/testdriverai/action/compare/1.1.2...1.1.3">https://github.com/testdriverai/action/compare/1.1.2...1.1.3</a></p>
<h2>1.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Ianjennings/sha2 by <a
href="https://github.com/ianjennings"><code>@​ianjennings</code></a> in
<a
href="https://redirect.github.com/testdriverai/action/pull/39">testdriverai/action#39</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/testdriverai/action/compare/1.1.1...1.1.2">https://github.com/testdriverai/action/compare/1.1.1...1.1.2</a></p>
<h2>1.1.1</h2>
<h2>What's Changed</h2>
<p>Fix for bad PR Sha</p>
<ul>
<li>Ianjennings/sha by <a
href="https://github.com/ianjennings"><code>@​ianjennings</code></a> in
<a
href="https://redirect.github.com/testdriverai/action/pull/38">testdriverai/action#38</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/testdriverai/action/compare/1.1.0...1.1.1">https://github.com/testdriverai/action/compare/1.1.0...1.1.1</a></p>
<h2>1.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>create check test by <a
href="https://github.com/ianjennings"><code>@​ianjennings</code></a> in
<a
href="https://redirect.github.com/testdriverai/action/pull/36">testdriverai/action#36</a></li>
</ul>
<p><img
src="https://github.com/user-attachments/assets/9ee1bc7b-88b0-413a-a040-e472d442c43b"
alt="CleanShot 2025-01-20 at 23 22 19" /></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/testdriverai/action/compare/1.0.0...1.1.0">https://github.com/testdriverai/action/compare/1.0.0...1.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/testdriverai/action/commit/f0d0f45fdd684db628baa843fe9313f3ca3a8aa8"><code>f0d0f45</code></a>
Ianjennings/test context 3 (<a
href="https://redirect.github.com/testdriverai/action/issues/42">#42</a>)</li>
<li><a
href="https://github.com/testdriverai/action/commit/54c38b81094ee6cb2331d11c2d712da4513c3dba"><code>54c38b8</code></a>
checkout</li>
<li><a
href="https://github.com/testdriverai/action/commit/7a30d428856e83958ea9b6f2f425a766f5fb74a9"><code>7a30d42</code></a>
worthless change to test context (<a
href="https://redirect.github.com/testdriverai/action/issues/41">#41</a>)</li>
<li><a
href="https://github.com/testdriverai/action/commit/d286334698796d91df97c033fec35c88f4ca1717"><code>d286334</code></a>
Ianjennings/dynamic-context (<a
href="https://redirect.github.com/testdriverai/action/issues/40">#40</a>)</li>
<li><a
href="https://github.com/testdriverai/action/commit/bb03cc2eb3297bf05cbfe1a69f042f7575fbf66e"><code>bb03cc2</code></a>
truncate description</li>
<li><a
href="https://github.com/testdriverai/action/commit/7f6e2708b946a08b0bf4bd346e160a1e63953c52"><code>7f6e270</code></a>
Merge pull request <a
href="https://redirect.github.com/testdriverai/action/issues/39">#39</a>
from testdriverai/ianjennings/sha2</li>
<li><a
href="https://github.com/testdriverai/action/commit/91e26edc21af7b1961fe5aeb82e8f84e1b14e5e0"><code>91e26ed</code></a>
remove console log</li>
<li><a
href="https://github.com/testdriverai/action/commit/ca2d3785cbd081bcf25d69c84361ee112d73f3b5"><code>ca2d378</code></a>
remove console log</li>
<li><a
href="https://github.com/testdriverai/action/commit/fb32f33cf717608fd1e7da6d0099e19e1a9bf4e9"><code>fb32f33</code></a>
Merge pull request <a
href="https://redirect.github.com/testdriverai/action/issues/38">#38</a>
from testdriverai/ianjennings/sha</li>
<li><a
href="https://github.com/testdriverai/action/commit/9b02d9547e0078565474a7203aef7279111363a1"><code>9b02d95</code></a>
aaaa</li>
<li>Additional commits viewable in <a
href="https://github.com/testdriverai/action/compare/47e87c5d50beeeb3da624b2d9b5c1391269d6d22...f0d0f45fdd684db628baa843fe9313f3ca3a8aa8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=testdriverai/action&package-manager=github_actions&previous-version=1.0.0&new-version=1.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 10:30:57 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
66d0ad5071 Bump docker/build-push-action from 6.11.0 to 6.12.0 (#2762)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.11.0 to 6.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.12.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to 0.51.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1300">docker/build-push-action#1300</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0">https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/67a2d409c0a876cbe6b11854e3e25193efe4e62d"><code>67a2d40</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1300">#1300</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/0b1b1c9c43ec788c199860037a0545356ea03d26"><code>0b1b1c9</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/b6a7c2c4eec8151a4dbcd3823747fe1b77d5b280"><code>b6a7c2c</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to
0.51.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/31ca4e5d51253d7e4a2317bfe74699cbe3a398a9"><code>31ca4e5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1296">#1296</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e613db9d5a93dda4d07aeb81991e80164577ae4a"><code>e613db9</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/b32b51a8eda65d6793cd0494a773d4f6bcef32dc...67a2d409c0a876cbe6b11854e3e25193efe4e62d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.11.0&new-version=6.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:11:18 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c5ae576541 Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.3 to 2.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.4</h2>
<h2>What's Changed</h2>
<p>Fixed a potential Harden-Runner post step failure that could occur
when printing agent service logs. The fix gracefully handles failures
without failing the post step.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a>
from step-security/fix-enobufs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a>
Update log statement</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a>
Add try catch block</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a>
Fix ENOBUFS issue</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f"><code>18f6947</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a>
from AkhigbeEromo/Update-README</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2"><code>81f844e</code></a>
Edit docs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377"><code>4c766de</code></a>
Merge branch 'Update-README' of <a
href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef"><code>c9c5f32</code></a>
Handle Ashish reviews</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76"><code>2877824</code></a>
Merge branch 'main' into Update-README</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0"><code>be87de0</code></a>
Clean up</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:11:01 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2bcdd8cce6 Bump org.springframework:spring-jdbc from 6.2.1 to 6.2.2 (#2760)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework)
from 6.2.1 to 6.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.2</h2>
<h2> New Features</h2>
<ul>
<li>Track only qualifier annotations in <code>BeanOverrideHandler</code>
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34260">#34260</a></li>
<li>Remove <code>@FunctionalInterface</code> declaration from
<code>BeanOverrideProcessor</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34259">#34259</a></li>
<li>Refine default filtered headers for web data binding <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34182">#34182</a></li>
<li>Improve query params in uri KeyValue with HTTP interface client <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34176">#34176</a></li>
<li>Refine location checks for PathResource <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34167">#34167</a></li>
<li>Avoid virtual thread pinning in procedure calling <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34133">#34133</a></li>
<li>Type-level constraint violation should result in ParameterErrors <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34105">#34105</a></li>
