[PF-2987]: Bump the minor-patch-dependencies group with 9 updates

[dependabot]

Bumps the minor-patch-dependencies group with 9 updates:

Package	From	To
com.fasterxml.jackson:jackson-bom	2.18.1	2.18.2
org.springframework:spring-context	6.1.14	6.2.0
org.springframework:spring-web	6.1.14	6.2.0
org.liquibase:liquibase-core	4.29.2	4.30.0
commons-io:commons-io	2.17.0	2.18.0
org.springframework.boot	3.3.5	3.4.0
com.azure:azure-messaging-servicebus	7.17.5	7.17.6
com.azure:azure-identity	1.14.0	1.14.2
io.netty:netty-bom	4.1.114.Final	4.1.115.Final

Updates com.fasterxml.jackson:jackson-bom from 2.18.1 to 2.18.2

Commits

• 55ff098 [maven-release-plugin] prepare release jackson-bom-2.18.2
• 84a6fe4 Prep for 2.18.2 release
• 88591c6 Merge branch '2.17' into 2.18
• bc1206e Back to snapshot dep
• 1021173 [maven-release-plugin] prepare for next development iteration
• e3fd468 [maven-release-plugin] prepare release jackson-bom-2.17.3
• ef13a7a Start 2.17.3 release
• 1ed3d25 Back to snapshot deps
• fac9a3b [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates org.springframework:spring-context from 6.1.14 to 6.2.0

Release notes

Sourced from org.springframework:spring-context's releases.

v6.2.0

⭐ New Features

• Update UndertowHttpHandlerAdapter to dispatch #33885
• Refine @Contract Javadoc to mention this and new return values #33849
• AOT processing for bean validation does not consider cascaded and container element constraints #33842
• Avoid repeated resolving of singleton beans through @Lazy proxy #33841
• Regiser runtime hints for @TestBean fully-qualified method names #33836
• Introduce support for custom reason in @DisabledInAotMode #33833
• Use optimistic locking where possible in ResponseBodyEmitter #33831
• Revise cookies support with Apache HTTP Components in WebClient and WebTestClient #33822
• Remove the pure attribute from @Contract #33820
• Introduce @CheckReturnValue annotation #33818
• ResourceHttpRequestHandler throwing IllegalArgumentException if resource doesn't end with slash breaks some third-party libraris #33815
• Provide first-class virtual thread option on ThreadPoolTaskExecutor/ThreadPoolTaskScheduler #33807
• HttpServiceProxyFactory should omit optional @RequestParam if converted from null to empty string #33794
• Reactor Netty response should not buffer the full response #33781
• Relax the visibility of MockMVC DSL constructors #33778
• Support Publisher to InputStream conversion #31677

🐞 Bug Fixes

• MockReset should be honored without @Mockito[Spy]Bean fields #33829
• Test Bean Overrides do not honor @Primary semantics #33819
• Bean Overrides cannot reliably override beans created by a FactoryBean with generics #33811
• Bean Overrides for certain FactoryBean use cases no longer work #33800
• @MockitoBean, @MockitoSpyBean, & @TestBean do not work with @DirtiesContext "before method" modes #33783
• Deprecate exchangeTimeout and refactor readTimeout in ReactorClientHttpRequestFactory #33782

📔 Documentation

• Revise documentation for SpEL PropertyAccessor and IndexAccessor APIs regarding ordering #33862
• Document UrlHandler Servlet and reactive filters #33784
• Improve documentation for SpelCompilerMode #33223

🔨 Dependency Upgrades

• Upgrade to ASM 9.7.1 (for early Java 24 support) #33821
• Upgrade to Micrometer 1.14.0 #33876
• Upgrade to Reactor 2024.0.0 #33878

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Hejow, @​OlegDokuka, and @​lucky8987

v6.2.0-RC3

⭐ New Features

... (truncated)

Commits

• 5024bb7 Release v6.2.0
• 35b452b Upgrade to Undertow 2.3.18.Final, dispatch in UndertowHttpHandlerAdapter
• 56525da Merge branch '6.1.x'
• 5145cf4 Next development version (v6.1.16-SNAPSHOT)
• d4f8b5d Merge branch '6.1.x'
• 6cb41dc Upgrade to Netty 4.1.115
• cca2450 Improve documentation for SpelCompilerMode
• de8a94f Do not set up CookieStore in Apache connector
• 973d815 Merge branch '6.1.x'
• 1e95332 Fix link to "Resources" section in reference guide
• Additional commits viewable in compare view

