dependency updates

.github/workflows/build.yml

@@ -250,7 +250,7 @@ jobs:
           cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
         continue-on-error: true
       - name: Publish to Codecov
-        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
+        uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
       - name: Publish to Codacy

.github/workflows/codacy.yml

@@ -47,7 +47,7 @@ jobs:
         if: steps.check_files.outputs.files_exists == 'true'
         run: jq -c '.runs |= unique_by({tool, invocations, results})' < results.sarif > codacy.sarif
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         if: steps.check_files.outputs.files_exists == 'true'
         continue-on-error: true
         with:

.github/workflows/codeql.yml

@@ -57,10 +57,10 @@ jobs:
           java: ${{ env.JAVA_VERSION }}
           cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/init@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           languages: java
       - name: Autobuild
-        uses: github/codeql-action/autobuild@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/autobuild@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/analyze@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11

.github/workflows/dependency-check.yml

@@ -61,7 +61,7 @@ jobs:
         with:
           files: build/reports/dependency-check-report.sarif
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         if: steps.check_files.outputs.files_exists == 'true'
         with:
           sarif_file: build/reports/dependency-check-report.sarif

.github/workflows/devskim.yml

@@ -31,6 +31,6 @@ jobs:
       - name: Run DevSkim scanner
         uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14
       - name: Upload DevSkim scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: devskim-results.sarif

.github/workflows/qodana.yml

@@ -70,6 +70,6 @@ jobs:
           upload-result: true
           github-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json

.github/workflows/scorecards-analysis.yml

@@ -58,6 +58,6 @@ jobs:
           path: results.sarif
           retention-days: 5
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: results.sarif

.github/workflows/semgrep.yml

@@ -34,7 +34,7 @@ jobs:
         if: steps.check_files.outputs.files_exists == 'true'
         run: jq -c '.runs[0].tool.driver.rules |= unique_by(.id)' < results.sarif > semgrep.sarif
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         if: steps.check_files.outputs.files_exists == 'true'
         continue-on-error: true
         with:

.github/workflows/snyk.yml

@@ -42,7 +42,7 @@ jobs:
         with:
           files: snyk.sarif
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         if: steps.check_files.outputs.files_exists == 'true'
         with:
           sarif_file: snyk.sarif

.github/workflows/trivy.yml

@@ -29,6 +29,6 @@ jobs:
           format: sarif
           output: trivy-results.sarif
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
             sarif_file: trivy-results.sarif

examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml

@@ -1,6 +1,6 @@
 [versions]
 caffeine = "3.1.8"
-junit = "5.11.1"
+junit = "5.11.2"
 reactor = "3.6.10"
 truth = "1.4.4"
 versions = "0.51.0"

examples/graal-native/gradle/libs.versions.toml

@@ -1,7 +1,7 @@
 [versions]
 caffeine = "3.1.8"
 graal = "0.10.3"
-junit = "5.11.1"
+junit = "5.11.2"
 truth = "1.4.4"
 versions = "0.51.0"
 

examples/hibernate/gradle/libs.versions.toml

@@ -2,7 +2,7 @@
 caffeine = "3.1.8"
 h2 = "2.3.232"
 hibernate = "7.0.0.Beta1"
-junit = "5.11.1"
+junit = "5.11.2"
 log4j2 = "3.0.0-beta2"
 truth = "1.4.4"
 versions = "0.51.0"

examples/indexable/gradle/libs.versions.toml

@@ -1,7 +1,7 @@
 [versions]
 caffeine = "3.1.8"
 guava = "33.3.1-jre"
-junit-jupiter = "5.11.1"
+junit-jupiter = "5.11.2"
 truth = "1.4.4"
 versions = "0.51.0"
 

examples/resilience-failsafe/gradle/libs.versions.toml

@@ -1,7 +1,7 @@
 [versions]
 caffeine = "3.1.8"
 failsafe = "3.3.2"
-junit = "5.11.1"
+junit = "5.11.2"
 truth = "1.4.4"
 versions = "0.51.0"
 

examples/write-behind-rxjava/gradle/libs.versions.toml

@@ -1,7 +1,7 @@
 [versions]
 awaitility = "4.2.2"
 caffeine = "3.1.8"
-junit = "5.11.1"
+junit = "5.11.2"
 rxjava = "3.1.9"
 versions = "0.51.0"
 

gradle/libs.versions.toml

@@ -7,7 +7,7 @@ bnd = "7.0.0"
 bouncycastle-jdk18on = "1.78.1"
 cache2k = "2.6.1.Final"
 caffeine = "3.1.8"
-checker-framework = "3.47.0"
+checker-framework = "3.48.0"
 checkstyle = "10.18.2"
 coherence = "22.06.2"
 commons-collections4 = "4.4"
@@ -33,7 +33,7 @@ felix-scr = "2.2.12"
 findsecbugs = "1.13.0"
 flip-tables = "1.1.1"
 forbidden-apis = "3.7"
-google-java-format = "1.23.0"
+google-java-format = "1.24.0"
 guava = "33.3.1-jre"
 guice = "6.0.0"
 h2 = "2.3.232"
@@ -62,7 +62,7 @@ json-bind = "1.0"
 jsoup = "1.18.1"
 junit-testng = "1.0.5"
 junit4 = "4.13.2"
-junit5 = "5.11.1"
+junit5 = "5.11.2"
 jvm-dependency-conflict-resolution = "2.1.2"
 kotlin = "2.0.20"
 lincheck = "2.34"
@@ -86,7 +86,7 @@ snakeyaml = "2.3"
 sonarqube = "5.1.0.4882"
 spotbugs = "4.8.6"
 spotbugs-contrib = "7.6.5"
-spotbugs-plugin = "6.0.23"
+spotbugs-plugin = "6.0.24"
 stream = "2.9.8"
 tcache = "2.0.1"
 testng = "7.10.2"