<li>Avoid logger serialization behind shared EntityManager proxy <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34084">#34084</a></li>
<li>Improve PathMatcher to PathPatternParser migration in mvc XML
configuration <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34064">#34064</a></li>
<li>Support <code>@MockitoBean</code> at the type level on test classes
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/33925">#33925</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>HttpHeadersAssert#doesNotContainsHeaders has a typo <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34263">#34263</a></li>
<li>Deadlock with background EntityManager bootstrap due to locking in
getSingletonFactoryBeanForTypeCheck <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34247">#34247</a></li>
<li>ApplicationListener no longer invoked for double generic
ApplicationEvent with 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34234">#34234</a></li>
<li>Nested transaction savepoints are broken in SQL Server <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34233">#34233</a></li>
<li>Error handling override in DefaultResponseErrorHandler ignored after
upgrade to 6.2.0 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34231">#34231</a></li>
<li>FileNotFoundException is thrown when using
ConfigurationPropertiesScan with Spring Context 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34216">#34216</a></li>
<li>BindException declared but not handled by ExceptionHandler <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34214">#34214</a></li>
<li><code>@TestBean</code> factory method resolution is incorrect within
class hierarchy <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34204">#34204</a></li>
<li>Bean Override in superclass takes precedence over Bean Override in
subclass <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34194">#34194</a></li>
<li>Ensure <code>AsyncListener#onError</code> does not return until
dispatch completes <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34192">#34192</a></li>
<li>BeanNotOfRequiredTypeException during transaction qualifier
resolution in 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34187">#34187</a></li>
<li>BeanCurrentlyInCreationException is thrown when multiple threads
simultaneously try to create bean <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34186">#34186</a></li>
<li><code>DataBinder</code> throws
<code>IndexOutOfBoundsException</code> when indexed parameter uses
nonconsecutive indices <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34145">#34145</a></li>
<li>NullPointerException is thrown if WebClient is used with Apache
Httpclient and cookies are disabled <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34132">#34132</a></li>
<li>Wrong parentId tracking in FlightRecorderApplicationStartup <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34128">#34128</a></li>
<li>PathMatchingResourcePatternResolver is not able to resolve file in
SpringBoot Packaged JAR <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34126">#34126</a></li>
<li>Placeholder resolution no longer considers exact match before
resolving the placeholder key <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34124">#34124</a></li>
<li><code>DataBinder</code> throws
<code>StringIndexOutOfBoundsException</code> for indexed property
without nested property path <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34121">#34121</a></li>
<li>Dependency injection matches wildcards too leniently with 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34119">#34119</a></li>
<li>PathMatchingResourcePatternResolver throws FileNotFoundException
caused by wrong cache path <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34111">#34111</a></li>
<li>SpEL fails to invoke <code>MethodHandle</code> function reference
accepting only varargs <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34109">#34109</a></li>
<li>Generic with a base type is no longer resolved to its base if the
generic is unresolved <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34086">#34086</a></li>
<li><code>DataBinder</code> throws
<code>StringIndexOutOfBoundsException</code> for map property without
nested property path <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34043">#34043</a></li>
<li>Fix implicit variable resolution in JSP <code>EvalTag</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/33945">#33945</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Fix inaccuracy in RequestHeaderArgumentResolver Javadoc <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34230">#34230</a></li>
<li>Document that http.client.requests measure the entire HTTP exchange
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34201">#34201</a></li>
<li>Misuse of em dash in &quot;Basic Concept&quot; section <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34165">#34165</a></li>
<li>Fix typo in link <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34149">#34149</a></li>
<li>Broken syntax in xml sample of &quot;Reference to Other Beans&quot;
section <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34148">#34148</a></li>
<li>Fix minor typo in reference documentation for Kotlin annotations <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34134">#34134</a></li>
<li>Clarify documentation for the default uri client request observation
metric <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34116">#34116</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/d5da602bc29c3a61bb0b3203414a21447ed0cbe5"><code>d5da602</code></a>
Release v6.2.2</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/384d2749c6d06915c3da88a62c6183e7fd735af6"><code>384d274</code></a>
Polishing in HttpServiceMethod</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/5150a9a6ad9bc58fcc3fd721859e29b0663b5a34"><code>5150a9a</code></a>
Polishing contribution</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/a8c5885aff57c2e51d38c4e6cb1475d6f3ac1991"><code>a8c5885</code></a>
Fix wrong document about RequestHeaderArgumentResolver</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/7d844274dca511ae3469517e14889e76e71cc7b9"><code>7d84427</code></a>
Upgrade to Jetty 12.0.16, Netty 4.1.117, Protobuf 4.29.3, Checkstyle
10.21.1</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/70ceb3abdf61bdfc1e02ede3bf9297e720342a34"><code>70ceb3a</code></a>
Refer to local Consumer type instead of Kotlin test type</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9181cce65f17ad2c41861444d0c8417adecf36a1"><code>9181cce</code></a>
Support @⁠MockitoBean at the type level on test classes</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/8b6523a35b3b4f3f2bd68487b26209a4ae4185b1"><code>8b6523a</code></a>
Cross reference @⁠NestedTestConfiguration for Bean Overrides</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/e7f349328d4e5136573d2e4121d15355c416dbeb"><code>e7f3493</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34086">#34086</a>
from rPraml</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/fe5f5d53b2f2dac95eaa5fe93a0be6756ccb71e1"><code>fe5f5d5</code></a>
Polish &quot;Resolve base type in parameterized type if
necessary&quot;</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.1...v6.2.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-jdbc&package-manager=gradle&previous-version=6.2.1&new-version=6.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:10:42 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c96765f962 Bump bouncycastleVersion from 1.79 to 1.80 (#2759)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps `bouncycastleVersion` from 1.79 to 1.80.
Updates `org.bouncycastle:bcprov-jdk18on` from 1.79 to 1.80
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html">org.bouncycastle:bcprov-jdk18on's
changelog</a>.</em></p>
<blockquote>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.1.1 Version<!--
raw HTML omitted --><!-- raw HTML omitted -->
Release: 1.80<!-- raw HTML omitted -->
Date:      2025, 14th January.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bcgit/bc-java/commits">compare view</a></li>
</ul>
</details>
<br />

