[PF-2987]: Bump the minor-patch-dependencies group with 19 updates

[dependabot]

Bumps the minor-patch-dependencies group with 19 updates:

Package	From	To
com.google.cloud:libraries-bom	26.0.0	26.33.0
org.apache.commons:commons-dbcp2	2.9.0	2.11.0
org.apache.commons:commons-pool2	2.11.1	2.12.0
org.apache.commons:commons-lang3	3.12.0	3.14.0
com.fasterxml.jackson.core:jackson-databind	2.13.4	2.16.1
com.fasterxml.jackson.datatype:jackson-datatype-guava	2.13.4	2.16.1
com.fasterxml.jackson.datatype:jackson-datatype-jdk8	2.13.4	2.16.1
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	2.13.4	2.16.1
com.fasterxml.jackson.module:jackson-module-parameter-names	2.13.4	2.16.1
com.fasterxml.jackson.core:jackson-core	2.13.4	2.16.1
com.fasterxml.jackson.datatype:jackson-datatype-guava	2.13.4	2.16.1
com.fasterxml.jackson.datatype:jackson-datatype-jdk8	2.13.4	2.16.1
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	2.13.4	2.16.1
com.fasterxml.jackson.module:jackson-module-parameter-names	2.13.4	2.16.1
org.openapitools:jackson-databind-nullable	0.2.3	0.2.6
org.liquibase:liquibase-core	4.8.0	4.26.0
org.postgresql:postgresql	42.5.0	42.7.2
commons-io:commons-io	2.11.0	2.15.1
com.fasterxml.jackson.core:jackson-core	2.13.4	2.16.1
io.spring.dependency-management	1.0.13.RELEASE	1.1.4
com.azure:azure-messaging-servicebus	7.14.0-beta.1	7.15.1
com.azure:azure-identity	1.10.4	1.11.2
org.mockito:mockito-junit-jupiter	5.7.0	5.10.0
com.diffplug.spotless:spotless-plugin-gradle	6.10.0	6.25.0

Updates com.google.cloud:libraries-bom from 26.0.0 to 26.33.0

Release notes

Sourced from com.google.cloud:libraries-bom's releases.

v26.33.0

GCP Libraries BOM 26.33.0

Here are the differences from the previous version (26.32.0)

New Addition

• com.google.cloud:google-cloud-securityposture:0.1.0

The group ID of the following artifacts is com.google.cloud.

Notable Changes

google-cloud-bigquerystorage 3.2.0 (prev: 3.1.0)

• Introduce MaximumRequestCallbackWaitTimeExceededException (#2401) (0dbbfb8)

• Add client id and update trace id population for StreamWriter and JsonWriter (#2389) (4258af4)

google-cloud-bigtable 2.34.0 (prev: 2.33.0)

• Add the export logic for per-connection error rate metric (#2121) (d053f2d)
• Create the backbone of counting errors per connection each minute. (#2094) (7d27816)

google-cloud-firestore 3.17.0 (prev: 3.16.3)

• Add an API method for reordering firewall policies (#1572) (60d8ab1)

• Transactions with readTime will omit begin and commit transaction requests, and instead pass readTime on individual read requests. (#1565) (d5fb01a)

google-cloud-logging 3.16.0 (prev: 3.15.17)

• Add an API method for reordering firewall policies (#1538) (9cd6b96)

google-cloud-pubsublite 1.13.0 (prev: 1.12.22)

• Add an API method for reordering firewall policies (#1587) (f920e08)

google-cloud-spanner 6.60.0 (prev: 6.58.0)

• Support public methods to use autogenerated admin clients. (#2878) (53bcb3e)

• Add an API method for reordering firewall policies (62319f0)

• spanner: Add field for multiplexed session in spanner.proto (62319f0)

• Update TransactionOptions to include new option exclude_txn_from_change_streams (#2853) (62319f0)

• Add ensureDecoded to proto type (#2897) (e99b78c)

• spanner: Fix write replace used by dataflow template and import export (#2901) (64b9042)

google-cloud-storage 2.34.0 (prev: 2.33.0)

• Enable automatic retries for create RenameFolder LRO in Storage Control API (#2410) (b0450b8)