Updates org.springframework:spring-web from 6.1.14 to 6.2.0

Release notes

Sourced from org.springframework:spring-web's releases.

v6.2.0

⭐ New Features

• Update UndertowHttpHandlerAdapter to dispatch #33885
• Refine @Contract Javadoc to mention this and new return values #33849
• AOT processing for bean validation does not consider cascaded and container element constraints #33842
• Avoid repeated resolving of singleton beans through @Lazy proxy #33841
• Regiser runtime hints for @TestBean fully-qualified method names #33836
• Introduce support for custom reason in @DisabledInAotMode #33833
• Use optimistic locking where possible in ResponseBodyEmitter #33831
• Revise cookies support with Apache HTTP Components in WebClient and WebTestClient #33822
• Remove the pure attribute from @Contract #33820
• Introduce @CheckReturnValue annotation #33818
• ResourceHttpRequestHandler throwing IllegalArgumentException if resource doesn't end with slash breaks some third-party libraris #33815
• Provide first-class virtual thread option on ThreadPoolTaskExecutor/ThreadPoolTaskScheduler #33807
• HttpServiceProxyFactory should omit optional @RequestParam if converted from null to empty string #33794
• Reactor Netty response should not buffer the full response #33781
• Relax the visibility of MockMVC DSL constructors #33778
• Support Publisher to InputStream conversion #31677

🐞 Bug Fixes

• MockReset should be honored without @Mockito[Spy]Bean fields #33829
• Test Bean Overrides do not honor @Primary semantics #33819
• Bean Overrides cannot reliably override beans created by a FactoryBean with generics #33811
• Bean Overrides for certain FactoryBean use cases no longer work #33800
• @MockitoBean, @MockitoSpyBean, & @TestBean do not work with @DirtiesContext "before method" modes #33783
• Deprecate exchangeTimeout and refactor readTimeout in ReactorClientHttpRequestFactory #33782

📔 Documentation

• Revise documentation for SpEL PropertyAccessor and IndexAccessor APIs regarding ordering #33862
• Document UrlHandler Servlet and reactive filters #33784
• Improve documentation for SpelCompilerMode #33223

🔨 Dependency Upgrades

• Upgrade to ASM 9.7.1 (for early Java 24 support) #33821
• Upgrade to Micrometer 1.14.0 #33876
• Upgrade to Reactor 2024.0.0 #33878

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Hejow, @​OlegDokuka, and @​lucky8987

v6.2.0-RC3

⭐ New Features

... (truncated)

Commits

• 5024bb7 Release v6.2.0
• 35b452b Upgrade to Undertow 2.3.18.Final, dispatch in UndertowHttpHandlerAdapter
• 56525da Merge branch '6.1.x'
• 5145cf4 Next development version (v6.1.16-SNAPSHOT)
• d4f8b5d Merge branch '6.1.x'
• 6cb41dc Upgrade to Netty 4.1.115
• cca2450 Improve documentation for SpelCompilerMode
• de8a94f Do not set up CookieStore in Apache connector
• 973d815 Merge branch '6.1.x'
• 1e95332 Fix link to "Resources" section in reference guide
• Additional commits viewable in compare view

Updates org.liquibase:liquibase-core from 4.29.2 to 4.30.0

Release notes

Sourced from org.liquibase:liquibase-core's releases.

Liquibase v4.30.0

Liquibase 4.30.0 is a major release

[!IMPORTANT] Liquibase 4.30.0 contains new capabilities and notable enhancements for Liquibase OSS and Pro users including:

• Flow enhancements
• Validation improvements
• Clearer error messaging for thrown exceptions
• Addition of Anonymous Analytics
• Deprecation of the MacOS dmg installer in favor of installation via homebrew

[!NOTE] See the Liquibase 4.30.0 Release Notes for the complete set of release information.

Notable Changes

[OSS and PRO]

Anonymous Analytics:

• Liquibase can now gather anonymous usage analytics when commands are run. No user-specific data will be gathered.

For Liquibase OSS users, this functionality is enabled by default, but can be opted-out of before any data is sent. For Liquibase Pro users, this is disabled by default with the ability to opt-in. You can enable or disable sending analytics with the analytics-enabled property.