Updates `org.bouncycastle:bcpkix-jdk18on` from 1.79 to 1.80
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html">org.bouncycastle:bcpkix-jdk18on's
changelog</a>.</em></p>
<blockquote>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.1.1 Version<!--
raw HTML omitted --><!-- raw HTML omitted -->
Release: 1.80<!-- raw HTML omitted -->
Date:      2025, 14th January.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bcgit/bc-java/commits">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:10:27 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3830c7d1f3 Bump org.springframework:spring-webmvc from 6.2.1 to 6.2.2 (#2758)
Bumps
[org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework)
from 6.2.1 to 6.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.2</h2>
<h2> New Features</h2>
<ul>
<li>Track only qualifier annotations in <code>BeanOverrideHandler</code>
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34260">#34260</a></li>
<li>Remove <code>@FunctionalInterface</code> declaration from
<code>BeanOverrideProcessor</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34259">#34259</a></li>
<li>Refine default filtered headers for web data binding <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34182">#34182</a></li>
<li>Improve query params in uri KeyValue with HTTP interface client <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34176">#34176</a></li>
<li>Refine location checks for PathResource <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34167">#34167</a></li>
<li>Avoid virtual thread pinning in procedure calling <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34133">#34133</a></li>
<li>Type-level constraint violation should result in ParameterErrors <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34105">#34105</a></li>
<li>Avoid logger serialization behind shared EntityManager proxy <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34084">#34084</a></li>
<li>Improve PathMatcher to PathPatternParser migration in mvc XML
configuration <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34064">#34064</a></li>
<li>Support <code>@MockitoBean</code> at the type level on test classes
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/33925">#33925</a></li>
</ul>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>HttpHeadersAssert#doesNotContainsHeaders has a typo <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34263">#34263</a></li>
<li>Deadlock with background EntityManager bootstrap due to locking in
getSingletonFactoryBeanForTypeCheck <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34247">#34247</a></li>
<li>ApplicationListener no longer invoked for double generic
ApplicationEvent with 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34234">#34234</a></li>
<li>Nested transaction savepoints are broken in SQL Server <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34233">#34233</a></li>
<li>Error handling override in DefaultResponseErrorHandler ignored after
upgrade to 6.2.0 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34231">#34231</a></li>
<li>FileNotFoundException is thrown when using
ConfigurationPropertiesScan with Spring Context 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34216">#34216</a></li>
<li>BindException declared but not handled by ExceptionHandler <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34214">#34214</a></li>
<li><code>@TestBean</code> factory method resolution is incorrect within
class hierarchy <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34204">#34204</a></li>
<li>Bean Override in superclass takes precedence over Bean Override in
subclass <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34194">#34194</a></li>
<li>Ensure <code>AsyncListener#onError</code> does not return until
dispatch completes <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34192">#34192</a></li>
<li>BeanNotOfRequiredTypeException during transaction qualifier
resolution in 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34187">#34187</a></li>
<li>BeanCurrentlyInCreationException is thrown when multiple threads
simultaneously try to create bean <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34186">#34186</a></li>
<li><code>DataBinder</code> throws
<code>IndexOutOfBoundsException</code> when indexed parameter uses
nonconsecutive indices <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34145">#34145</a></li>
<li>NullPointerException is thrown if WebClient is used with Apache
Httpclient and cookies are disabled <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34132">#34132</a></li>
<li>Wrong parentId tracking in FlightRecorderApplicationStartup <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34128">#34128</a></li>
<li>PathMatchingResourcePatternResolver is not able to resolve file in
SpringBoot Packaged JAR <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34126">#34126</a></li>
<li>Placeholder resolution no longer considers exact match before
resolving the placeholder key <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34124">#34124</a></li>
<li><code>DataBinder</code> throws
<code>StringIndexOutOfBoundsException</code> for indexed property
without nested property path <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34121">#34121</a></li>
<li>Dependency injection matches wildcards too leniently with 6.2.1 <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34119">#34119</a></li>
<li>PathMatchingResourcePatternResolver throws FileNotFoundException
caused by wrong cache path <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34111">#34111</a></li>
<li>SpEL fails to invoke <code>MethodHandle</code> function reference
accepting only varargs <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34109">#34109</a></li>
<li>Generic with a base type is no longer resolved to its base if the
generic is unresolved <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34086">#34086</a></li>
<li><code>DataBinder</code> throws
<code>StringIndexOutOfBoundsException</code> for map property without
nested property path <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34043">#34043</a></li>
<li>Fix implicit variable resolution in JSP <code>EvalTag</code> <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/33945">#33945</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Fix inaccuracy in RequestHeaderArgumentResolver Javadoc <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34230">#34230</a></li>
<li>Document that http.client.requests measure the entire HTTP exchange
<a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34201">#34201</a></li>
<li>Misuse of em dash in &quot;Basic Concept&quot; section <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34165">#34165</a></li>
<li>Fix typo in link <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34149">#34149</a></li>
<li>Broken syntax in xml sample of &quot;Reference to Other Beans&quot;
section <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34148">#34148</a></li>
<li>Fix minor typo in reference documentation for Kotlin annotations <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34134">#34134</a></li>
<li>Clarify documentation for the default uri client request observation
metric <a
href="https://redirect.github.com/spring-projects/spring-framework/pull/34116">#34116</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/d5da602bc29c3a61bb0b3203414a21447ed0cbe5"><code>d5da602</code></a>
Release v6.2.2</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/384d2749c6d06915c3da88a62c6183e7fd735af6"><code>384d274</code></a>
Polishing in HttpServiceMethod</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/5150a9a6ad9bc58fcc3fd721859e29b0663b5a34"><code>5150a9a</code></a>
Polishing contribution</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/a8c5885aff57c2e51d38c4e6cb1475d6f3ac1991"><code>a8c5885</code></a>
Fix wrong document about RequestHeaderArgumentResolver</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/7d844274dca511ae3469517e14889e76e71cc7b9"><code>7d84427</code></a>
Upgrade to Jetty 12.0.16, Netty 4.1.117, Protobuf 4.29.3, Checkstyle
10.21.1</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/70ceb3abdf61bdfc1e02ede3bf9297e720342a34"><code>70ceb3a</code></a>
Refer to local Consumer type instead of Kotlin test type</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/9181cce65f17ad2c41861444d0c8417adecf36a1"><code>9181cce</code></a>
Support @⁠MockitoBean at the type level on test classes</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/8b6523a35b3b4f3f2bd68487b26209a4ae4185b1"><code>8b6523a</code></a>
Cross reference @⁠NestedTestConfiguration for Bean Overrides</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/e7f349328d4e5136573d2e4121d15355c416dbeb"><code>e7f3493</code></a>
Merge pull request <a
href="https://redirect.github.com/spring-projects/spring-framework/issues/34086">#34086</a>
from rPraml</li>
<li><a
href="https://github.com/spring-projects/spring-framework/commit/fe5f5d53b2f2dac95eaa5fe93a0be6756ccb71e1"><code>fe5f5d5</code></a>
Polish &quot;Resolve base type in parameterized type if
necessary&quot;</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-framework/compare/v6.2.1...v6.2.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework:spring-webmvc&package-manager=gradle&previous-version=6.2.1&new-version=6.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:10:13 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
06a53de350 Bump io.micrometer:micrometer-core from 1.14.2 to 1.14.3 (#2694)
Bumps
[io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer)
from 1.14.2 to 1.14.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's
releases</a>.</em></p>
<blockquote>
<h2>1.14.3</h2>
<h2>🐞 Bug Fixes</h2>
<ul>
<li>Handle RuntimeException when getting/setting JMS headers <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5746">#5746</a></li>
<li>NPE occurs when AOP is applied to a method that returns
CompletableFuture <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5741">#5741</a></li>
<li>Performance regression in <code>MeterRegistry#remove</code> with
many meters <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5466">#5466</a></li>
<li>Exponential histogram throws ArrayIndexOutOfBoundsException <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5740">#5740</a></li>
</ul>
<h2>🔨 Dependency Upgrades</h2>
<ul>
<li>Bump com.netflix.spectator:spectator-reg-atlas from 1.8.2 to 1.8.3
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5799">#5799</a></li>
<li>Bump software.amazon.awssdk:cloudwatch from 2.29.23 to 2.29.46 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5795">#5795</a></li>
<li>Bump io.prometheus:prometheus-metrics-bom from 1.3.4 to 1.3.5 <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5783">#5783</a></li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Polish <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5751">gh-5751</a>
<a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5760">#5760</a></li>
<li>Improve docs for same name with different tags <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5751">#5751</a></li>
<li>Document no support for meta-annotations with
<code>@Timed</code>/<code>@Counted</code> <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5737">#5737</a></li>
<li>Remove outdated warnings in docs for
<code>@Counted</code>/<code>@Timed</code> <a
href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5736">#5736</a></li>
</ul>
<h2>❤️ Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a href="https://github.com/cfredri4"><code>@​cfredri4</code></a> and
<a href="https://github.com/izeye"><code>@​izeye</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/73e792853555b21179d5db25643fb7bc845c6990"><code>73e7928</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/229a787699bbd535250417ccb26d7a8ec002bdca"><code>229a787</code></a>
Adds post release action; fixes <a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5805">gh-5805</a></li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/4c64ed526d85ee9c201f9ee7d61c139bad58e28f"><code>4c64ed5</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/d1c8045a866b0fec80f3ea694741598e1f8df456"><code>d1c8045</code></a>
Merge branch '1.12.x' into 1.13.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/5010e2dce9e32e60dd72c187d45d84c017793f62"><code>5010e2d</code></a>
Polish (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5759">#5759</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/96f6e5d5daeed2df8f277c764b730d25f7c1be08"><code>96f6e5d</code></a>
Polish 1c891c7 (<a
href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5804">#5804</a>)</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/521d57d2ef7d9b05d527167fc18bd7fa38399ddb"><code>521d57d</code></a>
Add a test verifying that a single character meter name is allowed for
Promet...</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/7e35196fe420c9b5734d83fe726a515d2f13d662"><code>7e35196</code></a>
Merge branch '1.13.x' into 1.14.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/819fa61569a70b3d3091871ca30ee46040b8dafa"><code>819fa61</code></a>
Merge branch '1.12.x' into 1.13.x</li>
<li><a
href="https://github.com/micrometer-metrics/micrometer/commit/be6f96225e92267b5c62a93919fa1d13c7bfeb11"><code>be6f962</code></a>
Handle all exceptions when getting/setting JMS headers</li>
<li>Additional commits viewable in <a
href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.2...v1.14.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.micrometer:micrometer-core&package-manager=gradle&previous-version=1.14.2&new-version=1.14.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 15:57:45 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bb99f9ff83 Bump com.opencsv:opencsv from 5.9 to 5.10 (#2696)
Bumps com.opencsv:opencsv from 5.9 to 5.10.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.opencsv:opencsv&package-manager=gradle&previous-version=5.9&new-version=5.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 15:51:33 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
cbaea9cca9 Bump docker/setup-qemu-action from 3.2.0 to 3.3.0 (#2692)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<ul>
<li>Add <code>cache-image</code> input to enable/disable caching of
binfmt image by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/130">docker/setup-qemu-action#130</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/172">docker/setup-qemu-action#172</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.49.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/187">docker/setup-qemu-action#187</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/182">docker/setup-qemu-action#182</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/162">docker/setup-qemu-action#162</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0">https://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/53851d14592bedcffcf25ea515637cff71ef929a"><code>53851d1</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/187">#187</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7066b9044fd67fae38ee3529e17c426aac7525b7"><code>7066b90</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/75590814eb9485acbd63532d603438ddfb35eab6"><code>7559081</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.35.0 to
0.49.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/08d11eb48130d5f1debe0b57b29eee10e3e7a0b8"><code>08d11eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/172">#172</a>
from docker/dependabot/npm_and_yarn/actions/core-1.11.1</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/e53506fe6c9a252f5a7137f8cc8b5d110f6d2aee"><code>e53506f</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/610b4428f91a439cb8fc96c1b66372f7ad6eaecc"><code>610b442</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/58a19f851cfcb4969c746f28b70e996e5f2baa2a"><code>58a19f8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/182">#182</a>
from docker/dependabot/npm_and_yarn/cross-spawn-7.0.6</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/49a12c4cc89e6dd0858487b98bed3df9fa825615"><code>49a12c4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/180">#180</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/2b8ac83d96d1cb342b1e7ed85695f93081100257"><code>2b8ac83</code></a>
ci: fix deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/fdbeaac5ff9cf5a81bfc642fc03727ea5a9dacd7"><code>fdbeaac</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/130">#130</a>
from crazy-max/cache-image</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-qemu-action/compare/49b3bc8e6bdd4a60e6116a5414239cba5943d3cf...53851d14592bedcffcf25ea515637cff71ef929a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 14:06:00 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bf0958f588 Bump docker/build-push-action from 6.10.0 to 6.11.0 (#2691)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.10.0 to 6.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.11.0</h2>
<ul>
<li>Handlebar <code>defaultContext</code> support for
<code>build-contexts</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1283">docker/build-push-action#1283</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.46.0 to 0.49.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1281">docker/build-push-action#1281</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0">https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/b32b51a8eda65d6793cd0494a773d4f6bcef32dc"><code>b32b51a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1281">#1281</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/594bf46f0f6d32fd8bd98a553127950004165c96"><code>594bf46</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1294">#1294</a>
from crazy-max/fix-e2e</li>
<li><a
href="https://github.com/docker/build-push-action/commit/fd37bd55af0b8c458ea0ff376ce151a332fa7aed"><code>fd37bd5</code></a>
ci(e2e): fix setup docker config</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e6478a2405f3527f33b93efb6857519c3ffd91f2"><code>e6478a2</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/78785bddff35ca36f384e0c6a8a367584317df9f"><code>78785bd</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.46.0 to
0.49.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/128779fed7edb034b3f8006e9dac81a8593c040e"><code>128779f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1283">#1283</a>
from crazy-max/named-context-handlebars</li>
<li><a
href="https://github.com/docker/build-push-action/commit/7e094594beda23fc8f21fa31049f4b203e51096b"><code>7e09459</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1282">#1282</a>
from crazy-max/remove-buildkit-5561</li>
<li><a
href="https://github.com/docker/build-push-action/commit/32ee877a58507615d974839965ef8e530d66362e"><code>32ee877</code></a>
Revert &quot;init buildkit-5561 workflow&quot;</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d1a4129c41bb3f92b731b33dc29cfe5f6cd9298f"><code>d1a4129</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/49c623eaf82513814393adabc13bf2535384d735"><code>49c623e</code></a>
handlebar defaultContext support for build-contexts input</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/48aba3b46d1b1fec4febb7c5d0c644b249a11355...b32b51a8eda65d6793cd0494a773d4f6bcef32dc">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.10.0&new-version=6.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 13:53:25 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0ae862a84a Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#2690)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.5.0 to 4.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Expose env vars to control concurrency and timeout by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/662">actions/upload-artifact#662</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.0">https://github.com/actions/upload-artifact/compare/v4...v4.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08"><code>65c4c4a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/662">#662</a>
from actions/yacaovsnc/add_variable_for_concurrency_a...</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/020761922861c5b0a0a9b98ae4adccf1f675862c"><code>0207619</code></a>
move files back to satisfy licensed ci</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/1ecca81102de35b6c140e930a09ea6144c27abf1"><code>1ecca81</code></a>
licensed cache updates</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/97422693d3a0493fc2d725fe8c0ac1c1097e9128"><code>9742269</code></a>
Expose env vars to controll concurrency and timeout</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/v4.5.0...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.5.0&new-version=4.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 13:50:14 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
672389d6b8 Bump github/codeql-action from 3.28.0 to 3.28.1 (#2693)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.0 to 3.28.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.1</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.1/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.8 - 12 Dec 2024</h2>
<ul>
<li>Fixed an issue where streaming the download and extraction of the
CodeQL bundle did not respect proxy settings. <a
href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li>
</ul>
<h2>3.27.7 - 10 Dec 2024</h2>
<ul>
<li>We are rolling out a change in December 2024 that will extract the
CodeQL bundle directly to the toolcache to improve performance. <a
href="https://redirect.github.com/github/codeql-action/pull/2631">#2631</a></li>
<li>Update default CodeQL bundle version to 2.20.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2636">#2636</a></li>
</ul>
<h2>3.27.6 - 03 Dec 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.19.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2626">#2626</a></li>
</ul>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.4 - 14 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.3 - 12 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.2 - 12 Nov 2024</h2>
<ul>
<li>Fixed an issue where setting up the CodeQL tools would sometimes
fail with the message &quot;Invalid value 'undefined' for header
'authorization'&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c"><code>b6a472f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2681">#2681</a>
from github/update-v3.28.1-ea6acbfea</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb999b434f581db70696c32bf01941ec0391c3cb"><code>bb999b4</code></a>
Update changelog for v3.28.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/ea6acbfeae40310725526bdaea16fb48c1f62be0"><code>ea6acbf</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2677">#2677</a>
from github/angelapwen/deprecate-action-v2</li>
<li><a
href="https://github.com/github/codeql-action/commit/4df151edec34bbfb2f213ed8b2dc74363baa69ca"><code>4df151e</code></a>
Merge branch 'main' into angelapwen/deprecate-action-v2</li>
<li><a
href="https://github.com/github/codeql-action/commit/a05a7eb09cb4faebee87507a854cbd429fbe6bc6"><code>a05a7eb</code></a>
Fix PR number in changenote</li>
<li><a
href="https://github.com/github/codeql-action/commit/8d2753b250830f4073d10fc13a3264a17ba82a20"><code>8d2753b</code></a>
Add public changelog blog post link</li>
<li><a
href="https://github.com/github/codeql-action/commit/e83e0a4f58f2ca25f7dd222e8689519a74bf26fc"><code>e83e0a4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2673">#2673</a>
from github/dependabot/npm_and_yarn/npm-877f465710</li>
<li><a
href="https://github.com/github/codeql-action/commit/b7ff30899f3f4aa6705d70c1456d7189e1b320ba"><code>b7ff308</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2678">#2678</a>
from github/update-bundle/codeql-bundle-v2.20.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/1aa16c2c36f41e9ce531bdcd2aa834171700e48d"><code>1aa16c2</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.20.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/fb65b6ce7884900fde5b15518bec92ad6875180e"><code>fb65b6c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2672">#2672</a>
