Bump the deps group across 1 directory with 11 updates

[dependabot]

Bumps the deps group with 11 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	2.2.7.RELEASE	3.3.4
kr.motd.maven:os-maven-plugin	1.5.0.Final	1.7.1
org.jvnet.wagon-svn:wagon-svn	1.9	1.12
javax.xml.bind:jaxb-api	2.2.3	2.3.1
org.jacoco:jacoco-maven-plugin	0.8.10	0.8.12
org.sonatype.plugins:nexus-staging-maven-plugin	1.6.8	1.7.0
org.apache.maven.plugins:maven-gpg-plugin	1.6	3.2.7
com.google.guava:guava	29.0-jre	33.3.1-jre
org.springdoc:springdoc-openapi-ui	1.2.33	1.8.0
org.apache.maven.plugins:maven-enforcer-plugin	3.0.0-M3	3.5.0
com.github.tomakehurst:wiremock	2.26.0	2.27.2

Updates org.springframework.boot:spring-boot-starter-parent from 2.2.7.RELEASE to 3.3.4

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.3.4

🐞 Bug Fixes

• management.health.db.ignore-routing-datasources=true has no effect when an AbstractRoutingDataSource has been wrapped #42322
• Missing details in OAuth2ClientProperties validation error message #42279
• FileNotFoundException from unused mis-configured SSL bundles #42169
• ZipkinHttpClientSender fails with "Failed to introspect Class" when spring-web is not on the classpath #42161
• @RestartScope can cause 'Recursive update' exceptions when used with container beans #42107
• JarLauncher fails to load large jar files #42079
• PropertiesMigrationListener wrongly reports property as deprecated when has group #42071
• Using an empty string MongoDB 'replica-set-name' property will result in ClusterType=REPLICA_SET #42059
• Default Logback config uses deprecated "converterClass" attribute #42006

📔 Documentation

• Document that spring.jmx.enabled is not intended for third-party libraries #42285
• Update link to Log4j2 system properties #42263
• Links to GraphQL in the reference guide redirect to the root instead of specific sections #42208
• Syntax error in "Receive a message reactively section" of the reference guide #42200
• Deprecation reason for the autotime enabled, percentiles, and percentiles-historgram properties is confusing #42193
• Replace RFC 7807 by RFC 9457 in property documentation #42190
• Document that configuration property binding to a Kotlin value class with a default is not supported #42176
• Update documentation to reflect new no handler found exception behavior #42167
• Polish configuration property reference #42165
• Remove link to “Converting a Spring Boot JAR Application to a WAR” as the guide is no longer available #42111
• Fix StatsD link typo on Metrics documentation page #42109
• Improve docker without buildpacks documentation #42106
• Improve documentation in "Command-line Completion" #42103
• Kotlin code examples are missing from the Testing section #42094
• Fix incorrect command in Docker configuration for Colima #42078
• Gradle Plugin AOT documentation has sample error #42046

🔨 Dependency Upgrades

• Upgrade to Groovy 4.0.23 #42292
• Upgrade to Hibernate 6.5.3.Final #42365
• Upgrade to Infinispan 15.0.8.Final #42253
• Upgrade to Jakarta Servlet JSP JSTL 3.0.2 #42254
• Upgrade to Jetty 12.0.13 #42256
• Upgrade to Jetty Reactive HTTPClient 4.0.7 #42255
• Upgrade to Logback 1.5.8 #42257
• Upgrade to Micrometer 1.13.4 #42129
• Upgrade to Micrometer Tracing 1.3.4 #42130
• Upgrade to MSSQL JDBC 12.6.4.jre11 #42258
• Upgrade to Native Build Tools Plugin 0.10.3 #42205
• Upgrade to Netty 4.1.113.Final #42259
• Upgrade to Postgresql 42.7.4 #42260
• Upgrade to R2DBC MariaDB 1.2.2 #42326
• Upgrade to Reactor Bom 2023.0.10 #42131
• Upgrade to SendGrid 4.10.3 #42366

... (truncated)

Commits

• 8e9dc7b Release v3.3.4
• 4e860f1 Merge branch '3.2.x' into 3.3.x
• d137191 Next development version (v3.2.11-SNAPSHOT)
• 97dd01e Upgrade to SendGrid 4.10.3
• 1b3b3aa Upgrade to Hibernate 6.5.3.Final
• c2adc3b Upgrade to Zipkin Reporter 3.4.2
• 0271b24 Merge branch '3.2.x' into 3.3.x
• ae8315e Use Liberica for Java 23 CI
• 4956990 Merge branch '3.2.x' into 3.3.x
• f9379f4 Apply nohttp check per-project rather than at root
• Additional commits viewable in compare view

Updates kr.motd.maven:os-maven-plugin from 1.5.0.Final to 1.7.1

Release notes

Sourced from kr.motd.maven:os-maven-plugin's releases.

os-maven-plugin-1.7.1

• Added detection of more RISC-V architectures. #61 #62 #66 (Thanks to @​zinovya and @​luhenry)
  • riscv32 is detected as riscv for backward compatibility with 1.7.0.
  • riscv64 is detected as riscv64.
• Added detection of Elbrus 2000 architecture. #57 (Thanks to @​antonbashir)
• Added detection of LoongArch64 architecture. #63 #64 (Thanks to @​zhangwenlong8911 and @​xiangzhai)
• Fixed the detection logic so that it detects more MacOS variants. #58 #67 (Thanks to @​aalmiray)

os-maven-plugin-1.7.0

• Added a new property os.detected.arch.bitness #36 #41 (Thanks to @​jflecomte and @​bmarwell)
• Added detection of RISC-V architecture, riscv #51 #53 (Thanks to @​advancedwebdeveloper)
• Added an abstraction layer for System property and file system access #47 #48 (Thanks to @​voidzcy)
• Added thread safety information to Maven plugin metadata so that Maven doesn't warn about thread safety anymore #42 #44 (Thanks to @​seime and @​mortenlocka)

os-maven-plugin-1.6.2

• Added detection of z/OS operating system #39 #40 (Thanks to @​ind1go)

os-maven-plugin-1.6.1

• Added m2e life cycle mapping metadata so os-maven-plugin works better with Eclipse m2e. #37 (Thanks, @​sergei-ivanov)

os-maven-plugin-1.6.0

• Added support for MIPS and MIPSEL 32/64-bit architecture
  • mips_32 - if the value is one of: mips, mips32
  • mips_64 - if the value is mips64
  • mipsel_32 - if the value is one of: mipsel, mips32el
  • mipsel_64 - if the value is mips64el
• Added support for PPCLE 32-bit architecture
  • ppcle_32 - if the value is one of: ppcle, ppc32le
• Added support for IA64N and IA64W architecture
  • itanium_32 - if the value is ia64n
  • itanium_64 - if the value is one of: ia64, ia64w (new), itanium64
• Fixed classpath conflicts due to outdated Guava version in transitive dependencies (#29)
• Fixed incorrect prerequisite (#21)
• Overall code clean-up and dependency updates

Commits

• 9913130 [maven-release-plugin] prepare release os-maven-plugin-1.7.1
• 211db49 Override the default Maven repository when testing against old Maven versions
• 88bae1e Detect more osx variants (#67)
• cebc3e8 Add support for LoongArch64 architecture (#63)
• 4df5494 Add riscv32 and riscv64 support (#62)
• 6bd9cfa Support for E2K (Elbrus 2000) architecture (#57)
• 6d81345 Update README.md
• 52e547c Update the version in README.md
• ad10438 [maven-release-plugin] prepare for next development iteration
• 4a74c82 [maven-release-plugin] prepare release os-maven-plugin-1.7.0
• Additional commits viewable in compare view

Updates org.jvnet.wagon-svn:wagon-svn from 1.9 to 1.12

Updates javax.xml.bind:jaxb-api from 2.2.3 to 2.3.1

Commits

• See full diff in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.12

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.12

New Features

• JaCoCo now officially supports Java 22 (GitHub #1596).
• Experimental support for Java 23 class files (GitHub #1553).

Fixed bugs

• Branches added by the Kotlin compiler for functions with default arguments and having more than 32 parameters are filtered out during generation of report (GitHub #1556).
• Branch added by the Kotlin compiler version 1.5.0 and above for reading from lateinit property is filtered out during generation of report (GitHub #1568).

Non-functional Changes

• JaCoCo now depends on ASM 9.7 (GitHub #1600).

0.8.11

New Features

• JaCoCo now officially supports Java 21 (GitHub #1520).
• Experimental support for Java 22 class files (GitHub #1479).
• Part of bytecode generated by the Java compilers for exhaustive switch expressions is filtered out during generation of report (GitHub #1472).
• Part of bytecode generated by the Java compilers for record patterns is filtered out during generation of report (GitHub #1473).

Fixed bugs

• Instrumentation should not cause VerifyError when the last local variable of method parameters is overridden in the method body to store a value of type long or double (GitHub #893).
• Restore exec file compatibility with versions from 0.7.5 to 0.8.8 in case of class files with zero line numbers (GitHub #1492).

Non-functional Changes

• jacoco-maven-plugin now requires at least Java 8 (GitHub #1466, #1468).
• JaCoCo build now requires at least Maven 3.5.4 (GitHub #1467).
• Maven 3.9.2 should not produce warnings for jacoco-maven-plugin (GitHub #1468).
• JaCoCo build now requires JDK 17 (GitHub #1482).
• JaCoCo now depends on ASM 9.6 (GitHub #1518).

Commits

• dbfb6f2 Prepare release 0.8.12
• a50585b Upgrade maven-plugin-plugin to 3.6.4 (#1604)
• fd63cc5 Configure labels that Dependabot assigns to PRs (#1603)
• 03a5333 Add configuration for Dependabot to simplify updates of ASM (#1601)
• 40ff9fb Upgrade ASM to 9.7 (#1600)
• 9077178 Happy birthday Java 22! (#1596)
• 7edd1b5 Bump actions/setup-java from 4.1.0 to 4.2.1 (#1594)
• e50b547 Upgrade ECJ to 3.37.0 (#1590)
• a1144d0 Upgrade maven-site-plugin to 3.12.1 (#1586)
• 04b0141 Bump actions/setup-java from 4.0.0 to 4.1.0 (#1587)
• Additional commits viewable in compare view

Updates org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.8 to 1.7.0

Updates org.apache.maven.plugins:maven-gpg-plugin from 1.6 to 3.2.7

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.7

Fixes a lingering issue affecting whole 3.2.x lineage, that resulted in "bad passphrase" on Windows OS with GPG signer (see MGPG-136 for details).

What's Changed

• [MGPG-136] Windows passphrase corruption by @​cstamas in apache/maven-gpg-plugin#120
• Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to 2.10.1 by @​dependabot in apache/maven-gpg-plugin#121
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @​dependabot in apache/maven-gpg-plugin#119

Full Changelog: apache/maven-gpg-plugin@maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7

3.2.6

Release Notes - Maven GPG Plugin - Version 3.2.6

---

What's Changed

• [MGPG-135] Support Overriding / Enhance the signer in AbstractGpgMojo by @​laeubi in apache/maven-gpg-plugin#112
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0 by @​dependabot in apache/maven-gpg-plugin#114
• [MGPG-140] Update Maven to 3.9.9 by @​cstamas in apache/maven-gpg-plugin#116
• [MGPG-138] Drop direct use of plexus-cipher and secdispatcher by @​cstamas in apache/maven-gpg-plugin#115
• [MGPG-141] Remove use of deprecated classes by @​cstamas in apache/maven-gpg-plugin#117
• Add FAQ for "no pinentry" issue by @​cstamas in apache/maven-gpg-plugin#118

New Contributors

• @​laeubi made their first contribution in apache/maven-gpg-plugin#112

... (truncated)

Commits

• 43af21c [maven-release-plugin] prepare release maven-gpg-plugin-3.2.7
• 8c5a8d2 [MGPG-144] Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#119)
• cb5422f [MGPG-143] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to ...
• 6b2a27f [MGPG-136] Windows passphrase corruption (#120)
• 31e87e0 [maven-release-plugin] prepare for next development iteration
• 1c9a14c [maven-release-plugin] prepare release maven-gpg-plugin-3.2.6
• bbe6156 Add FAQ for "no pinentry" issue (#118)
• 5b94273 [MGPG-141] Remove use of deprecated classes (#117)
• afdfd28 [MGPG-138] Drop direct use of plexus-cipher and secdispatcher (#115)
• 7516e7c [MGPG-140] Update Maven to 3.9.9 (#116)
• Additional commits viewable in compare view

Updates com.google.guava:guava from 29.0-jre to 33.3.1-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.3.1

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.3.1-jre</version>
  <!-- or, for Android: -->
  <version>33.3.1-android</version>
</dependency>

Jar files

• 33.3.1-jre.jar
• 33.3.1-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.3.1-jre
• 33.3.1-android

JDiff

• 33.3.1-jre vs. 33.3.0-jre
• 33.3.1-android vs. 33.3.0-android
• 33.3.1-android vs. 33.3.1-jre

Changelog

• Added j2objc-annotations to the Gradle runtime classpath to stop producing an Android Gradle Plugin error. (a3b51888c2)

33.3.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.3.0-jre</version>
  <!-- or, for Android: -->
  <version>33.3.0-android</version>
</dependency>

... (truncated)

Commits

• See full diff in compare view

Updates org.springdoc:springdoc-openapi-ui from 1.2.33 to 1.8.0

Updates org.apache.maven.plugins:maven-enforcer-plugin from 3.0.0-M3 to 3.5.0

Release notes

Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.

3.5.0

🚀 New features and improvements

• [MENFORCER-497] - Require Maven 3.6.3+ (#317) @​slawekjaranowski
• [MENFORCER-494] - Allow banning dynamic versions in whole tree (#294) @​JimmyAx
• [MENFORCER-500] - New rule to enforce that Maven coordinates match given (#309) @​kwin

🐛 Bug Fixes

• [MENFORCER-503] - Pass context to ProfileActivator - fix NPE in Maven 3.9.7 (#315) @​slawekjaranowski

📦 Dependency updates

• [MENFORCER-501] - Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311) @​dependabot
• [MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312) @​dependabot
• [MENFORCER-504] - Bump org.apache.maven:maven-parent from 41 to 42 (#314) @​dependabot
• [MENFORCER-501] - Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#298) @​dependabot
• [MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#305) @​dependabot
• [MENFORCER-501] - Bump commons-io:commons-io from 2.13.0 to 2.16.0 (#310) @​dependabot
• Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#308) @​dependabot
• [MENFORCER-498] - Update parent pom to 41 (#306) @​slachiewicz
• Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303) @​dependabot
• Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 (#301) @​dependabot
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#295) @​dependabot
• Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#296) @​dependabot
• [MENFORCER-492] - Bump plexus-utils from 3.5.1 to 4.0.0 and plexus-xml 3.0.0 (#291) @​slawekjaranowski
• Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292) @​dependabot

👻 Maintenance

• [MENFORCER-490] - Remove unused dependency (#316) @​elharo
• Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307) @​dependabot
• Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 (#304) @​dependabot
• [MENFORCER-498] - Update parent pom to 41 (#306) @​slachiewicz
• Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303) @​dependabot
• Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292) @​dependabot
• Oxford comma, fill to file, and tighten language (#290) @​elharo
• [MENFORCER-490] - Declare enforcer-rules dependencies (#289) @​elharo
• [MENFORCER-490] - fully declare maven-enforcer-plugin dependencies (#288) @​elharo

3.4.1

🐛 Bug Fixes

• [MENFORCER-491] - Fix plugin documentation generation (#286) @​slawekjaranowski

👻 Maintenance

... (truncated)

Commits

• 21b31b5 [maven-release-plugin] prepare release enforcer-3.5.0
• e6cd6e9 Remove unused dependency (#316)
• 29d1c0d [MENFORCER-497] Require Maven 3.6.3+
• 80e6626 [MENFORCER-503] Pass context to ProfileActivator - fix NPE in Maven 3.9.7
• 5c7d0bc [MENFORCER-494] Allow banning dynamic versions in whole tree (#294)
• e687c46 [MENFORCER-501] Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311)
• 6665083 [MENFORCER-501] Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312)
• 3eb6343 Bump project version to 3.5.0-SNAPSHOT
• 1cf5c5f [MENFORCER-504] Bump org.apache.maven:maven-parent from 41 to 42 (#314)
• a24b557 Manage ignore artifacts for dependabot in PR
• Additional commits viewable in compare view

Updates com.github.tomakehurst:wiremock from 2.26.0 to 2.27.2

Commits

• 56d7a08 Added memoization to match results during request -> stub near miss calculation
• b9a3865 Bumped patch version
• 278ab58 Fixed #1375 - removed memoization of string value pattern matches, as this is...
• 1b48c42 Fixed #1346 - raised default Jetty stop timeout to prevent unbounded thread c...
• 2b50872 Bumped patch version
• e2809eb Moved the writable key store source (used when browser proxying HTTPS) to the...
• d597aaf Upgraded to Jetty 9.4.30 and Conscrypt 2.2.1 (not the most recent, but the ne...
• 129d00b Fixed #994 - added the ability to set the keystore type and trust store type ...
• 6ded3d6 Fixed #807 - added a distinction in configuration between keystore password a...
• 500ebec Added support for saving keystore files and switched the Jetty94 browser prox...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions