[PF-2983]: Bump the minor-patch-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the minor-patch-dependencies group with 8 updates in the / directory:

Package	From	To
org.bouncycastle:bcprov-jdk18on	1.78	1.78.1
com.google.cloud:libraries-bom	26.42.0	26.43.0
io.opentelemetry:opentelemetry-bom-alpha	1.37.0-alpha	1.40.0-alpha
io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom	2.3.0	2.6.0
com.jfrog.artifactory	5.2.2	5.2.3
org.sonarqube	5.0.0.4638	5.1.0.4882
io.spring.dependency-management	1.1.5	1.1.6
org.springframework.boot	3.3.1	3.3.2

Updates org.bouncycastle:bcprov-jdk18on from 1.78 to 1.78.1

Changelog

Sourced from org.bouncycastle:bcprov-jdk18on's changelog.

2.1.1 Version Release: 1.79 Date:      2024, TBD.

2.2.1 Version Release: 1.78.1 Date:      2024, 18th April.

2.3.1 Version Release: 1.78 Date:      2024, 7th April.

... (truncated)

Commits

• See full diff in compare view

Updates com.google.cloud:libraries-bom from 26.42.0 to 26.43.0

Release notes

Sourced from com.google.cloud:libraries-bom's releases.

v26.43.0

GCP Libraries BOM 26.43.0

Here are the differences from the previous version (26.42.0)

New Addition

• com.google.cloud:google-cloud-gdchardwaremanagement:0.1.0

The group ID of the following artifacts is com.google.cloud.

Notable Changes

google-cloud-bigquery 2.41.0 (prev: 2.40.3)

• Add columnNameCharacterMap to LoadJobConfiguration (#3356) (2f3cbe3)

• Add MetadataCacheMode to ExternalTableDefinition (#3351) (2814dc4)

• Add clustering value to ListTables result (#3359) (5d52bc9)

google-cloud-bigtable 2.40.0 (prev: 2.39.5)

• Add String type with Utf8Raw encoding to Bigtable API (#2191) (e7f03fc)

• Add getServiceName() to EnhancedBigTableStubSettings (#2256) (da703db)

• Remove grpclb (#2033) (7355375)

google-cloud-firestore 3.22.0 (prev: 3.21.4)

• Add bulk delete api (#1704) (5ef6254)

google-cloud-logging 3.19.0 (prev: 3.18.0)

• logging: OpenTelemetry trace/span ID integration for Java logging library (#1596) (67db829)

google-cloud-pubsub 1.131.0 (prev: 1.130.0)

• Add use_topic_schema for Cloud Storage Subscriptions (#2082) (11d67d4)

google-cloud-spanner 6.71.0 (prev: 6.69.0)

• Add field order_by in spanner.proto (#3064) (52ee196)

• Do not end transaction span when rolling back to savepoint (#3167) (8ec0cf2)

• Remove unused DmlBatch span (#3147) (f7891c1)

google-cloud-spanner-jdbc 2.20.1 (prev: 2.19.3)

• Add OpenTelemetry tracing (#1568) (1485a04)

Other libraries

• [aiplatform] add enum value MALFORMED_FUNCTION_CALL to .google.cloud.aiplatform.v1beta1.content.Candidate.FinishReason (666a3ac)
• [aiplatform] add MALFORMED_FUNCTION_CALL to FinishReason (666a3ac)
• [batch] add a install_ops_agent field to InstancePolicyOrTemplate for Ops Agent support (564c369)
• [container] A new message HugepagesConfig is added (4be1db5)
• [container] A new method_signature parent is added to method ListOperations in service ClusterManager (4be1db5)

... (truncated)

Commits

• 8ee9baa chore: release main (#6658)
• aa953a1 Revert "build(deps): update dependency org.apache.maven.resolver:maven-resolv...
• a6ea250 deps: update dependency com.google.cloud:google-cloud-bigtable-bom to v2.40.0...
• 301282c deps: update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.20.1...
• 3c9ca8d deps: update dependency com.google.cloud:google-cloud-spanner-bom to v6.71.0 ...
• 0b823c9 build(deps): update dependency org.apache.maven.resolver:maven-resolver-api t...
• ca673e6 deps: update dependency com.google.cloud:google-cloud-datastore-bom to v2.20....
• ac889cf test(deps): update dependency com.google.truth:truth to v1.4.3 (#6662)
• 04e1eee deps: update dependency com.google.cloud:gapic-libraries-bom to v1.40.0 (#6663)
• c9b7d11 deps: update dependency com.google.cloud:google-cloud-logging-bom to v3.19.0 ...
• Additional commits viewable in compare view

Updates io.opentelemetry:opentelemetry-bom-alpha from 1.37.0-alpha to 1.40.0-alpha

Release notes

Sourced from io.opentelemetry:opentelemetry-bom-alpha's releases.

Version 1.39.0

API

Incubator

• BREAKING: Refactor ExtendedTracer, ExtendedSpanBuilder to reflect incubating API conventions (#6497)

SDK

Exporter

• BREAKING: Serve prometheus metrics only on /metrics by default. To restore the previous behavior and serve metrics on all paths, override the default handler as demonstrated here. (#6476)
• Make OTLP exporter memory mode API public (#6469)
• Speed up OTLP string marshaling using sun.misc.Unsafe (#6433)
• Add exporter data classes for experimental profiling signal type. (#6374)
• Start prometheus http server with daemon thread (#6472)
• Update the Prometheus metrics library and improve how units are included in metric names. (#6473)
• Remove android animalsniffer check from prometheus exporter (#6478)

Extensions

• Load file config YAML using core schema, ensure that env var substitution retains string types. (#6436)
• Define dedicated file configuration SPI ComponentProvider (#6457)

Tooling

• Normalize timestamps and file ordering in jars, making the outputs reproducible (#6471)
• GHA for generating the post-release pull request (#6449)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​crossoverJie @​DPUkyle @​fstab @​hboutemy @​jack-berg @​jhalliday @​jkwatson @​laurit @​lizongwu @​nluk @​trask @​zeitlinger

Version 1.38.0

API

... (truncated)

Changelog

Sourced from io.opentelemetry:opentelemetry-bom-alpha's changelog.

Changelog

Unreleased

Version 1.40.0 (2024-07-05)

API

Incubator

• Narrow ExtendedSpanBuilder return types for chaining (#6514)
• Add APIs to determine if tracer, logger, instruments are enabled (#6502)

SDK

Extensions

• Move autoconfigure docs to opentelemetry.io (#6491)

Version 1.39.0 (2024-06-07)

API

Incubator

• BREAKING: Refactor ExtendedTracer, ExtendedSpanBuilder to reflect incubating API conventions (#6497)

SDK

Exporter

• BREAKING: Serve prometheus metrics only on /metrics by default. To restore the previous behavior and serve metrics on all paths, override the default handler as demonstrated here. (#6476)
• Make OTLP exporter memory mode API public (#6469)
• Speed up OTLP string marshaling using sun.misc.Unsafe (#6433)
• Add exporter data classes for experimental profiling signal type. (#6374)
• Start prometheus http server with daemon thread (#6472)
• Update the Prometheus metrics library and improve how units are included in metric names. (#6473)
• Remove android animalsniffer check from prometheus exporter

... (truncated)

Commits

• See full diff in compare view

Updates io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom from 2.3.0 to 2.6.0

Release notes

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom's releases.

Version 2.6.0

This release targets the OpenTelemetry SDK 1.40.0.

Note that many artifacts have the -alpha suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the VERSIONING.md for more details.

The Spring Boot Starter (opentelemetry-spring-boot-starter) is now stable.