from github/mbg/start-proxy/include-type-in-urls-output</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/48ab28a6f5dbc2a99bf1e0131198dd8f1df78169...b6a472f63d85b9c78a3ac5e89422239fc15e9b3c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.0&new-version=3.28.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 11:05:54 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
92401b9e7f Bump com.diffplug.spotless from 6.25.0 to 7.0.1 (#2630)
Bumps com.diffplug.spotless from 6.25.0 to 7.0.1.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.diffplug.spotless&package-manager=gradle&previous-version=6.25.0&new-version=7.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-12 15:59:46 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
a4c988c7b2 Bump gradle from 8.11-jdk17 to 8.12-jdk17 (#2556)
Bumps gradle from 8.11-jdk17 to 8.12-jdk17.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle&package-manager=docker&previous-version=8.11-jdk17&new-version=8.12-jdk17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-02 14:55:42 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5e173b92d4 Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (#2574)
Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.5 to 7.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.6</h2>
<p>⚙️ Fixes an issue with commit signing where unicode characters in
file paths were not preserved.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.1 to
0.38.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3365">peter-evans/create-pull-request#3365</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3370">peter-evans/create-pull-request#3370</a></li>
<li>build(deps): bump
<code>@​octokit/plugin-rest-endpoint-methods</code> from 13.2.4 to
13.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3375">peter-evans/create-pull-request#3375</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.50 to
18.19.54 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3376">peter-evans/create-pull-request#3376</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.3.3 to 11.3.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3377">peter-evans/create-pull-request#3377</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3388">peter-evans/create-pull-request#3388</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.54 to
18.19.55 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3400">peter-evans/create-pull-request#3400</a></li>
<li>build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3401">peter-evans/create-pull-request#3401</a></li>
<li>build(deps): bump
<code>@​octokit/plugin-rest-endpoint-methods</code> from 13.2.5 to
13.2.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3403">peter-evans/create-pull-request#3403</a></li>
<li>build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3402">peter-evans/create-pull-request#3402</a></li>
<li>build(deps): bump <code>@​octokit/plugin-throttling</code> from
9.3.1 to 9.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3404">peter-evans/create-pull-request#3404</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3423">peter-evans/create-pull-request#3423</a></li>
<li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3441">peter-evans/create-pull-request#3441</a></li>
<li>build(deps): bump undici from 6.19.8 to 6.20.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3442">peter-evans/create-pull-request#3442</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3451">peter-evans/create-pull-request#3451</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.55 to
18.19.58 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3457">peter-evans/create-pull-request#3457</a></li>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.13 to
29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3462">peter-evans/create-pull-request#3462</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.58 to
18.19.60 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3463">peter-evans/create-pull-request#3463</a></li>
<li>chore: don't bundle undici by <a
href="https://github.com/benmccann"><code>@​benmccann</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3475">peter-evans/create-pull-request#3475</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3478">peter-evans/create-pull-request#3478</a></li>
<li>chore: use node-fetch-native support for proxy env vars by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3483">peter-evans/create-pull-request#3483</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.60 to
18.19.64 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3488">peter-evans/create-pull-request#3488</a></li>
<li>build(deps-dev): bump undici from 6.20.1 to 6.21.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3499">peter-evans/create-pull-request#3499</a></li>
<li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.2 to
0.38.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3500">peter-evans/create-pull-request#3500</a></li>
<li>docs: note <code>push-to-repo</code> classic PAT
<code>workflow</code> scope requirement by <a
href="https://github.com/scop"><code>@​scop</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3511">peter-evans/create-pull-request#3511</a></li>
<li>docs: spelling fixes by <a
href="https://github.com/scop"><code>@​scop</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3512">peter-evans/create-pull-request#3512</a></li>
<li>build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3516">peter-evans/create-pull-request#3516</a></li>
<li>build(deps-dev): bump prettier from 3.3.3 to 3.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3517">peter-evans/create-pull-request#3517</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.64 to
18.19.66 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3518">peter-evans/create-pull-request#3518</a></li>
<li>docs(README): clarify that an existing open PR is managed by <a
href="https://github.com/caugner"><code>@​caugner</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3498">peter-evans/create-pull-request#3498</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3529">peter-evans/create-pull-request#3529</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.3.5 to 11.3.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3542">peter-evans/create-pull-request#3542</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.66 to
18.19.67 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3543">peter-evans/create-pull-request#3543</a></li>
<li>build(deps-dev): bump prettier from 3.4.0 to 3.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3544">peter-evans/create-pull-request#3544</a></li>
<li>build(deps-dev): bump eslint-import-resolver-typescript from 3.6.3
to 3.7.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3559">peter-evans/create-pull-request#3559</a></li>
<li>build(deps-dev): bump prettier from 3.4.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3560">peter-evans/create-pull-request#3560</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.67 to
18.19.68 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3570">peter-evans/create-pull-request#3570</a></li>
<li>build(deps): bump p-limit from 6.1.0 to 6.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3578">peter-evans/create-pull-request#3578</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3583">peter-evans/create-pull-request#3583</a></li>
<li>fix: preserve unicode in filepaths when commit signing by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3588">peter-evans/create-pull-request#3588</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benmccann"><code>@​benmccann</code></a>
made their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3475">peter-evans/create-pull-request#3475</a></li>
<li><a href="https://github.com/scop"><code>@​scop</code></a> made their
first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3511">peter-evans/create-pull-request#3511</a></li>
<li><a href="https://github.com/caugner"><code>@​caugner</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3498">peter-evans/create-pull-request#3498</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f"><code>67ccf78</code></a>
fix: preserve unicode in filepaths when commit signing (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3588">#3588</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/bb88e27d3f9cc69c8bc689eba126096c6fe3dded"><code>bb88e27</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3583">#3583</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b378ed537a3374cbb7642141277ace10488f9318"><code>b378ed5</code></a>
build(deps): bump p-limit from 6.1.0 to 6.2.0 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3578">#3578</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/fa9200e5b4f0d3fe4adc6d4a980fdb27ca333ed2"><code>fa9200e</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.67 to
18.19.68 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3570">#3570</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/16e0059bfd236716f0191bfcfa63d9ded4cf325f"><code>16e0059</code></a>
build(deps-dev): bump prettier from 3.4.1 to 3.4.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3560">#3560</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/5bffd5ae80c9e3cdce3fdaba74ba437193643add"><code>5bffd5a</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3559">#3559</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a22a0ddc2127a4161a9f144623d1e51be98d81aa"><code>a22a0dd</code></a>
build(deps-dev): bump prettier from 3.4.0 to 3.4.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3544">#3544</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b27ce378c8a71596550fb729c05c9a998f8ff26f"><code>b27ce37</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.66 to
18.19.67 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3543">#3543</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/4e0cc19e22f9071762b3542aa9fa90a1d682dd32"><code>4e0cc19</code></a>
build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.3.5 to 11.3.6 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3542">#3542</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/25b6871a4ebe4c3585f47c7a687ac6fd0ec0e32d"><code>25b6871</code></a>
docs: update scopes for push-to-fork</li>
<li>Additional commits viewable in <a
href="https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.5&new-version=7.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-02 14:24:04 +00:00
dependabot[bot]andGitHub 226cbe1a8e Bump ossf/scorecard-action from 2.3.3 to 2.4.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...62b2cac7ed8198b15735ed49ab1e5cf35480ba46)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 13:51:06 +00:00
dependabot[bot]andGitHub e7f2576857 Bump softprops/action-gh-release from 2.0.9 to 2.2.0
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.9 to 2.2.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8...7b4da11513bf3f43f9999e90eabced41ab8bb048)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 13:02:26 +00:00
dependabot[bot]andGitHub c877f122c4 Bump crazy-max/ghaction-github-labeler from 5.0.0 to 5.1.0
Bumps [crazy-max/ghaction-github-labeler](https://github.com/crazy-max/ghaction-github-labeler) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/crazy-max/ghaction-github-labeler/releases)
- [Commits](https://github.com/crazy-max/ghaction-github-labeler/compare/de749cf181958193cb7debf1a9c5bb28922f3e1b...b54af0c25861143e7c8813d7cbbf46d2c341680c)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-github-labeler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 13:02:23 +00:00
dependabot[bot]andGitHub b8466c2b97 Bump org.springframework.boot from 3.4.0 to 3.4.1
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 12:38:15 +00:00
dependabot[bot]andGitHub 1006aa110e Bump io.spring.dependency-management from 1.1.6 to 1.1.7
Bumps [io.spring.dependency-management](https://github.com/spring-gradle-plugins/dependency-management-plugin) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/spring-gradle-plugins/dependency-management-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/dependency-management-plugin/compare/v1.1.6...v1.1.7)