Gathering anonymous usage analytics allows us to better understand how Liquibase is actually being used by a very wide, diverse set of millions of users.

• Learn more https://docs.liquibase.com/analytics

[PRO]

Flow Enhancements: Detect pending changesets, and variable-variables

• There are two exciting Flow enhancements: the ability to condition action on presence of pending changesets, and the ability to use a global variable inside other global or stage variables, enabling variable-variables within flows.
• Learn more https://docs.liquibase.com/flow

[OSS]

Usability Improvements:

• Avoid ignoring caught exceptions, and instead return the exception and append the reason for better debugging.
• When using failOnError=false, changesets that failed will now show up in the default output.
• When using STRICT mode, update-to-tag will now throw an error when there is no tag specified or the tag specified does not exist.
• Added a Customizer that allows discovery of changesets that are not known to an application. This can be used to prevent an application's startup when discovering new, unexpected changesets before an update is made.

Deprecated: MacOS .dmg installer

• The MacOS dmg installer no longer ships with release artifacts. Please use the tar.gz or .zip release artifacts, or install via homebrew by running brew install liquibase

For a full list of improvements and bug fixes, see the [OSS] Changelog section.

[PRO] Changelog

🚀 New Features

... (truncated)

Changelog

Sourced from org.liquibase:liquibase-core's changelog.

Liquibase 4.30.0 is a major release

[!IMPORTANT] Liquibase 4.30.0 contains new capabilities and notable enhancements for Liquibase OSS and Pro users including Anonymous Analytics and deprecation of the MacOS dmg installer. [!NOTE] See the Liquibase 4.30.0 Release Notes for the complete set of release information.

Notable Changes

[PRO]

Anonymous Analytics:

• Liquibase can now gather anonymous usage analytics when commands are run. No user-specific data will be gathered.

For Liquibase OSS users, this functionality is enabled by default, but can be opted-out of before any data is sent. For Liquibase Pro users, this is disabled by default with the ability to opt-in.

Gathering anonymous usage analytics allows us to better understand how Liquibase is actually being used by a very wide, diverse set of millions of users.

• Learn more https://docs.liquibase.com/analytics

Flow Enhancements: Detect pending changesets, and variable-variables

• There are two exciting Flow enhancements: the ability to condition action on presence of pending changesets, and the ability to use a global variable inside other global or stage variables, enabling variable-variables within flows.
• Learn more https://docs.liquibase.com/flow

[OSS]

Deprecated: MacOS .dmg installer

• The MacOS dmg installer no longer ships with release artifacts. Please use the tar.gz or .zip release artifacts, or install via homebrew by running brew install liquibase

[PRO] Changelog

New Features

• DAT-18202 Implement wildcard check name argument for enable/disable in liquibase/liquibase-pro#2000 by @​wwillard7800
• DAT-17058: Add analytics in liquibase/liquibase-pro#1995 by @​liquibot
• DAT-17568 Added exit command action in liquibase/liquibase-pro#1689 by @​wwillard7800
• DAT-18689: Add extra information to failed changesets summary in liquibase/liquibase-pro#1996 by @​filipelautert
• DAT-18114 Added more logging for formatted SQL parsing in liquibase/liquibase-pro#1994 by @​wwillard7800
• DAT-18455 Add SQL file path to policy checks output in liquibase/liquibase-pro#1944 by @​wwillard7800

Changes

• DAT-17581 Exit with a non-zero if the changelog did not validate in liquibase/liquibase-pro#1870 by @​wwillard7800
• DAT-18540 Create new ReportWriter.open(String path) method that default to no-op in liquibase/liquibase-pro#1962 by @​wwillard7800
• DAT-18092: Use xdg-open to open reports in browser on linux operating systems in liquibase/liquibase-pro#1948 by @​abrackx
• DAT-18531 Clear out DBCL fast check cache before each Flow action in liquibase/liquibase-pro#1933 by @​wwillard7800

... (truncated)