Other libraries

• [aiplatform] Add Grounding feature to PredictionService.GenerateContent (#10358) (0ee1383)
• [documentai] A new field schema_override is added to message ProcessOptions (#10386) (728f841)

... (truncated)

Commits

• 7f54231 chore: release main (#6441)
• 9ab47cf deps: update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.15.5...
• 33b7b5a deps: update dependency com.google.googlejavaformat:google-java-format to v1....
• 6c8eaf2 deps: update dependency com.google.cloud:google-cloud-spanner-bom to v6.60.0 ...
• a5a4258 deps: update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.13...
• 6fe6069 deps: update dependency com.google.cloud:google-cloud-logging-bom to v3.16.0 ...
• 90fda7d deps: update dependency com.google.cloud:google-cloud-firestore-bom to v3.17....
• d40b4f9 deps: update dependency com.google.cloud:google-cloud-bigtable-bom to v2.34.0...
• 31cdb19 deps: update dependency com.google.cloud:google-cloud-bigquerystorage-bom to ...
• a453127 deps: update actions/setup-node action to v4 (#6456)
• Additional commits viewable in compare view

Updates org.apache.commons:commons-dbcp2 from 2.9.0 to 2.11.0

Updates org.apache.commons:commons-pool2 from 2.11.1 to 2.12.0

Updates org.apache.commons:commons-lang3 from 3.12.0 to 3.14.0

Updates com.fasterxml.jackson.core:jackson-databind from 2.13.4 to 2.16.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-guava from 2.13.4 to 2.16.1

Commits

• 992dcc0 [maven-release-plugin] prepare release jackson-datatypes-collections-2.16.1
• fd301d0 Prepare for 2.16.1 release
• 1c23a46 Back to snapshot deps
• 000103c [maven-release-plugin] prepare for next development iteration
• 5f53d9c [maven-release-plugin] prepare release jackson-datatypes-collections-2.16.0
• 21fa527 Prepare for 2.16.0 release
• 47f45b3 Back to snapshot dep
• 2be7672 [maven-release-plugin] prepare for next development iteration
• 4865cea [maven-release-plugin] prepare release jackson-datatypes-collections-2.16.0-rc1
• e065f81 Prepare for 2.16.0-rc1 release
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jdk8 from 2.13.4 to 2.16.1

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.13.4 to 2.16.1

Updates com.fasterxml.jackson.module:jackson-module-parameter-names from 2.13.4 to 2.16.1

Commits

• e441da3 [maven-release-plugin] prepare release jackson-modules-java8-2.16.1
• 2372576 ...
• 03a640c Prepare for 2.16.1 release
• cb18524 Fix #286; add back InstantDeserializer constructor from 2.15, deprecated (#290)
• 9d93af4 Fix #288: consider custom serializer additions via JavaTimeModule (#289)
• badd731 Back to snapshot deps
• a440eb2 [maven-release-plugin] prepare for next development iteration
• e4aa4b1 [maven-release-plugin] prepare release jackson-modules-java8-2.16.0
• e2231df Prepare for 2.16.0 release
• ea1fc92 Add feature toggle to read numeric strings as numeric timestamps (#269)
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.13.4 to 2.16.1

Commits

• 249716c [maven-release-plugin] prepare release jackson-core-2.16.1
• 125f5b2 Prepare for 2.16.1 release
• 1928b07 Minor test improvements
• aa5c887 Minor tweaking post-merge wrt #1175
• 9fb3f21 Add failing tests for #1173: parse error location (#1175)
• 4eb4539 Backport #1168 in 2.16(.1)
• 571d4ae Merge branch '2.15' into 2.16
• 8f37646 Update release notes wrt #1161 backport
• 8f2f04e fastdoubleparser 1.0.0 (#1163) (#1166)
• 7f1c619 Update release notes wrt #1161
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-guava from 2.13.4 to 2.16.1