---
updated-dependencies:
- dependency-name: io.spring.dependency-management
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 12:38:00 +00:00
dependabot[bot]andGitHub daae6bfd3e Bump springBootVersion from 3.4.0 to 3.4.1
Bumps `springBootVersion` from 3.4.0 to 3.4.1.

Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-starter-security` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.session:spring-session-core` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-session/releases)
- [Changelog](https://github.com/spring-projects/spring-session/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-projects/spring-session/compare/3.4.0...3.4.1)

Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

Updates `org.springframework.boot:spring-boot-devtools` from 3.4.0 to 3.4.1
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-web
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-jetty
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-thymeleaf
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-security
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-data-jpa
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-oauth2-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.session:spring-session-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-test
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-actuator
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-devtools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 12:37:52 +00:00
dependabot[bot]andGitHub 1795d5764a Bump gradle from 8.11-jdk17 to 8.12-jdk17
Bumps gradle from 8.11-jdk17 to 8.12-jdk17.

---
updated-dependencies:
- dependency-name: gradle
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-21 12:37:29 +00:00
dependabot[bot]andGitHub d672ad22bc Bump org.springframework:spring-webmvc from 6.2.0 to 6.2.1
Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.0...v6.2.1)

---
updated-dependencies:
- dependency-name: org.springframework:spring-webmvc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-17 10:26:24 +00:00
dependabot[bot]andGitHub bbedf22678 Bump io.micrometer:micrometer-core from 1.14.1 to 1.14.2
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.14.1 to 1.14.2.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.1...v1.14.2)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-17 10:24:19 +00:00
dependabot[bot]andGitHub d74c521bc0 Bump org.springframework.security:spring-security-saml2-service-provider
Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-projects/spring-security/compare/6.4.1...6.4.2)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-saml2-service-provider
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-17 10:22:25 +00:00
dependabot[bot]andGitHub be3cbcc7cd Bump io.github.pixee:java-security-toolkit from 1.2.0 to 1.2.1
Bumps [io.github.pixee:java-security-toolkit](https://github.com/pixee/java-security-toolkit) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/pixee/java-security-toolkit/releases)
- [Commits](https://github.com/pixee/java-security-toolkit/compare/v1.2.0...1.2.1)

---
updated-dependencies:
- dependency-name: io.github.pixee:java-security-toolkit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-17 10:20:25 +00:00
dependabot[bot]andGitHub 83ddfdf152 Bump alpine from 3.20.3 to 3.21.0
Bumps alpine from 3.20.3 to 3.21.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-12 11:29:57 +00:00
dependabot[bot]andGitHub 52693541d9 Bump org.thymeleaf.extras:thymeleaf-extras-springsecurity5
Bumps org.thymeleaf.extras:thymeleaf-extras-springsecurity5 from 3.1.2.RELEASE to 3.1.3.RELEASE.