Commits

• 38cc3e9 Only add child events when analytics is enabled (DAT-18943) (#6474)
• 2d8d90d Add 4.30.0 xsd and update changelog.txt (#6471)
• 789c5e6 enable analytics for release builds only (DAT-18902) (#6465)
• 3db80b4 Modify clob handling (#6410)
• 2c04047 DAT-17706 - Add checks example files to all format directories (#6461)
• 315d709 Update jreBundle to latest in install4j (#6457)
• 4db540b turn off analytics temporarily (DAT-18902) (#6464)
• 28e3fa5 Fix flakey ChangeLogSyncTaskTest test (DAT-18921) (#6463)
• f337b4a Adds customizer to discover and react to unknown change sets (#6432)
• 181fbc8 chore: fix expected files in examples directory (#6458)
• Additional commits viewable in compare view

Updates commons-io:commons-io from 2.17.0 to 2.18.0

Updates org.springframework.boot from 3.3.5 to 3.4.0

Release notes

Sourced from org.springframework.boot's releases.

v3.4.0

⭐ New Features

• Add withDefaultRequestConfigCustomizer method to HttpComponentsClientHttpRequestFactoryBuilder #43139
• Fail JsonWriter if duplicate names are detected #43041
• Add JsonObjectDeserializer.nullSafeValue method that accepts a mapper Function #42972
• Support timeout property for GraphQL over SSE #42966
• Improve performance of ConfigurationPropertiesBinder by storing bind handlers on first access #42950
• Improve performance of ConcurrentReferenceCachingMetadataReaderFactory #42949
• Log warning in HikariCheckpointRestoreLifecycle if pool suspension isn't configured #42937
• Remove spring-boot-starter-aop dependency from spring-boot-starter-data-jpa and spring-boot-starter-integration #42934

🐞 Bug Fixes

• Jersey body handling is inconsistent with Spring Webflux and Spring MVC #43209
• Classes are accidentally named "structure logging" instead of "structured logging" #43203
• StructuredLoggingJsonProperties customizer should be a Class reference rather than a String #43202
• Cannot package OCI image when 'docker.io/paketobuildpacks/new-relic' is provided as a buildpack #43171
• Incorrect Type for 'management.endpoints.access.default' defined in additional-spring-configuration-metadata.json #43154
• WebServerPortFileWriter fails when using a portfile without extension #43117
• SslOptions.isSpecified() only returns true if ciphers and enabled protocols are set #43084
• SslHealthIndicator throws NullPointerException when using SslBundle with SslStoreBundle.NONE #43078
• JdkClientHttpRequestFactoryBuilder and JettyClientHttpRequestFactoryBuilder do not set Ciphers or Enabled Protocols #43077
• Root cause of errors is hidden when loading images from archive #43070
• mvn spring-boot:run fails on Windows with "Could Not Find or Load Main Class" when path contains non-ASCII characters #43062
• A @SpyBean on the output of a FactoryBean is not reset #43053
• Logback logging system does not process URLs with paths not ending in .xml #42990
• Bean-based conditions do not consider factory beans correctly when determining if they are a candidate #42970
• NPE in bootBuildImage when setting DOCKER_CONTEXT=default #42960
• Warning due to duplicate MockResolver extensions #42957
• HttpHostConnectException is thrown when using buildpacks with Gradle or Maven on Windows #42952
• build-info doesn't support seconds since the epoch from project.build.outputTimestamp #42936
• NPE in OnClassCondition.resolveOutcomesThreaded following thread interruption because firstHalf is null #42926
• Default WebSocketMessageBrokerConfigurer is always overriding custom channel executor #42924
• X-Registry-Auth header sent to Docker Engine API contains field "authHeader" #42915
• ApplicationContextRunner has inconsistent behaviour with duplicate auto-configuration class names #17963

📔 Documentation

• Migrate class references to full javadoc links #43239
• Documentation for 'spring.datasource.type' is misleading #43199
• Update "Upgrading From" section to use "2.x" #43160
• Include spring-boot-loader in API documentation #43153
• Document how and where to add custom GraalVM configuration files #43074
• Rework DataSource configuration examples to separate defining an additional DataSource and defining a DataSource of a different type #43059
• Location of the layers schema is incorrect in the Maven Plugin's examples #43033
• Link to Eclipse setup instructions #42954
• Fix link to Checkpoint and Restore status page #42939

🔨 Dependency Upgrades

... (truncated)