Commits

• 992dcc0 [maven-release-plugin] prepare release jackson-datatypes-collections-2.16.1
• fd301d0 Prepare for 2.16.1 release
• 1c23a46 Back to snapshot deps
• 000103c [maven-release-plugin] prepare for next development iteration
• 5f53d9c [maven-release-plugin] prepare release jackson-datatypes-collections-2.16.0
• 21fa527 Prepare for 2.16.0 release
• 47f45b3 Back to snapshot dep
• 2be7672 [maven-release-plugin] prepare for next development iteration
• 4865cea [maven-release-plugin] prepare release jackson-datatypes-collections-2.16.0-rc1
• e065f81 Prepare for 2.16.0-rc1 release
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jdk8 from 2.13.4 to 2.16.1

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.13.4 to 2.16.1

Updates com.fasterxml.jackson.module:jackson-module-parameter-names from 2.13.4 to 2.16.1

Commits

• e441da3 [maven-release-plugin] prepare release jackson-modules-java8-2.16.1
• 2372576 ...
• 03a640c Prepare for 2.16.1 release
• cb18524 Fix #286; add back InstantDeserializer constructor from 2.15, deprecated (#290)
• 9d93af4 Fix #288: consider custom serializer additions via JavaTimeModule (#289)
• badd731 Back to snapshot deps
• a440eb2 [maven-release-plugin] prepare for next development iteration
• e4aa4b1 [maven-release-plugin] prepare release jackson-modules-java8-2.16.0
• e2231df Prepare for 2.16.0 release
• ea1fc92 Add feature toggle to read numeric strings as numeric timestamps (#269)
• Additional commits viewable in compare view

Updates org.openapitools:jackson-databind-nullable from 0.2.3 to 0.2.6

Release notes

Sourced from org.openapitools:jackson-databind-nullable's releases.

v0.2.6 released

What's Changed

• Fix broken unwrap bean validation and adapt tests by @​MelleD in OpenAPITools/jackson-databind-nullable#50

New Contributors

• @​MelleD made their first contribution in OpenAPITools/jackson-databind-nullable#50

Full Changelog: OpenAPITools/jackson-databind-nullable@v0.2.5...v0.2.6

v0.2.5 released

What's Changed

• Add support for Collection in the JsonNullableValueExtractor by @​tofi86 in OpenAPITools/jackson-databind-nullable#35
• minor optimizations and simplifications to JsonNullable by @​bratkartoffel in OpenAPITools/jackson-databind-nullable#43
• Add support for jakarta-validation by @​bratkartoffel in OpenAPITools/jackson-databind-nullable#42
• Add "Automatic-Module-Name" to manifest, fix usage as java 9+ module by @​bratkartoffel in OpenAPITools/jackson-databind-nullable#41

New Contributors

• @​tofi86 made their first contribution in OpenAPITools/jackson-databind-nullable#35
• @​bratkartoffel made their first contribution in OpenAPITools/jackson-databind-nullable#43

Full Changelog: OpenAPITools/jackson-databind-nullable@v0.2.4...v0.2.5

v0.2.4 released

What's Changed

• Fix CVE-2022-42003 by @​animalet in OpenAPITools/jackson-databind-nullable#37

New Contributors

• @​animalet made their first contribution in OpenAPITools/jackson-databind-nullable#37

Full Changelog: OpenAPITools/jackson-databind-nullable@v0.2.3...v0.2.4

Commits

• 8861f83 prepare 0.2.6 snapshot, update readme
• 3f9974f Fix broken unwrap bean validation and adapt tests (#50)
• 7812ac5 Add "Automatic-Module-Name" to manifest, fix usage as java 9+ module (#41)
• 51ea164 Add "Automatic-Module-Name" to manifest, fix usage as java 9+ module (#41)
• f70a463 Add support for jakarta-validation (#42)
• 4485fd1 minor optimizations and simplifications to JsonNullable (#43)
• 8bab929 #34 adds support for Collection<JsonNullable> in the JsonNullableValueExtr...
• 74c0a2b set to 0.2.5-SNAPSHOT version
• d9870f7 set version to 0.2.4
• 9c725ff update hibernate-validator to 6.2.5.Final
• Additional commits viewable in compare view

Updates org.liquibase:liquibase-core from 4.8.0 to 4.26.0

Release notes

Sourced from org.liquibase:liquibase-core's releases.

Liquibase v4.26.0

Liquibase 4.26.0 is a major release

[!IMPORTANT] Liquibase 4.26.0 contains several Notable Changes for Liquibase Pro users: Advanced IF conditionals, Simpler Regex-based pattern checks, and Checks Run Reports.

[!NOTE] See the Liquibase 4.26.0 Release Notes for the complete set of release information.

Notable Changes

Liquibase Pro

Liquibase Flow: Advanced IF conditionals

• In Liquibase flow files, use AND (&&), OR (||), and NOT (!) logic options, in single or grouped conditions, as well as substring matching and checking if a key or file exists.
• Learn more https://docs.liquibase.com/flow

Quality Checks: Simpler Regex-based pattern checks

• Check four advanced patterns without having to figure out the complicated regex needed to do it—just supply the patterns and Quality Checks will link and execute them.
• Learn more https://docs.liquibase.com/quality-checks

Observability: Checks Run Reports

• Understand and share the data on the execution of Quality Checks with a new Checks Run Report. Easily scan and understand your results with the summary section, Analyze your checks by viewing details by ChangeSet, by check, and by database. And collaborate with your team with shareable report.
• Learn more https://docs.liquibase.com/observability

Formatted SQL changelogs can use rollback scripts

• Previously, Formatted SQL ChangeLogs could only run in-line rollback commands. But, sometimes you need something more complex, like a full rollbackSqlFile. This functionality has been available for XML, JSON, and YAML formatted changelogs.
• Learn more https://docs.liquibase.com/concepts/changelogs/sql-format.html

Liquibase Open Source and Liquibase Pro

Liquibase capability enhancements

• The diffChangeLog command has been updated only to create a changelog when changes are detected. This is a change from the previous behavior of creating an empty changelog.
• Adds new generateChangelog options:
  • --run-on-change-types=createView,createProcedure will set runOnChange="true" for each changeSet which contains solely createView and createProcedure changes. For backward compatibility, the default is an empty list.
  • --replace-if-exists=createView,createProcedure will set replaceIfExists="true" for each createView and createProcedure changes. For backward compatibility, the default is an empty list.
• Fix a bug that previously included substituted properties in the checksum calculation for SQLFile change types

JDBC driver updates

• MariaDB JDBC driver updated from 3.2.0 to 3.3.2
• Snowflake JDBC driver updated from 3.14.3 to 3.14.4
• Firebird SQL JDBC driver updated from 5.0.2.java8 to 5.0.3.java8
• SQLite JDBC driver updated from 3.43.2.2 to 3.44.1.0

Database platform improvements

General

• Adds create table if not exists support for the following databases: CockroachDB, DB2 LUW, H2, HSQL, Informix, Ingres9, MariaDB, MySQL, Postgres, and SQLite.
• Fix the generated default column value in PostgreSQL and Oracle for char/clob data types.

Maria DB

• Adds Liquibase support for Maria DB 10.10.6 and later's new UUID data type.

... (truncated)

Changelog

Sourced from org.liquibase:liquibase-core's changelog.

Liquibase 4.26.0 is a major release

[!IMPORTANT] Liquibase 4.26.0 contains several Notable Changes for Liquibase Pro users: Advanced IF conditionals, Simpler Regex-based pattern checks, and Checks Run Reports.

[!NOTE] See the Liquibase 4.26.0 Release Notes for the complete set of release information.

Notable Changes

[PRO]

Liquibase Flow: Advanced IF conditionals

• In Liquibase flow files, use AND (&&), OR (||), and NOT (!) logic options, in single or grouped conditions, as well as substring matching and checking if a key or file exists.
• Learn more https://docs.liquibase.com/flow

Quality Checks: Simpler Regex-based pattern checks

• Check four advanced patterns without having to figure out the complicated regex needed to do it—just supply the patterns and Quality Checks will link and execute them.
• Learn more https://docs.liquibase.com/quality-checks

Observability: Checks Run Reports

• Understand and share the data on the execution of Quality Checks with a new Checks Run Report. Easily scan and understand your results with the summary section, Analyze your checks by viewing details by ChangeSet, by check, and by database. And collaborate with your team with shareable report.
• Learn more https://docs.liquibase.com/observability

Formatted SQL changelogs can use rollback scripts

• Previously, Formatted SQL ChangeLogs could only run in-line rollback commands. But, sometimes you need something more complex, like a full rollbackSqlFile. This functionality has been available for XML, JSON, and YAML formatted changelogs.
• Learn more https://docs.liquibase.com/concepts/changelogs/sql-format.html

Liquibase Open Source and Liquibase Pro

Liquibase capability enhancements

• The diffChangeLog command has been updated only to create a changelog when changes are detected. This is a change from the previous behavior of creating an empty changelog.
• Adds two new generateChangelog options:
  • --run-on-change-types=createView,createProcedure will set runOnChange="true" for each changeSet which contains solely createView and createProcedure changes. For backward compatibility, the default is an empty list.
  • --replace-if-exists=createView,createProcedure will set replaceIfExists="true" for each createView and createProcedure changes. For backward compatibility, the default is an empty list.
• Fix a bug that previously included substituted properties in the checksum calculation for SQLFile change types

JDBC driver updates

• MariaDB JDBC driver updated from 3.2.0 to 3.3.2
• Snowflake JDBC driver updated from 3.14.3 to 3.14.4
• Firebird SQL JDBC driver updated from 5.0.2.java8 to 5.0.3.java8
• SQLite JDBC driver updated from 3.43.2.2 to 3.44.1.0

Database platform improvements

General

• Adds create table if not exists support for the following databases: CockroachDB, DB2 LUW, H2, HSQL, Informix, Ingres9, MariaDB, MySQL, Postgres, and SQLite.
• Fix the generated default column value in PostgreSQL and Oracle for char/clob data types.

Maria DB

• Adds Liquibase support for Maria DB 10.10.6 and later's new UUID data type.

... (truncated)

Commits

• 1f748a7 Removed duplicated info (#5575)
• 590f033 Merge pull request #5573 from liquibase/release_4_26_0_docs
• 7f777ab chore: docs
• 79a573a chore: update release date (#5572)
• 6a107a5 Fix docs url (#5567)
• 6025dab chore: 4.26.0 xsd and changelog (#5564)
• ef3205a Fix: ChangelogHistoryService NPE when running concurrently (#5562)
• 711c1a7 Merge pull request #5560 from liquibase/release_4_26_0_build
• ea1c68f chore(docs): changelog draft
• fe1cec8 DAT-16833: generate-PRO-tag based on OSS release (#5553)
• Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.5.0 to 42.7.2

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.2

Security

CVE-2024-1597 and Security Advisory addressed. The vulnerability occurs only in non-default preferQueryMode=simple mode and only if a negative place holder -? is used. See the security advisory for details

What's Changed

• perf: avoid autoboxing bind indexes by @​bokken in pgjdbc/pgjdbc#1244
• add: Add PasswordUtil for encrypting passwords client side by @​sehrope in pgjdbc/pgjdbc#3082
• refactor: document that encodePassword will zero out the password array, and remove driver's default encodePassword by @​vlsi in pgjdbc/pgjdbc#3084
• change: Use simple query for isValid. Using Extended query sends two messages by @​davecramer in pgjdbc/pgjdbc#3101

Full Changelog: pgjdbc/pgjdbc@REL42.7.1...REL42.7.2

v42.7.1

Fixed regressions since 42.7.0

• Revert "Use canonical DateStyle name (#2925)" @​vlsi (#3035)
• Revert "feat: support SET statements combining with other queries with semicolon in PreparedStatement" @​vlsi (#3010)
• chore: use java.release=8 when building pgjdbc from the generated source distribution @​vlsi (#3038), the driver uses Java 8 methods only

Changes

• Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken @​davecramer (#3040)
• perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing @​vlsi (#3044)
• fix: avoid timezone conversions when sending LocalDateTime to the database @​vlsi (#2852)
• fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc @​chrullrich (#2720)

🧰 Maintenance

• chore: bump Gradle to 8.5 @​vlsi (#3045)
• chore: use Java 17 for building pgjdbc, and use --release 8 to target Java 8, add tests with Java 21 and 22 @​vlsi (#3026)
• fedora/rpm: move source build to java-17-openjdk-devel @​praiskup (#3036)
• Update site 42 7 0 @​davecramer (#3004)
• prepared for release 42.7.1 update changelogs @​davecramer (#3037)