Migration notes

• The opentelemetry-spring-boot and opentelemetry-spring-boot-3 artifacts have been merged into a single artifact named opentelemetry-spring-boot-autoconfigure which supports both Spring Boot 2 and Spring Boot 3
• Two experimental HTTP metrics have been renamed: - http.server.request.size → http.server.request.body.size, - http.server.response.size → http.server.response.body.size

🌟 New javaagent instrumentation

• Javalin (#11587)
• ClickHouse (#11660)

📈 Enhancements

• Support HTTP client instrumentation configuration in Spring starter (#11620)
• Influxdb client: don't fill db.statement for create/drop database and write operations (#11557)
• Support otel.instrumentation.common.default-enabled in the Spring starter (#11746)
• Support Jetty HTTP client 12 (#11519)
• Add Pulsar messaging.producer.duration metric (#11591)
• Improve instrumentation suppression behavior (#11640)
• Propagate OpenTelemetry context through custom AWS client context for Lambda direct calls (#11675)
• Spring Native support for @WithSpan (#11757)
• Support HTTP server instrumentation config properties in the Spring starter (#11667)

🛠️ Bug fixes

• Fix http.server.active_requests metric with async requests (#11638)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​123liuziming @​breedx-splk @​crossoverJie @​devurandom @​heyams @​jaydeluca @​jeanbisutti @​johnbley @​JonasKunz @​laurit @​lucasamoroso @​pandaji @​steverao

... (truncated)

Changelog

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom's changelog.

Version 2.6.0 (2024-07-17)

The Spring Boot Starter (opentelemetry-spring-boot-starter) is now stable.

Migration notes

• The opentelemetry-spring-boot and opentelemetry-spring-boot-3 artifacts have been merged into a single artifact named opentelemetry-spring-boot-autoconfigure which supports both Spring Boot 2 and Spring Boot 3
• Two experimental HTTP metrics have been renamed:
  • http.server.request.size → http.server.request.body.size,
  • http.server.response.size → http.server.response.body.size

🌟 New javaagent instrumentation

• Javalin (#11587)
• ClickHouse (#11660)

📈 Enhancements

• Support HTTP client instrumentation configuration in Spring starter (#11620)
• Influxdb client: don't fill db.statement for create/drop database and write operations (#11557)
• Support otel.instrumentation.common.default-enabled in the Spring starter (#11746)
• Support Jetty HTTP client 12 (#11519)
• Add Pulsar messaging.producer.duration metric (#11591)
• Improve instrumentation suppression behavior (#11640)
• Propagate OpenTelemetry context through custom AWS client context for Lambda direct calls (#11675)
• Spring Native support for @WithSpan (#11757)
• Support HTTP server instrumentation config properties in the Spring starter (#11667)

🛠️ Bug fixes

• Fix http.server.active_requests metric with async requests (#11638)

Version 1.33.4 (2024-06-19)

📈 Enhancements

... (truncated)

Commits

• 6021bce [release/v2.6.x] Prepare release 2.6.0 (#11838)
• 2ea4e61 Update change log for v2.6.0 release (#11816)
• d2a2cad chore(deps): update gradle/actions action to v3.5.0 (main) (#11824)
• 428aa28 Restructure to have a single spring-boot-autoconfigure artifact (#11826)
• 09ad619 Remove unneeded groovy dependencies from lambda tests (#11828)
• 9a6909a fix(deps): update dependency commons-codec:commons-codec to v1.17.1 (main) (#...
• 2916323 fix(deps): update dependency org.owasp:dependency-check-gradle to v10.0.3 (ma...
• 6075737 Rename spring-boot-autoconfigure artifacts (#11815)
• 4cdd771 Fix http.server.active_requests metric with async requests (#11638)
• 746ef01 chore(deps): update ubuntu docker tag to v24 (main) (#11771)
• Additional commits viewable in compare view

Updates io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha from 2.3.0-alpha to 2.6.0-alpha

Release notes

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha's releases.

Version 2.5.0

This release targets the OpenTelemetry SDK 1.39.0.

Note that many artifacts have the -alpha suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the VERSIONING.md for more details.

📈 Enhancements

• Add support for Informix connection string parsing in JDBC instrumentation (#11542)
• Generate an SBOM for the javaagent artifact (#11075)
• Extract sql operation even when the sanitizer is disabled (#11472)
• Improve security manager support (#11466)
• Generate Log4j2Plugin.dat for OpenTelemetryAppender (#11503)
• Stop kotlin coroutine dispatcher from propagating context (#11500)
• Handle Vert.x sub routes (#11535)
• Undertow: run response customizer on all ServerConnection implementations (#11539)
• Allow configuring MDC key names for trace_id, span_id, trace_flags (#11329)
• Apply async end strategy to all kotlin coroutine flows (#11583)

🛠️ Bug fixes

• Fix container.id issue in some crio scenarios (#11382)
• Fix Finagle http client context propagation (#11400)
• Fix sporadically failing finagle test (#11441)
• Fix request header capture corrupting tomcat request (#11469)
• Fix Ktor server instrumentation when Ktor client library is not present (#11454)
• Fix gRPC instrumentation adding duplicates to metadata instead of overwriting (#11308)
• Avoid NullPointerException when JMS destination is not available (#11570)
• Fix Spring Kafka instrumentation closing the trace too early (#11471)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​AlchemyDing @​breedx-splk @​cleverchuk @​heyams @​himamulch @​jack-berg @​jaydeluca @​jeanbisutti @​JonasKunz @​KarinaGanieva-sl @​kintan-singh-backend @​kjschnei001 @​laurit @​liurui-1 @​ofelbaum @​pavelvodrazka @​pepeshore

... (truncated)

Changelog

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha's changelog.

Changelog

Unreleased

Version 1.33.5 (2024-07-25)

📈 Enhancements

• Backport: Update the OpenTelemetry SDK version to 1.40.0 (#11879)

Version 2.6.0 (2024-07-17)

The Spring Boot Starter (opentelemetry-spring-boot-starter) is now stable.

Migration notes

• The opentelemetry-spring-boot and opentelemetry-spring-boot-3 artifacts have been merged into a single artifact named opentelemetry-spring-boot-autoconfigure which supports both Spring Boot 2 and Spring Boot 3
• Two experimental HTTP metrics have been renamed:
  • http.server.request.size → http.server.request.body.size,
  • http.server.response.size → http.server.response.body.size

🌟 New javaagent instrumentation

• Javalin (#11587)
• ClickHouse (#11660)

📈 Enhancements

• Support HTTP client instrumentation configuration in Spring starter (#11620)
• Influxdb client: don't fill db.statement for create/drop database and write operations (#11557)
• Support otel.instrumentation.common.default-enabled in the Spring starter (#11746)
• Support Jetty HTTP client 12 (#11519)
• Add Pulsar messaging.producer.duration metric (#11591)
• Improve instrumentation suppression behavior (#11640)
• Propagate OpenTelemetry context through custom AWS client context for Lambda direct calls (#11675)
• Spring Native support for @WithSpan (#11757)
• Support HTTP server instrumentation config properties in the Spring starter

... (truncated)

Commits

• See full diff in compare view

Updates com.jfrog.artifactory from 5.2.2 to 5.2.3

Updates org.sonarqube from 5.0.0.4638 to 5.1.0.4882

Updates io.spring.dependency-management from 1.1.5 to 1.1.6

Release notes

Sourced from io.spring.dependency-management's releases.

v1.1.6

🐞 Bug Fixes

• Applying Maven-style exclusions may cause a deprecation warning with Gradle 8.8 #384

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​quaff

Commits

• 57d4a77 Release v1.1.6
• caad92a Apply exclusions earlier to avoid deprecation warning
• 68f86ea Merge pull request #387 from quaff
• 4d44a45 Remove stray backtick
• 90d9e1a Rename property to address naming clash
• 3c2f6e7 Next development version (v1.1.6-SNAPSHOT)
• See full diff in compare view

Updates org.springframework.boot from 3.3.1 to 3.3.2

Release notes

Sourced from org.springframework.boot's releases.

v3.3.2

🐞 Bug Fixes

• No configuration property for defaultTimeout setting that was introduced in Spring Integration 6.2 #41521
• NPE during auto-configuration in OnClassCondition.resolveOutcomesThreaded because firstHalf is null #41504
• Spring Authorization Server now defaults multipleIssuersAllowed to false and it cannot be easily re-enabled #41355
• ServiceConnection does not work with @DataLdapTest #41325
• PropertiesMigrationListener wrongly reports property as deprecated #41252
• @NestedConfigurationProperty doesn't work on records #41251
• TestcontainersLifecycleBeanPostProcessor does not work correctly with scoped beans #41238
• Error message can be misleading if spring.config.import fails to resolve #41236
• build-image failures after docker desktop update with 'Illegal char at index 5: npipe:////' #41234
• When using Jetty, filters, listeners, and servlets are not initialized with the same thread context classloader #41225
• DirtiesContext used with Webflux, a random port and multiple contexts causes multiple contexts to misbehave #41221
• NoSuchMethodException on org.apache.activemq.ActiveMQConnectionFactory.<init> when using spring-boot-starter-activemq in a native image #41214

📔 Documentation

• Fix documentation links in the README #41531
• Document the types to which each spring.mvc.format and spring.webflux.format property applies #41518
• Document that logging.file.name and logging.file.path cannot be used together #41516
• Refine CDS how-to guide #41464
• Fix typos in javadoc of BootstrapContext #41448
• CDS link in "Efficient Deployments" documentation is broken #41321
• Update Kotlin DSL examples that configure the environment of bootBuildImage to be additive #41270
• Document tracing support for RestClient #41192
• Documentation wrongly states that zipkin-sender-urlconnection is needed #41181

🔨 Dependency Upgrades

• Upgrade to AspectJ 1.9.22.1 #41474
• Upgrade to Byte Buddy 1.14.18 #41371
• Upgrade to Dependency Management Plugin 1.1.6 #41372
• Upgrade to GraphQL Java 22.1 #41219
• Upgrade to Groovy 4.0.22 #41373
• Upgrade to HttpCore5 5.2.5 #41374
• Upgrade to Jackson Bom 2.17.2 #41375
• Upgrade to Jetty 12.0.11 #41376
• Upgrade to JsonAssert 1.5.3 #41377
• Upgrade to JUnit Jupiter 5.10.3 #41378
• Upgrade to Kafka 3.7.1 #41379
• Upgrade to Lombok 1.18.34 #41380
• Upgrade to Micrometer 1.13.2 #41298
• Upgrade to Micrometer Tracing 1.3.2 #41299
• Upgrade to MSSQL JDBC 12.6.3.jre11 #41381
• Upgrade to Neo4j Java Driver 5.22.0 #41382
• Upgrade to R2DBC MariaDB 1.2.1 #41383
• Upgrade to Reactor Bom 2023.0.8 #41384
• Upgrade to Spring Data Bom 2024.0.2 #41300
• Upgrade to Spring Framework 6.1.11 #41301

... (truncated)

Commits

• 2d0861d Release v3.3.2
• 397f3f4 Merge branch '3.2.x' into 3.3.x
• f5df7e7 Fix documentation links in the README
• 6f745c7 Merge pull request #41531 from anbusampath
• 3d29359 Update README to fix links to the docs
• b7ff40e Merge pull request #41355 from opcooc
• 1a6760e Polish "Add configuration property to allow multiple issuers"
• b0b97fb Add configuration property to allow multiple issuers
• f7780b4 Polish
• 51646fb Upgrade to Spring Pulsar 1.1.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[davidangb]

compile fails with these changes. Do not merge until that can be investigated and resolved.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.