---
updated-dependencies:
- dependency-name: org.thymeleaf.extras:thymeleaf-extras-springsecurity5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
2024-12-09 22:44:23 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
86fa404c90 Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#2333)
Bumps commons-io:commons-io from 2.17.0 to 2.18.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-26 20:38:51 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
8445f2719b Bump org.springframework:spring-webmvc from 6.1.14 to 6.2.0 (#2268)
Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.1.14 to 6.2.0.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.14...v6.2.0)

---
updated-dependencies:
- dependency-name: org.springframework:spring-webmvc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2024-11-24 14:36:30 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b14fba064d Bump org.springframework.security:spring-security-saml2-service-provider from 6.3.4 to 6.4.1 (#2296)
Bump org.springframework.security:spring-security-saml2-service-provider

Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.3.4 to 6.4.1.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-projects/spring-security/compare/6.3.4...6.4.1)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-saml2-service-provider
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-22 09:19:58 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6d3f14375e Bump bouncycastleVersion from 1.78.1 to 1.79 (#2177)
Bumps `bouncycastleVersion` from 1.78.1 to 1.79.

Updates `org.bouncycastle:bcprov-jdk18on` from 1.78.1 to 1.79
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

Updates `org.bouncycastle:bcpkix-jdk18on` from 1.78.1 to 1.79
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

---
updated-dependencies:
- dependency-name: org.bouncycastle:bcprov-jdk18on
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.bouncycastle:bcpkix-jdk18on
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-22 09:06:30 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
888aec5701 Bump io.micrometer:micrometer-core from 1.13.6 to 1.14.1 (#2253)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.6 to 1.14.1.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.6...v1.14.1)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-22 09:06:16 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
92e7e85e77 Bump gradle from 8.7-jdk17 to 8.11-jdk17 (#2269)
* Bump gradle from 8.7-jdk17 to 8.11-jdk17

Bumps gradle from 8.7-jdk17 to 8.11-jdk17.

---
updated-dependencies:
- dependency-name: gradle
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update gradle-wrapper.properties

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2024-11-22 09:02:22 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8eab35761d Bump org.projectlombok:lombok from 1.18.34 to 1.18.36 (#2266)
Bumps [org.projectlombok:lombok](https://github.com/projectlombok/lombok) from 1.18.34 to 1.18.36.
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](https://github.com/projectlombok/lombok/compare/v1.18.34...v1.18.36)

---
updated-dependencies:
- dependency-name: org.projectlombok:lombok
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 23:16:31 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4a9b16ff8f Bump org.springframework.security:spring-security-saml2-service-provider from 6.3.3 to 6.3.4 (#2052)
Bump org.springframework.security:spring-security-saml2-service-provider

Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-projects/spring-security/compare/6.3.3...6.3.4)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-saml2-service-provider
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-30 12:58:47 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
a9ccd85e75 Bump org.springframework.boot from 3.3.4 to 3.3.5 (#2118)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.3.4 to 3.3.5.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-28 23:19:59 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6f407f1d2f Bump springBootVersion from 3.3.4 to 3.3.5 (#2117)
Bumps `springBootVersion` from 3.3.4 to 3.3.5.

Updates `org.springframework.boot:spring-boot-starter-web` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-security` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-test` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

Updates `org.springframework.boot:spring-boot-devtools` from 3.3.4 to 3.3.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.4...v3.3.5)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-web
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-jetty
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-thymeleaf
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-security
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-data-jpa
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-oauth2-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-test
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-actuator
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-devtools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-28 23:19:36 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
899f3d267b Bump org.commonmark:commonmark from 0.23.0 to 0.24.0 (#2054)
Bumps [org.commonmark:commonmark](https://github.com/commonmark/commonmark-java) from 0.23.0 to 0.24.0.
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.23.0...commonmark-parent-0.24.0)

---
updated-dependencies:
- dependency-name: org.commonmark:commonmark
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-22 00:21:14 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
88c0a9e26b Bump org.springframework:spring-webmvc from 6.1.13 to 6.1.14 (#2053)
Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.1.13 to 6.1.14.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.13...v6.1.14)

---
updated-dependencies:
- dependency-name: org.springframework:spring-webmvc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-22 00:19:52 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dc6cec9daf Bump org.commonmark:commonmark-ext-gfm-tables from 0.23.0 to 0.24.0 (#2055)
Bumps [org.commonmark:commonmark-ext-gfm-tables](https://github.com/commonmark/commonmark-java) from 0.23.0 to 0.24.0.
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.23.0...commonmark-parent-0.24.0)

---
updated-dependencies:
- dependency-name: org.commonmark:commonmark-ext-gfm-tables
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-22 00:19:14 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
094ed12b85 Bump io.micrometer:micrometer-core from 1.13.4 to 1.13.6 (#2019)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.4 to 1.13.6.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.4...v1.13.6)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-17 23:48:53 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fe92f99093 Bump org.apache.xmlgraphics:batik-all from 1.17 to 1.18 (#2018)
Bumps org.apache.xmlgraphics:batik-all from 1.17 to 1.18.

---
updated-dependencies:
- dependency-name: org.apache.xmlgraphics:batik-all
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-17 23:48:41 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
46a6a585a9 Bump imageioVersion from 3.11.0 to 3.12.0 (#1998)
Bumps `imageioVersion` from 3.11.0 to 3.12.0.

Updates `com.twelvemonkeys.imageio:imageio-batik` from 3.11.0 to 3.12.0

Updates `com.twelvemonkeys.imageio:imageio-bmp` from 3.11.0 to 3.12.0

Updates `com.twelvemonkeys.imageio:imageio-jpeg` from 3.11.0 to 3.12.0

Updates `com.twelvemonkeys.imageio:imageio-tiff` from 3.11.0 to 3.12.0

Updates `com.twelvemonkeys.imageio:imageio-webp` from 3.11.0 to 3.12.0

---
updated-dependencies:
- dependency-name: com.twelvemonkeys.imageio:imageio-batik
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.twelvemonkeys.imageio:imageio-bmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.twelvemonkeys.imageio:imageio-jpeg
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.twelvemonkeys.imageio:imageio-tiff
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.twelvemonkeys.imageio:imageio-webp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-17 23:48:06 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
da988e8127 Bump org.springframework.boot from 3.3.3 to 3.3.4 (#1954)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.3.3 to 3.3.4.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-25 13:46:46 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9b96367496 Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#1955)
Bumps commons-io:commons-io from 2.16.1 to 2.17.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-24 13:27:46 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3ded6de576 Bump springBootVersion from 3.3.3 to 3.3.4 (#1953)
Bumps `springBootVersion` from 3.3.3 to 3.3.4.

Updates `org.springframework.boot:spring-boot-starter-web` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-security` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-test` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

Updates `org.springframework.boot:spring-boot-devtools` from 3.3.3 to 3.3.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.3...v3.3.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-web
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-jetty
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-thymeleaf
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-security
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-data-jpa
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-oauth2-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-test
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-actuator
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-devtools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-24 13:27:37 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f72e5c8bca Bump org.commonmark:commonmark from 0.22.0 to 0.23.0 (#1922)
Bumps [org.commonmark:commonmark](https://github.com/commonmark/commonmark-java) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.22.0...commonmark-parent-0.23.0)

---
updated-dependencies:
- dependency-name: org.commonmark:commonmark
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-20 23:25:56 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
936f36f171 Bump org.springframework:spring-webmvc from 6.1.9 to 6.1.13 (#1921)
Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.1.9 to 6.1.13.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.9...v6.1.13)

---
updated-dependencies:
- dependency-name: org.springframework:spring-webmvc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-20 23:25:39 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
0045fe852b Bump com.fathzer:javaluator from 3.0.4 to 3.0.5 (#1867)
Bumps [com.fathzer:javaluator](https://github.com/fathzer/javaluator) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/fathzer/javaluator/releases)
- [Commits](https://github.com/fathzer/javaluator/compare/v3.0.4...v3.0.5)

---
updated-dependencies:
- dependency-name: com.fathzer:javaluator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 11:18:24 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
7d46d61d9e Bump io.micrometer:micrometer-core from 1.13.3 to 1.13.4 (#1866)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.3 to 1.13.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.3...v1.13.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 11:14:30 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6410a99cf3 Bump alpine from 3.20.2 to 3.20.3 (#1865)
Bumps alpine from 3.20.2 to 3.20.3.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-09 23:47:16 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c1a01ac283 Bump org.springframework.boot from 3.3.2 to 3.3.3 (#1764)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-27 10:56:44 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c42fbbbf8c Bump springBootVersion from 3.3.2 to 3.3.3 (#1763)
Bumps `springBootVersion` from 3.3.2 to 3.3.3.

Updates `org.springframework.boot:spring-boot-starter-web` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-security` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-test` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

Updates `org.springframework.boot:spring-boot-devtools` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.2...v3.3.3)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-web
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-jetty
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-thymeleaf
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-security
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-data-jpa
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-oauth2-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-test
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-starter-actuator
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-devtools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-27 10:56:37 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e693bbb2bd Bump com.bucket4j:bucket4j_jdk17-core from 8.13.1 to 8.14.0 (#1720)
Bumps [com.bucket4j:bucket4j_jdk17-core](https://github.com/bucket4j/bucket4j) from 8.13.1 to 8.14.0.
- [Release notes](https://github.com/bucket4j/bucket4j/releases)
- [Commits](https://github.com/bucket4j/bucket4j/commits/8.14.0)

---
updated-dependencies:
- dependency-name: com.bucket4j:bucket4j_jdk17-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-20 10:55:00 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
05efcedea8 Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 (#1685)
* Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7

Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.6 to 1.5.7.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.6...v_1.5.7)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update build.gradle

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2024-08-16 12:03:59 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
29f43c010e Bump io.micrometer:micrometer-core from 1.13.0 to 1.13.3 (#1689)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.0 to 1.13.3.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.0...v1.13.3)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2024-08-16 11:51:40 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
851b43fadf Bump com.github.jk1.dependency-license-report from 2.8 to 2.9 (#1690)
Bumps com.github.jk1.dependency-license-report from 2.8 to 2.9.

---
updated-dependencies:
- dependency-name: com.github.jk1.dependency-license-report
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-16 00:04:43 +02:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d5ac560452 Bump org.apache.pdfbox:pdfbox from 3.0.2 to 3.0.3 (#1691)
Bumps org.apache.pdfbox:pdfbox from 3.0.2 to 3.0.3.

---
updated-dependencies:
- dependency-name: org.apache.pdfbox:pdfbox
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 23:57:45 +02:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4ea323b879 Bump edu.sc.seis.launch4j from 3.0.5 to 3.0.6 (#1686)
Bumps edu.sc.seis.launch4j from 3.0.5 to 3.0.6.

---
updated-dependencies:
- dependency-name: edu.sc.seis.launch4j
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 21:41:03 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5c84ae1b53 Bump org.springframework:spring-webmvc from 6.1.9 to 6.1.12 (#1680)
Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.1.9 to 6.1.12.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.9...v6.1.12)

---
updated-dependencies:
- dependency-name: org.springframework:spring-webmvc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 21:36:26 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
96a8898c15 Bump com.bucket4j:bucket4j_jdk17-core from 8.12.1 to 8.13.1 (#1683)
Bumps [com.bucket4j:bucket4j_jdk17-core](https://github.com/bucket4j/bucket4j) from 8.12.1 to 8.13.1.
- [Release notes](https://github.com/bucket4j/bucket4j/releases)
- [Commits](https://github.com/bucket4j/bucket4j/commits)

---
updated-dependencies:
- dependency-name: com.bucket4j:bucket4j_jdk17-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 21:34:04 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1cca13334e Bump org.projectlombok:lombok from 1.18.32 to 1.18.34 (#1684)
Bumps [org.projectlombok:lombok](https://github.com/projectlombok/lombok) from 1.18.32 to 1.18.34.
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](https://github.com/projectlombok/lombok/compare/v1.18.32...v1.18.34)

---
updated-dependencies:
- dependency-name: org.projectlombok:lombok
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 23:31:57 +02:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
264763dd4c Bump io.github.pixee:java-security-toolkit from 1.1.3 to 1.2.0 (#1667)
Bumps [io.github.pixee:java-security-toolkit](https://github.com/pixee/java-security-toolkit) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/pixee/java-security-toolkit/releases)
- [Commits](https://github.com/pixee/java-security-toolkit/compare/v1.1.3...v1.2.0)

---
updated-dependencies:
- dependency-name: io.github.pixee:java-security-toolkit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 22:01:41 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
eafbfb8dbf Bump org.apache.pdfbox:xmpbox from 3.0.2 to 3.0.3 (#1670)
Bumps org.apache.pdfbox:xmpbox from 3.0.2 to 3.0.3.

---
updated-dependencies:
- dependency-name: org.apache.pdfbox:xmpbox
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 22:01:03 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
771b312ee8 Bump com.twelvemonkeys.imageio:imageio-tiff from 3.10.1 to 3.11.0 (#1503)
* Bump com.twelvemonkeys.imageio:imageio-tiff from 3.10.1 to 3.11.0

Bumps com.twelvemonkeys.imageio:imageio-tiff from 3.10.1 to 3.11.0.

---
updated-dependencies:
- dependency-name: com.twelvemonkeys.imageio:imageio-tiff
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update build.gradle

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2024-08-08 21:33:14 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
d65a637a46 Bump alpine from 3.20.0 to 3.20.1 (#1505)
* Bump alpine from 3.20.0 to 3.20.1

Bumps alpine from 3.20.0 to 3.20.1.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update Dockerfile

* Update Dockerfile-fat

* Update Dockerfile-ultra-lite

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2024-08-08 20:49:56 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ce70796fff Bump org.mockito:mockito-inline from 3.12.4 to 5.2.0 (#1635)
Bumps [org.mockito:mockito-inline](https://github.com/mockito/mockito) from 3.12.4 to 5.2.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v3.12.4...v5.2.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-inline
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-06 09:10:14 +01:00