⬆️ Dependencies

• fix(deps): update dependency org.checkerframework:org.checkerframework.gradle.plugin to v0.6.36 @​renovate-bot (#3060)
• chore(deps): update plugin biz.aqute.bnd.builder to v7 @​renovate-bot (#3034)
• fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6 @​renovate-bot (#3056)
• fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v5.2.5 @​renovate-bot (#3032)
• chore(deps): update codecov/codecov-action digest to b0466b4 @​renovate-bot (#3059)
• fix(deps): update checkerframework to v3.41.0 @​renovate-bot (#3058)
• fix(deps): update logback to v1.2.13 @​renovate-bot (#3053)
• chore(deps): update codecov/codecov-action digest to 438fa9e @​renovate-bot (#3051)
• fix(deps): update dependency spotbugs to v4.8.2 @​renovate-bot (#3052)
• chore: bump Gradle to 8.5 @​vlsi (#3045)
• fix(deps): update dependency org.ops4j.pax.url:pax-url-aether to v2.6.14 @​renovate-bot (#3030)

... (truncated)

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.2] (2024-02-21 08:23:00 -0500)

Security

• security: SQL Injection via line comment generation, it is possible in SimpleQuery mode to generate a line comment by having a placeholder for a numeric with a - such as -?. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment. This has been fixed in this version fixes CVE-2024-1597. Reported by Paul Gerste. See the security advisory for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds.

Changed

• fix: Use simple query for isValid. Using Extended query sends two messages checkConnectionQuery was never ever set or used, removed [PR #3101](pgjdbc/pgjdbc#3101)
• perf: Avoid autoboxing bind indexes by @​bokken in [PR #1244](pgjdbc/pgjdbc#1244)
• refactor: Document that encodePassword will zero out the password array, and remove driver's default encodePassword by @​vlsi in [PR #3084](pgjdbc/pgjdbc#3084)

Added

• feat: Add PasswordUtil for encrypting passwords client side [PR #3082](pgjdbc/pgjdbc#3082)

[42.7.1] (2023-12-06 08:34:00 -0500)

Changed

• perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing [PR #3044](pgjdbc/pgjdbc#3044)

Fixed

• fix: Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken [PR #3040](pgjdbc/pgjdbc#3040)
• fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc [PR #2720](pgjdbc/pgjdbc#2720) Fixes [Issue #2690](pgjdbc/pgjdbc#2720).
• fix: NoSuchMethodError on ByteBuffer#position When Running on Java 8 when accessing arrays, fixes [Issue #3014](pgjdbc/pgjdbc#3014)
• Revert "[PR #2925](pgjdbc/pgjdbc#2925) Use canonical DateStyle name" [PR #3035](pgjdbc/pgjdbc#3035) Fixes [Issue #3008](pgjdbc/pgjdbc#3008)
• Revert "[PR ##2973](pgjdbc/pgjdbc#2973) feat: support SET statements combining with other queries with semicolon in PreparedStatement" [PR #3010](pgjdbc/pgjdbc#3010) Fixes [Issue #3007](pgjdbc/pgjdbc#3007)
• fix: avoid timezone conversions when sending LocalDateTime to the database #2852 Fixes [Issue #1390](pgjdbc/pgjdbc#1390) ,[Issue #2850](pgjdbc/pgjdbc#2850) Closes [Issue #1391(https://redirect.github.com/Fix #1390 LocalDateTime string serialization pgjdbc/pgjdbc#1391)

[42.7.0] (2023-11-20 09:33:00 -0500)

Changed

• fix: Deprecate for removal PGPoint.setLocation(java.awt.Point) to cut dependency to java.desktop module. [PR #2967](pgjdbc/pgjdbc#2967)
• feat: return all catalogs for getCatalogs metadata query closes [ISSUE #2949](pgjdbc/pgjdbc#2949) [PR #2953](pgjdbc/pgjdbc#2953)
• feat: support SET statements combining with other queries with semicolon in PreparedStatement [PR ##2973](pgjdbc/pgjdbc#2973)

Fixed

• chore: add styleCheck Gradle task to report style violations [PR #2980](pgjdbc/pgjdbc#2980)
• fix: Include currentXid in "Error rolling back prepared transaction" exception message [PR #2978](pgjdbc/pgjdbc#2978)
• fix: add varbit as a basic type inside the TypeInfoCache [PR #2960](pgjdbc/pgjdbc#2960)
• fix: Fix failing tests for version 16. [PR #2962](pgjdbc/pgjdbc#2962)
• fix: allow setting arrays with ANSI type name [PR #2952](pgjdbc/pgjdbc#2952)
• feat: Use KeepAlive to confirm LSNs [PR #2941](pgjdbc/pgjdbc#2941)
• fix: put double ' around log parameter [PR #2936](pgjdbc/pgjdbc#2936) fixes [ISSUE #2935](pgjdbc/pgjdbc#2935)
• fix: Fix Issue #2928 number of ports not equal to number of servers in datasource [PR #2929](pgjdbc/pgjdbc#2929)
• fix: Use canonical DateStyle name (#2925) fixes pgbouncer issue

... (truncated)

Commits

• 06abfb7 Merge pull request from GHSA-24rp-q3w6-vc56
• 93b0fcb Merge pull request from GHSA-24rp-q3w6-vc56
• a408946 Revert "WIP speed up getDate (#3108)" (#3125)
• f5d6e3f WIP speed up getDate (#3108)
• 4e6a501 chore(deps): update release-drafter/release-drafter action to v6
• 0b90367 chore(deps): update dependency gradle to v8.6
• 4075f70 chore(deps): update oracle-actions/setup-java action to v1.3.3
• 8de5beb fix(deps): update junit5 monorepo to v5.10.2
• 6f741dd fix(deps): update dependency checkstyle to v10.13.0
• 07e0535 fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.p...
• Additional commits viewable in compare view

Updates commons-io:commons-io from 2.11.0 to 2.15.1

Updates com.fasterxml.jackson.core:jackson-core from 2.13.4 to 2.16.1

Commits

• 249716c [maven-release-plugin] prepare release jackson-core-2.16.1
• 125f5b2 Prepare for 2.16.1 release
• 1928b07 Minor test improvements
• aa5c887 Minor tweaking post-merge wrt #1175
• 9fb3f21 Add failing tests for #1173: parse error location (#1175)
• 4eb4539 Backport #1168 in 2.16(.1)
• 571d4ae Merge branch '2.15' into 2.16
• 8f37646 Update release notes wrt #1161 backport
• 8f2f04e fastdoubleparser 1.0.0 (#1163) (#1166)
• 7f1c619 Update release notes wrt #1161
• Additional commits viewable in compare view

Updates io.spring.dependency-management from 1.0.13.RELEASE to 1.1.4

Release notes

Sourced from io.spring.dependency-management's releases.

v1.1.4

🐞 Bug Fixes

• Dependencies declared in a platform are excluded unless applyMavenExclusions is set to false #368
• Invalid pom is produced when using both the dependency management plugin and Gradle's bom support #257

📔 Documentation

• Typo in "Importing a Maven Bom" example #366

v1.1.3

🐞 Bug Fixes

• NullPointerException when Maven-style exclusions are enabled and a dependency has a pom which Maven's Model Builder considers to be invalid #365

v1.1.2

🐞 Bug Fixes

• Resolution fails when a dependency with Gradle module metadata relies on constraints from a platform dependency #360

v1.1.1

🐞 Bug Fixes

• Pom customization has unwanted side-effect of reversing bom import ordering #355
• Build fails with an ArrayIndexOutOfBoundsException when a dependency has a pom with more than 8192 characters #350
• Enabling configuration on ...

  Description has been truncated

[dependabot]

The following labels could not be found: dependency, gradle.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[okotsopoulos]

I'd advise excluding Liquibase minor updates from this grouping: looking at the release notes, they seem to treat their minor updates as major updates (looks like semver, doesn't behave like semver).

https://docs.liquibase.com/start/release-notes/home.html

Otherwise, skimmed the release notes for others and they look good.

[dependabot]

Superseded by #127.