Commits

• 8964203 Release v3.4.0
• 109e731 Revert "Add @ConditionalOnMissingBean for JobRepository"
• d21952d Merge branch '3.3.x'
• 4151938 Next development version (v3.3.7-SNAPSHOT)
• 14989a5 Upgrade to Testcontainers 1.20.4
• c188822 Upgrade to Spring Security 6.4.1
• e286739 Upgrade to Spring Batch 5.2.0
• 73fc351 Add @ConditionalOnMissingBean for JobRepository
• 3cae5c2 Merge branch '3.3.x'
• 283bc6f Merge branch '3.2.x' into 3.3.x
• Additional commits viewable in compare view

Updates com.azure:azure-messaging-servicebus from 7.17.5 to 7.17.6

Release notes

Sourced from com.azure:azure-messaging-servicebus's releases.

azure-messaging-servicebus_7.17.6

7.17.6 (2024-11-12)

Features Added

• Enabled RequestResponseChannelCache (CBS, Management channel cache) and ReactorSessionCache by default. (42641)
• Improves the synchronous acceptNextSession and acceptSession APIs of ServiceBusSessionReceiverClient to reduce the chances of the broker holding session lock for some time when client-side timeout occurs. (42838)

Other Changes

Dependency Updates

• Upgraded azure-core from 1.53.0 to 1.54.0.
• Upgraded azure-core-amqp from 2.9.10 to 2.9.11.
• Upgraded azure-identity from 1.14.0 to 1.14.1.

Commits

• b68f725 Running Prepare-Release for azure-messaging-servicebus 7.17.6 (#42886)
• cd4caeb Add SparseCheckoutPaths to archetype-typespec-emitter.yml (#42920)
• 87a4900 Don't run Spring build below Java 17 (baseline requirement) (#42925)
• 1acd6ad Removing blocking from DirectoryAsyncApiTests file (#42923)
• 328c5fb update subscribe calls in servicebus with no-op handlers or handlers that log...
• 0829c72 Fix async lro tests (#42918)
• 834df8e Update Netty dependency to latest (#42911)
• 52e1caf update autorest.java (#42917)
• 2d76e22 Fix for set DnsNameLabelReusePolicy/autoGeneratedDomainNameLabelScope dur...
• 61e22da Sync eng/common directory with azure-sdk-tools for PR 9328 (#42793)
• Additional commits viewable in compare view

Updates com.azure:azure-identity from 1.14.0 to 1.14.2

Release notes

Sourced from com.azure:azure-identity's releases.

azure-identity_1.14.2

1.14.2 (2024-11-15)

Bugs Fixed

• Fixed issue in Managed Identity scopes #42934

Other Changes

Dependency Updates

• Upgraded azure-core from 1.54.0 to version 1.54.1.
• Upgraded azure-core-http-netty from 1.15.6 to version 1.15.7.
• Upgraded jna-platform from 5.6.0 to version 5.13.0.

Commits

• a8fb3e9 adding newline
• ec26b1e pickup a better version of the supressions
• f08221f Update TROUBLESHOOTING.md (#42953)
• 6fc9690 Migrate Identity libraries to new linting format (#42833)
• b964943 prep broker release
• 51b3630 update changelog
• 048d436 Fix scopes logic in Identity Client (#42934)
• 80d0246 Updating the SDK dependencies for azure-identity
• dba0afc Reset changes to the patch version.
• ea44eda Migrate Metrics Advisor, Mixed Reality, Models Repository, Monitor, and OpenA...
• Additional commits viewable in compare view

Updates io.netty:netty-bom from 4.1.114.Final to 4.1.115.Final

Commits

• 04f9b4a [maven-release-plugin] prepare release netty-4.1.115.Final
• fbf7a70 Merge commit from fork
• 7b4fe3d Specialize Adaptive's allocator Recycler based on magazine's owner (#14421)
• 9f3699e Explicit specify the platform for Docker files (#14448)
• 3520fc7 Ensure netty-all generation does not override other snapshot jars (#14450)
• 925064e Preserve ordering of default named groups during conversation (#14447)
• 837b738 Make JMH executor threads look like event loop threads (#14444)
• a434eef AdaptiveByteBufAllocator: Make pooling of AdaptiveByteBuf magazine local (#14...
• 16123be Allow to set used named groups per OpenSslContext (#14433)
• dadbf58 Correctly detect if KeyManager is not supported by OpenSSL version (#14437)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: dependency, gradle.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud