Bump the deps group across 1 directory with 11 updates

[dependabot]

Bumps the deps group with 11 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	2.2.7.RELEASE	3.3.2
kr.motd.maven:os-maven-plugin	1.5.0.Final	1.7.1
org.jvnet.wagon-svn:wagon-svn	1.9	1.12
javax.xml.bind:jaxb-api	2.2.3	2.3.1
org.jacoco:jacoco-maven-plugin	0.8.10	0.8.12
org.sonatype.plugins:nexus-staging-maven-plugin	1.6.8	1.7.0
org.apache.maven.plugins:maven-gpg-plugin	1.6	3.2.5
com.google.guava:guava	29.0-jre	33.3.0-jre
org.springdoc:springdoc-openapi-ui	1.2.33	1.8.0
org.apache.maven.plugins:maven-enforcer-plugin	3.0.0-M3	3.5.0
com.github.tomakehurst:wiremock	2.26.0	2.27.2

Updates org.springframework.boot:spring-boot-starter-parent from 2.2.7.RELEASE to 3.3.2

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.3.2

🐞 Bug Fixes

• No configuration property for defaultTimeout setting that was introduced in Spring Integration 6.2 #41521
• NPE during auto-configuration in OnClassCondition.resolveOutcomesThreaded because firstHalf is null #41504
• Spring Authorization Server now defaults multipleIssuersAllowed to false and it cannot be easily re-enabled #41355
• ServiceConnection does not work with @DataLdapTest #41325
• PropertiesMigrationListener wrongly reports property as deprecated #41252
• @NestedConfigurationProperty doesn't work on records #41251
• TestcontainersLifecycleBeanPostProcessor does not work correctly with scoped beans #41238
• Error message can be misleading if spring.config.import fails to resolve #41236
• build-image failures after docker desktop update with 'Illegal char at index 5: npipe:////' #41234
• When using Jetty, filters, listeners, and servlets are not initialized with the same thread context classloader #41225
• DirtiesContext used with Webflux, a random port and multiple contexts causes multiple contexts to misbehave #41221
• NoSuchMethodException on org.apache.activemq.ActiveMQConnectionFactory.<init> when using spring-boot-starter-activemq in a native image #41214

📔 Documentation

• Fix documentation links in the README #41531
• Document the types to which each spring.mvc.format and spring.webflux.format property applies #41518
• Document that logging.file.name and logging.file.path cannot be used together #41516
• Refine CDS how-to guide #41464
• Fix typos in javadoc of BootstrapContext #41448
• CDS link in "Efficient Deployments" documentation is broken #41321
• Update Kotlin DSL examples that configure the environment of bootBuildImage to be additive #41270
• Document tracing support for RestClient #41192
• Documentation wrongly states that zipkin-sender-urlconnection is needed #41181

🔨 Dependency Upgrades

• Upgrade to AspectJ 1.9.22.1 #41474
• Upgrade to Byte Buddy 1.14.18 #41371
• Upgrade to Dependency Management Plugin 1.1.6 #41372
• Upgrade to GraphQL Java 22.1 #41219
• Upgrade to Groovy 4.0.22 #41373
• Upgrade to HttpCore5 5.2.5 #41374
• Upgrade to Jackson Bom 2.17.2 #41375
• Upgrade to Jetty 12.0.11 #41376
• Upgrade to JsonAssert 1.5.3 #41377
• Upgrade to JUnit Jupiter 5.10.3 #41378
• Upgrade to Kafka 3.7.1 #41379
• Upgrade to Lombok 1.18.34 #41380
• Upgrade to Micrometer 1.13.2 #41298
• Upgrade to Micrometer Tracing 1.3.2 #41299
• Upgrade to MSSQL JDBC 12.6.3.jre11 #41381
• Upgrade to Neo4j Java Driver 5.22.0 #41382
• Upgrade to R2DBC MariaDB 1.2.1 #41383
• Upgrade to Reactor Bom 2023.0.8 #41384
• Upgrade to Spring Data Bom 2024.0.2 #41300
• Upgrade to Spring Framework 6.1.11 #41301

... (truncated)

Commits

• 2d0861d Release v3.3.2
• 397f3f4 Merge branch '3.2.x' into 3.3.x
• f5df7e7 Fix documentation links in the README
• 6f745c7 Merge pull request #41531 from anbusampath
• 3d29359 Update README to fix links to the docs
• b7ff40e Merge pull request #41355 from opcooc
• 1a6760e Polish "Add configuration property to allow multiple issuers"
• b0b97fb Add configuration property to allow multiple issuers
• f7780b4 Polish
• 51646fb Upgrade to Spring Pulsar 1.1.2
• Additional commits viewable in compare view

Updates kr.motd.maven:os-maven-plugin from 1.5.0.Final to 1.7.1

Release notes

Sourced from kr.motd.maven:os-maven-plugin's releases.

os-maven-plugin-1.7.1

• Added detection of more RISC-V architectures. #61 #62 #66 (Thanks to @​zinovya and @​luhenry)
  • riscv32 is detected as riscv for backward compatibility with 1.7.0.
  • riscv64 is detected as riscv64.
• Added detection of Elbrus 2000 architecture. #57 (Thanks to @​antonbashir)
• Added detection of LoongArch64 architecture. #63 #64 (Thanks to @​zhangwenlong8911 and @​xiangzhai)
• Fixed the detection logic so that it detects more MacOS variants. #58 #67 (Thanks to @​aalmiray)

os-maven-plugin-1.7.0

• Added a new property os.detected.arch.bitness #36 #41 (Thanks to @​jflecomte and @​bmarwell)
• Added detection of RISC-V architecture, riscv #51 #53 (Thanks to @​advancedwebdeveloper)
• Added an abstraction layer for System property and file system access #47 #48 (Thanks to @​voidzcy)
• Added thread safety information to Maven plugin metadata so that Maven doesn't warn about thread safety anymore #42 #44 (Thanks to @​seime and @​mortenlocka)

os-maven-plugin-1.6.2

• Added detection of z/OS operating system #39 #40 (Thanks to @​ind1go)

os-maven-plugin-1.6.1

• Added m2e life cycle mapping metadata so os-maven-plugin works better with Eclipse m2e. #37 (Thanks, @​sergei-ivanov)

os-maven-plugin-1.6.0

• Added support for MIPS and MIPSEL 32/64-bit architecture
  • mips_32 - if the value is one of: mips, mips32
  • mips_64 - if the value is mips64
  • mipsel_32 - if the value is one of: mipsel, mips32el
  • mipsel_64 - if the value is mips64el
• Added support for PPCLE 32-bit architecture
  • ppcle_32 - if the value is one of: ppcle, ppc32le
• Added support for IA64N and IA64W architecture
  • itanium_32 - if the value is ia64n
  • itanium_64 - if the value is one of: ia64, ia64w (new), itanium64
• Fixed classpath conflicts due to outdated Guava version in transitive dependencies (#29)
• Fixed incorrect prerequisite (#21)
• Overall code clean-up and dependency updates

Commits

• 9913130 [maven-release-plugin] prepare release os-maven-plugin-1.7.1
• 211db49 Override the default Maven repository when testing against old Maven versions
• 88bae1e Detect more osx variants (#67)
• cebc3e8 Add support for LoongArch64 architecture (#63)
• 4df5494 Add riscv32 and riscv64 support (#62)
• 6bd9cfa Support for E2K (Elbrus 2000) architecture (#57)
• 6d81345 Update README.md
• 52e547c Update the version in README.md
• ad10438 [maven-release-plugin] prepare for next development iteration
• 4a74c82 [maven-release-plugin] prepare release os-maven-plugin-1.7.0
• Additional commits viewable in compare view

Updates org.jvnet.wagon-svn:wagon-svn from 1.9 to 1.12

Updates javax.xml.bind:jaxb-api from 2.2.3 to 2.3.1

Commits

• See full diff in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.12

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.12

New Features

• JaCoCo now officially supports Java 22 (GitHub #1596).
• Experimental support for Java 23 class files (GitHub #1553).

Fixed bugs

• Branches added by the Kotlin compiler for functions with default arguments and having more than 32 parameters are filtered out during generation of report (GitHub #1556).
• Branch added by the Kotlin compiler version 1.5.0 and above for reading from lateinit property is filtered out during generation of report (GitHub #1568).

Non-functional Changes

• JaCoCo now depends on ASM 9.7 (GitHub #1600).

0.8.11

New Features

• JaCoCo now officially supports Java 21 (GitHub #1520).
• Experimental support for Java 22 class files (GitHub #1479).
• Part of bytecode generated by the Java compilers for exhaustive switch expressions is filtered out during generation of report (GitHub #1472).
• Part of bytecode generated by the Java compilers for record patterns is filtered out during generation of report (GitHub #1473).

Fixed bugs

• Instrumentation should not cause VerifyError when the last local variable of method parameters is overridden in the method body to store a value of type long or double (GitHub #893).
• Restore exec file compatibility with versions from 0.7.5 to 0.8.8 in case of class files with zero line numbers (GitHub #1492).

Non-functional Changes

• jacoco-maven-plugin now requires at least Java 8 (GitHub #1466, #1468).
• JaCoCo build now requires at least Maven 3.5.4 (GitHub #1467).
• Maven 3.9.2 should not produce warnings for jacoco-maven-plugin (GitHub #1468).
• JaCoCo build now requires JDK 17 (GitHub #1482).
• JaCoCo now depends on ASM 9.6 (GitHub #1518).

Commits

• dbfb6f2 Prepare release 0.8.12
• a50585b Upgrade maven-plugin-plugin to 3.6.4 (#1604)
• fd63cc5 Configure labels that Dependabot assigns to PRs (#1603)
• 03a5333 Add configuration for Dependabot to simplify updates of ASM (#1601)
• 40ff9fb Upgrade ASM to 9.7 (#1600)
• 9077178 Happy birthday Java 22! (#1596)
• 7edd1b5 Bump actions/setup-java from 4.1.0 to 4.2.1 (#1594)
• e50b547 Upgrade ECJ to 3.37.0 (#1590)
• a1144d0 Upgrade maven-site-plugin to 3.12.1 (#1586)
• 04b0141 Bump actions/setup-java from 4.0.0 to 4.1.0 (#1587)
• Additional commits viewable in compare view

Updates org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.8 to 1.7.0

Updates org.apache.maven.plugins:maven-gpg-plugin from 1.6 to 3.2.5

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.5

Release Notes - Maven GPG Plugin - Version 3.2.5

---

• [MGPG-134] - Update maven-invoker (#110) @​cstamas
• [MGPG-130] - Update sigstore extension to ".sigstore.json" (#109) @​loosebazooka
• [MGPG-128] - Parent POM 42, prerequisite 3.6.3 (#100) @​cstamas

📦 Dependency updates

• Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.17.0 to 1.18.2 (#105) @​dependabot
• Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.1 to 2.10.0 (#107) @​dependabot
• Bump org.apache.maven.plugins:maven-plugins from 42 to 43 (#108) @​dependabot
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 (#103) @​dependabot
• Bump bouncycastleVersion from 1.78 to 1.78.1 (#98) @​dependabot

3.2.4

Release Notes - Maven GPG Plugin - Version 3.2.4

... (truncated)

Commits

• 737d4ee [maven-release-plugin] prepare release maven-gpg-plugin-3.2.5
• 7747063 [MGPG-134] Update maven-invoker (#110)
• 3df5f83 [MGPG-133] Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.17.0 to ...
• 58a2069 [MGPG-132] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.1 to 2...
• e911b43 [MGPG-131] Bump org.apache.maven.plugins:maven-plugins from 42 to 43 (#108)
• d2b60d3 [MGPG-130] Update sigstore extension for exclusion (#109)
• 091f388 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0
• 899f410 [MGPG-128] Parent POM 42, prerequisite 3.6.3 (#100)
• f0be6f3 [MGPG-127] Bump bouncycastleVersion from 1.78 to 1.78.1 (#98)
• 7dd5166 [maven-release-plugin] prepare for next development iteration
• Additional commits viewable in compare view

Updates com.google.guava:guava from 29.0-jre to 33.3.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.3.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.3.0-jre</version>
  <!-- or, for Android: -->
  <version>33.3.0-android</version>
</dependency>

Jar files

• 33.3.0-jre.jar
• 33.3.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.3.0-jre
• 33.3.0-android

JDiff

• 33.3.0-jre vs. 33.2.1-jre
• 33.3.0-android vs. 33.2.1-android
• 33.3.0-android vs. 33.3.0-jre

Changelog

• base: Removed @Beta from the Duration overload of Suppliers.memoizeWithExpiration. (76fca99db95ce9c8e55bb9c37fd0e44ef0451a80)
• cache: Added CacheBuilder Duration overloads to guava-android. (a5f9bcafd6)
• collect: Removed @Beta from the guava-android Collector APIs. (c86c09dc3d)
• collect: Added ImmutableMultimap.builderWithExpectedKeys and ImmutableMultimap.Builder.expectedValuesPerKey. (c3d5b17dc2)
• graph: Improved Graphs.hasCycle to avoid causing StackOverflowError for long paths. (63734b9dfc)
• net: Added text/markdown to MediaType. (2466a099ae)
• net: Deprecated HttpHeaders constant for Sec-Ch-UA-Form-Factor in favor of Sec-Ch-UA-Form-Factors to follow the latest spec. (b310b7e1ee)
• testing: Changed some test libraries to throw AssertionError (instead of the more specific AssertionFailedError) in some cases. (fdfbed1985)

33.2.1

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.2.1-jre</version>
</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Updates org.springdoc:springdoc-openapi-ui from 1.2.33 to 1.8.0

Updates org.apache.maven.plugins:maven-enforcer-plugin from 3.0.0-M3 to 3.5.0

Release notes

Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.

3.5.0

🚀 New features and improvements

• [MENFORCER-497] - Require Maven 3.6.3+ (#317) @​slawekjaranowski
• [MENFORCER-494] - Allow banning dynamic versions in whole tree (#294) @​JimmyAx
• [MENFORCER-500] - New rule to enforce that Maven coordinates match given (#309) @​kwin

🐛 Bug Fixes

• [MENFORCER-503] - Pass context to ProfileActivator - fix NPE in Maven 3.9.7 (#315) @​slawekjaranowski

📦 Dependency updates

• [MENFORCER-501] - Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311) @​dependabot
• [MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312) @​dependabot
• [MENFORCER-504] - Bump org.apache.maven:maven-parent from 41 to 42 (#314) @​dependabot
• [MENFORCER-501] - Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#298) @​dependabot
• [MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#305) @​dependabot
• [MENFORCER-501] - Bump commons-io:commons-io from 2.13.0 to 2.16.0 (#310) @​dependabot
• Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#308) @​dependabot
• [MENFORCER-498] - Update parent pom to 41 (#306) @​slachiewicz
• Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303) @​dependabot
• Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 (#301) @​dependabot
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#295) @​dependabot
• Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#296) @​dependabot
• [MENFORCER-492] - Bump plexus-utils from 3.5.1 to 4.0.0 and plexus-xml 3.0.0 (#291) @​slawekjaranowski
• Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292) @​dependabot

👻 Maintenance

• [MENFORCER-490] - Remove unused dependency (#316) @​elharo
• Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307) @​dependabot
• Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 (#304) @​dependabot
• [MENFORCER-498] - Update parent pom to 41 (#306) @​slachiewicz
• Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303) @​dependabot
• Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292) @​dependabot
• Oxford comma, fill to file, and tighten language (#290) @​elharo
• [MENFORCER-490] - Declare enforcer-rules dependencies (#289) @​elharo
• [MENFORCER-490] - fully declare maven-enforcer-plugin dependencies (#288) @​elharo

3.4.1

🐛 Bug Fixes

• [MENFORCER-491] - Fix plugin documentation generation (#286) @​slawekjaranowski

👻 Maintenance

... (truncated)

Commits

• 21b31b5 [maven-release-plugin] prepare release enforcer-3.5.0
• e6cd6e9 Remove unused dependency (#316)
• 29d1c0d [MENFORCER-497] Require Maven 3.6.3+
• 80e6626 [MENFORCER-503] Pass context to ProfileActivator - fix NPE in Maven 3.9.7
• 5c7d0bc [MENFORCER-494] Allow banning dynamic versions in whole tree (#294)
• e687c46 [MENFORCER-501] Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311)
• 6665083 [MENFORCER-501] Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312)
• 3eb6343 Bump project version to 3.5.0-SNAPSHOT
• 1cf5c5f [MENFORCER-504] Bump org.apache.maven:maven-parent from 41 to 42 (#314)
• a24b557 Manage ignore artifacts for dependabot in PR
• Additional commits viewable in compare view

Updates com.github.tomakehurst:wiremock from 2.26.0 to 2.27.2

Commits

• 56d7a08 Added memoization to match results during request -> stub near miss calculation
• b9a3865 Bumped patch version
• 278ab58 Fixed #1375 - removed memoization of string value pattern matches, as this is...
• 1b48c42 Fixed #1346 - raised default Jetty stop timeout to prevent unbounded thread c...
• 2b50872 Bumped patch version
• e2809eb Moved the writable key store source (used when browser proxying HTTPS) to the...
• d597aaf Upgraded to Jetty 9.4.30 and Conscrypt 2.2.1 (not the most recent, but the ne...
• 129d00b Fixed #994 - added the ability to set the keystore type and trust store type ...
• 6ded3d6 Fixed #807 - added a distinction in configuration between keystore password a...
• 500ebec Added support for saving keystore files and switched the Jetty94 browser prox...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #29.