Bumps [spotless-plugin-gradle](https://github.com/diffplug/spotless)
from 6.12.1 to 6.13.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fdb58d79c7"><code>fdb58d7</code></a>
Published plugin-gradle/6.13.0</li>
<li><a
href="5d73b3ba23"><code>5d73b3b</code></a>
Fix bug in gradle publishing.</li>
<li><a
href="54bcc6068d"><code>54bcc60</code></a>
spotlessApply</li>
<li><a
href="5c10387fa9"><code>5c10387</code></a>
Bump plugin-maven changelog.</li>
<li><a
href="be90ffcf49"><code>be90ffc</code></a>
Oops, fix the gradle plugin build.</li>
<li><a
href="84b42b46e8"><code>84b42b4</code></a>
Fix deprecation in how gradle plugins are published.</li>
<li><a
href="49505b819c"><code>49505b8</code></a>
Improve deploy.yml docs since we're actually using Base64.</li>
<li><a
href="49e370b927"><code>49e370b</code></a>
Published lib/2.32.0</li>
<li><a
href="3adaa1c35d"><code>3adaa1c</code></a>
Fix subgroups leading catch all matcher (<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1485">#1485</a>)</li>
<li><a
href="109ffa6b65"><code>109ffa6</code></a>
spotlessApply</li>
<li>Additional commits viewable in <a
href="https://github.com/diffplug/spotless/compare/gradle/6.12.1...plugin-gradle/6.13.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.diffplug.spotless from 6.12.1 to 6.13.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [nullaway](https://github.com/uber/NullAway) from 0.10.7 to
0.10.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/uber/NullAway/blob/master/CHANGELOG.md">nullaway's
changelog</a>.</em></p>
<blockquote>
<h2>Version 0.10.8</h2>
<ul>
<li>Don't do checks for type casts and parameterized trees in
unannotated code (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/712">#712</a>)</li>
<li>Add an initial <code>nullaway:nullaway-annotations</code> artifact.
(<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/709">#709</a>)
<ul>
<li>Contains only an implementation of <code>@Initializer</code> for
now.</li>
</ul>
</li>
<li>NullAwayInfer/Annotator data serialization support [experimental]
<ul>
<li>Update region selection for initialization errors. (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/713">#713</a>)</li>
<li>Update path serialization for reported errors and fixes. (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/714">#714</a>)</li>
</ul>
</li>
<li>Build / CI tooling for NullAway itself:
<ul>
<li>Turn up various Error Prone checks (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/710">#710</a>)</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8309d67fa0"><code>8309d67</code></a>
Prepare for release 0.10.8.</li>
<li><a
href="535772a507"><code>535772a</code></a>
[FixSerialization] Update path serialization for reported errors and
fixes. (...</li>
<li><a
href="dcadcfae37"><code>dcadcfa</code></a>
Update region selection for initialization errors. (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/713">#713</a>)</li>
<li><a
href="2f871a8329"><code>2f871a8</code></a>
Don't do checks for type casts and parameterized trees in unannotated
code (#...</li>
<li><a
href="ab0a17df03"><code>ab0a17d</code></a>
Turn up various Error Prone checks (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/710">#710</a>)</li>
<li><a
href="afb8fd4902"><code>afb8fd4</code></a>
Add an initial annotations artifact (with sample <a
href="https://github.com/Initializer"><code>@Initializer</code></a>
implementation)...</li>
<li><a
href="3ad8876b14"><code>3ad8876</code></a>
Prepare next development version.</li>
<li>See full diff in <a
href="https://github.com/uber/NullAway/compare/v0.10.7...v0.10.8">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.diffplug.spotless from 6.12.1 to 6.13.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [grpc-bom](https://github.com/grpc/grpc-java) from 1.52.0 to
1.52.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="57dfe8c913"><code>57dfe8c</code></a>
Bump version to 1.52.1</li>
<li><a
href="69f10e2662"><code>69f10e2</code></a>
Update README etc to reference 1.52.1</li>
<li><a
href="15026d5efb"><code>15026d5</code></a>
xds:fix cancel xds watcher accidentally removes the url (v1.52 backport)
(<a
href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9810">#9810</a>)</li>
<li><a
href="a13a2dd960"><code>a13a2dd</code></a>
Bump version to 1.52.1-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/grpc/grpc-java/compare/v1.52.0...v1.52.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
for okhttp-3.0 instrumentation, the README uses `OkHttpTracing`:
```java
import io.opentelemetry.instrumentation.okhttp.v3_0.OkHttpTracing;
...
return OkHttpTracing.builder(openTelemetry).build().newCallFactory(createClient());
```
#5624 changed `OkHttpTracing` to `OkHttpTelemetry` but the docs still
show the previous value which no longer works
Bumps [byte-buddy-dep](https://github.com/raphw/byte-buddy) from 1.12.21
to 1.12.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/raphw/byte-buddy/releases">byte-buddy-dep's
releases</a>.</em></p>
<blockquote>
<h2>Byte Buddy 1.12.22</h2>
<ul>
<li>Support <code>MethodHandle</code> and <code>MethodType</code> in
<code>Advice.Origin</code> annotation.</li>
<li>Support <code>MethodHandles.Lookup</code> in <code>Origin</code> and
<code>Advice.Origin</code> annotations.</li>
<li>Use modern API for Gradle Android API, if available, to avoid now
failing cast.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md">byte-buddy-dep's
changelog</a>.</em></p>
<blockquote>
<h2>Byte Buddy release notes</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="641f5a329e"><code>641f5a3</code></a>
[maven-release-plugin] prepare release byte-buddy-1.12.22</li>
<li><a
href="d732497c77"><code>d732497</code></a>
[release] Release new version</li>
<li><a
href="cc7c5c207c"><code>cc7c5c2</code></a>
Adjust internal type hierarchy.</li>
<li><a
href="99e6861754"><code>99e6861</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/raphw/byte-buddy/issues/1389">#1389</a>
from LikeTheSalad/master</li>
<li><a
href="6fe8a5c4ab"><code>6fe8a5c</code></a>
Using debug logs for DependenciesClasspathProvider</li>
<li><a
href="0ba7bd78ed"><code>0ba7bd7</code></a>
Added class headers</li>
<li><a
href="e8c15a67bc"><code>e8c15a6</code></a>
Using DependenciesClasspathProvider implementations</li>
<li><a
href="6ff15e3fda"><code>6ff15e3</code></a>
Created the DependenciesClasspathProvider interface and its
implementations</li>
<li><a
href="6a3facab94"><code>6a3faca</code></a>
Updated dependencies verification metadata</li>
<li><a
href="493eb7d1b7"><code>493eb7d</code></a>
Update to latest version.</li>
<li>Additional commits viewable in <a
href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.21...byte-buddy-1.12.22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `playVer` from 2.8.18 to 2.8.19.
Updates `play-guice_2.12` from 2.8.18 to 2.8.19
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/playframework/playframework/releases">play-guice_2.12's
releases</a>.</em></p>
<blockquote>
<h2>Play 2.8.19</h2>
<p>The Play Team is happy to announce the release of Play 2.8.19
🥳</p>
<h2>📗 What is new?</h2>
<h2>ping/pong support for WebSockets 🏓</h2>
<p><a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11521">Finally</a>!
Check out the documentation:</p>
<ul>
<li><a
href="https://www.playframework.com/documentation/2.8.19/ScalaWebSockets#Configuring-keep-alive-Frames">WebSockets
Play Scala</a></li>
<li><a
href="https://www.playframework.com/documentation/2.8.19/JavaWebSockets#Configuring-keep-alive-Frames">WebSockets
Play Java</a></li>
</ul>
<h2>Using Netty, WebSockets time out now ⏳</h2>
<p><a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11420">Another
fix</a> for WebSockets ships with this release as well:
If you are using the Netty backend the
<code>play.server.http[s].idleTimeout</code> setting will now be honored
for WebSocket connections. Until now, when using Netty, a WebSocket
connection never timed out. That might even was desirable for some use
cases, but now that we have ping/pong support you have to make use of
that to keep WebSocket connections open. That is the correct way of
doing things and not closing connections after an idle timeout was
actually a bug. The akka-http backend was always working correctly and
didn't need to be fixed.</p>
<h2>Removed the shutdown hook from the default logback config
🪝</h2>
<p>If you have</p>
<pre lang="xml"><code><shutdownHook
class="ch.qos.logback.core.hook.DelayingShutdownHook"/>
</code></pre>
<p>in your logback config, you should remove that line. Play handles the
shutdown of the logger context, the line shown is not necassary anymore
since at least Play 2.7 and is a leftover that should have been removed
a while ago. More details can be found in the <a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11532">according
pull request</a>.</p>
<h2>Correctly encode <code>Content-Disposition: form-data;
name="..."; filename="..."</code>
🔠</h2>
<p>When Play renders a request body containing multipart/form data it
will now encode the name and the filename fields according the <a
href="https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data">"WHATWG
HTML living standard" section 4.10.21.8</a>. <code>curl</code>,
Firefox, Chrome and other libraries like Python's urllib3 follow the
same approach. Until now, Play didn't encode those fields which could
result in security implications. Just to be clear, this is not about
receiving and parsing multipart/form data from a client, but when
sending multipart/form data e.g. via ws or when using the
<code>RequestBuilder</code> to build a request for testing purposes.
Details can be found in pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11571">#11571</a>.</p>
<h2>A few words on Play's compatibility with sbt 1.8 🔧</h2>
<p>Now that sbt 1.8 got released there have been reports that it isn't
working out of the box with Play, caused by a version conflict regarding
scala-xml, see <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11522">#11522</a>.
Unfortunately, right now, we don't have a fix for that yet. Even if we
bump scala-xml to version 2.x in Play and all its dependencies, we can't
currently make sbt 1.8 work with Play because of another problem
described in <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11527">#11527</a>.
The good news is, that isn't a showstopper if you still want to upgrade
to sbt 1.8. You can do that right now by putting</p>
<pre lang="scala"><code>ThisBuild / libraryDependencySchemes +=
"org.scala-lang.modules" %% "scala-xml" %
VersionScheme.Always
</code></pre>
<p>in <code>project/plugins.sbt</code>. That is possible because
scala-xml 1.x and 2.x are compatible anyway. However, like described in
<a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11527">#11527</a>
you will not be able to use <code>PlayNonBlockingInteractionMode</code>
with sbt 1.8 then (which probably not many people do anyway)</p>
<h2>Further roadmap 🗺️</h2>
<p>...news coming soon...</p>
<h1>Merged pull requests</h1>
<p>Following pull requests got merged for this release:</p>
<ul>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11604">#11604</a>
[2.8.x] Upgrade netty + netty reactive streams + fix backports by <a
href="https://github.com/mkurz"><code>@mkurz</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11603">#11603</a>
[2.8.x] Escape Content-Disposition params according to WHATWG HTML
living standard (backport <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11571">#11571</a>)
by <a href="https://github.com/mkurz"><code>@mkurz</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11602">#11602</a>
[2.8.x] Add exceptionOverrideClassName Hikari config setting (backport
<a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11601">#11601</a>)
by <a
href="https://github.com/benwaffle"><code>@benwaffle</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11598">#11598</a>
[2.8.x] Fix the example code to DiscardingCookie for
Results#discardingCookies (backport <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11597">#11597</a>)
by <a
href="https://github.com/tsuyoshizawa"><code>@tsuyoshizawa</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11593">#11593</a>
Update PlayApplicationOverview.md by <a
href="https://github.com/SenthilNayagan"><code>@SenthilNayagan</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f71c8c9d48"><code>f71c8c9</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11604">#11604</a>
from mkurz/upgrades</li>
<li><a
href="a0d913f1d8"><code>a0d913f</code></a>
Use --release instead of -source, -targe, -bootclasspath</li>
<li><a
href="cb98bbdf5e"><code>cb98bbd</code></a>
Scala 2.12 compatibility</li>
<li><a
href="d78a9ec953"><code>d78a9ec</code></a>
Fix backport: Keep using scala.collection.JavaConverters._</li>
<li><a
href="caf25fe528"><code>caf25fe</code></a>
Upgrade netty + netty reactive streams</li>
<li><a
href="f81bc59354"><code>f81bc59</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11603">#11603</a>
from playframework/mergify/bp/2.8.x/pr-11571</li>
<li><a
href="bb1c127ae4"><code>bb1c127</code></a>
Fix conflicts</li>
<li><a
href="f6f1b864ec"><code>f6f1b86</code></a>
Escape Content-Disposition params according to WHATWG HTML living
standard</li>
<li><a
href="abbebe4326"><code>abbebe4</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11602">#11602</a>
from playframework/mergify/bp/2.8.x/pr-11601</li>
<li><a
href="baf3860434"><code>baf3860</code></a>
Only two params needed/allowed</li>
<li>Additional commits viewable in <a
href="https://github.com/playframework/playframework/compare/2.8.18...2.8.19">compare
view</a></li>
</ul>
</details>
<br />
Updates `play-logback_2.12` from 2.8.18 to 2.8.19
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/playframework/playframework/releases">play-logback_2.12's
releases</a>.</em></p>
<blockquote>
<h2>Play 2.8.19</h2>
<p>The Play Team is happy to announce the release of Play 2.8.19
🥳</p>
<h2>📗 What is new?</h2>
<h2>ping/pong support for WebSockets 🏓</h2>
<p><a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11521">Finally</a>!
Check out the documentation:</p>
<ul>
<li><a
href="https://www.playframework.com/documentation/2.8.19/ScalaWebSockets#Configuring-keep-alive-Frames">WebSockets
Play Scala</a></li>
<li><a
href="https://www.playframework.com/documentation/2.8.19/JavaWebSockets#Configuring-keep-alive-Frames">WebSockets
Play Java</a></li>
</ul>
<h2>Using Netty, WebSockets time out now ⏳</h2>
<p><a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11420">Another
fix</a> for WebSockets ships with this release as well:
If you are using the Netty backend the
<code>play.server.http[s].idleTimeout</code> setting will now be honored
for WebSocket connections. Until now, when using Netty, a WebSocket
connection never timed out. That might even was desirable for some use
cases, but now that we have ping/pong support you have to make use of
that to keep WebSocket connections open. That is the correct way of
doing things and not closing connections after an idle timeout was
actually a bug. The akka-http backend was always working correctly and
didn't need to be fixed.</p>
<h2>Removed the shutdown hook from the default logback config
🪝</h2>
<p>If you have</p>
<pre lang="xml"><code><shutdownHook
class="ch.qos.logback.core.hook.DelayingShutdownHook"/>
</code></pre>
<p>in your logback config, you should remove that line. Play handles the
shutdown of the logger context, the line shown is not necassary anymore
since at least Play 2.7 and is a leftover that should have been removed
a while ago. More details can be found in the <a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11532">according
pull request</a>.</p>
<h2>Correctly encode <code>Content-Disposition: form-data;
name="..."; filename="..."</code>
🔠</h2>
<p>When Play renders a request body containing multipart/form data it
will now encode the name and the filename fields according the <a
href="https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data">"WHATWG
HTML living standard" section 4.10.21.8</a>. <code>curl</code>,
Firefox, Chrome and other libraries like Python's urllib3 follow the
same approach. Until now, Play didn't encode those fields which could
result in security implications. Just to be clear, this is not about
receiving and parsing multipart/form data from a client, but when
sending multipart/form data e.g. via ws or when using the
<code>RequestBuilder</code> to build a request for testing purposes.
Details can be found in pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11571">#11571</a>.</p>
<h2>A few words on Play's compatibility with sbt 1.8 🔧</h2>
<p>Now that sbt 1.8 got released there have been reports that it isn't
working out of the box with Play, caused by a version conflict regarding
scala-xml, see <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11522">#11522</a>.
Unfortunately, right now, we don't have a fix for that yet. Even if we
bump scala-xml to version 2.x in Play and all its dependencies, we can't
currently make sbt 1.8 work with Play because of another problem
described in <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11527">#11527</a>.
The good news is, that isn't a showstopper if you still want to upgrade
to sbt 1.8. You can do that right now by putting</p>
<pre lang="scala"><code>ThisBuild / libraryDependencySchemes +=
"org.scala-lang.modules" %% "scala-xml" %
VersionScheme.Always
</code></pre>
<p>in <code>project/plugins.sbt</code>. That is possible because
scala-xml 1.x and 2.x are compatible anyway. However, like described in
<a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11527">#11527</a>
you will not be able to use <code>PlayNonBlockingInteractionMode</code>
with sbt 1.8 then (which probably not many people do anyway)</p>
<h2>Further roadmap 🗺️</h2>
<p>...news coming soon...</p>
<h1>Merged pull requests</h1>
<p>Following pull requests got merged for this release:</p>
<ul>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11604">#11604</a>
[2.8.x] Upgrade netty + netty reactive streams + fix backports by <a
href="https://github.com/mkurz"><code>@mkurz</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11603">#11603</a>
[2.8.x] Escape Content-Disposition params according to WHATWG HTML
living standard (backport <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11571">#11571</a>)
by <a href="https://github.com/mkurz"><code>@mkurz</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11602">#11602</a>
[2.8.x] Add exceptionOverrideClassName Hikari config setting (backport
<a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11601">#11601</a>)
by <a
href="https://github.com/benwaffle"><code>@benwaffle</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11598">#11598</a>
[2.8.x] Fix the example code to DiscardingCookie for
Results#discardingCookies (backport <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11597">#11597</a>)
by <a
href="https://github.com/tsuyoshizawa"><code>@tsuyoshizawa</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11593">#11593</a>
Update PlayApplicationOverview.md by <a
href="https://github.com/SenthilNayagan"><code>@SenthilNayagan</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f71c8c9d48"><code>f71c8c9</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11604">#11604</a>
from mkurz/upgrades</li>
<li><a
href="a0d913f1d8"><code>a0d913f</code></a>
Use --release instead of -source, -targe, -bootclasspath</li>
<li><a
href="cb98bbdf5e"><code>cb98bbd</code></a>
Scala 2.12 compatibility</li>
<li><a
href="d78a9ec953"><code>d78a9ec</code></a>
Fix backport: Keep using scala.collection.JavaConverters._</li>
<li><a
href="caf25fe528"><code>caf25fe</code></a>
Upgrade netty + netty reactive streams</li>
<li><a
href="f81bc59354"><code>f81bc59</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11603">#11603</a>
from playframework/mergify/bp/2.8.x/pr-11571</li>
<li><a
href="bb1c127ae4"><code>bb1c127</code></a>
Fix conflicts</li>
<li><a
href="f6f1b864ec"><code>f6f1b86</code></a>
Escape Content-Disposition params according to WHATWG HTML living
standard</li>
<li><a
href="abbebe4326"><code>abbebe4</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11602">#11602</a>
from playframework/mergify/bp/2.8.x/pr-11601</li>
<li><a
href="baf3860434"><code>baf3860</code></a>
Only two params needed/allowed</li>
<li>Additional commits viewable in <a
href="https://github.com/playframework/playframework/compare/2.8.18...2.8.19">compare
view</a></li>
</ul>
</details>
<br />
Updates `filters-helpers_2.12` from 2.8.18 to 2.8.19
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/playframework/playframework/releases">filters-helpers_2.12's
releases</a>.</em></p>
<blockquote>
<h2>Play 2.8.19</h2>
<p>The Play Team is happy to announce the release of Play 2.8.19
🥳</p>
<h2>📗 What is new?</h2>
<h2>ping/pong support for WebSockets 🏓</h2>
<p><a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11521">Finally</a>!
Check out the documentation:</p>
<ul>
<li><a
href="https://www.playframework.com/documentation/2.8.19/ScalaWebSockets#Configuring-keep-alive-Frames">WebSockets
Play Scala</a></li>
<li><a
href="https://www.playframework.com/documentation/2.8.19/JavaWebSockets#Configuring-keep-alive-Frames">WebSockets
Play Java</a></li>
</ul>
<h2>Using Netty, WebSockets time out now ⏳</h2>
<p><a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11420">Another
fix</a> for WebSockets ships with this release as well:
If you are using the Netty backend the
<code>play.server.http[s].idleTimeout</code> setting will now be honored
for WebSocket connections. Until now, when using Netty, a WebSocket
connection never timed out. That might even was desirable for some use
cases, but now that we have ping/pong support you have to make use of
that to keep WebSocket connections open. That is the correct way of
doing things and not closing connections after an idle timeout was
actually a bug. The akka-http backend was always working correctly and
didn't need to be fixed.</p>
<h2>Removed the shutdown hook from the default logback config
🪝</h2>
<p>If you have</p>
<pre lang="xml"><code><shutdownHook
class="ch.qos.logback.core.hook.DelayingShutdownHook"/>
</code></pre>
<p>in your logback config, you should remove that line. Play handles the
shutdown of the logger context, the line shown is not necassary anymore
since at least Play 2.7 and is a leftover that should have been removed
a while ago. More details can be found in the <a
href="https://github-redirect.dependabot.com/playframework/playframework/pull/11532">according
pull request</a>.</p>
<h2>Correctly encode <code>Content-Disposition: form-data;
name="..."; filename="..."</code>
🔠</h2>
<p>When Play renders a request body containing multipart/form data it
will now encode the name and the filename fields according the <a
href="https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data">"WHATWG
HTML living standard" section 4.10.21.8</a>. <code>curl</code>,
Firefox, Chrome and other libraries like Python's urllib3 follow the
same approach. Until now, Play didn't encode those fields which could
result in security implications. Just to be clear, this is not about
receiving and parsing multipart/form data from a client, but when
sending multipart/form data e.g. via ws or when using the
<code>RequestBuilder</code> to build a request for testing purposes.
Details can be found in pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11571">#11571</a>.</p>
<h2>A few words on Play's compatibility with sbt 1.8 🔧</h2>
<p>Now that sbt 1.8 got released there have been reports that it isn't
working out of the box with Play, caused by a version conflict regarding
scala-xml, see <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11522">#11522</a>.
Unfortunately, right now, we don't have a fix for that yet. Even if we
bump scala-xml to version 2.x in Play and all its dependencies, we can't
currently make sbt 1.8 work with Play because of another problem
described in <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11527">#11527</a>.
The good news is, that isn't a showstopper if you still want to upgrade
to sbt 1.8. You can do that right now by putting</p>
<pre lang="scala"><code>ThisBuild / libraryDependencySchemes +=
"org.scala-lang.modules" %% "scala-xml" %
VersionScheme.Always
</code></pre>
<p>in <code>project/plugins.sbt</code>. That is possible because
scala-xml 1.x and 2.x are compatible anyway. However, like described in
<a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11527">#11527</a>
you will not be able to use <code>PlayNonBlockingInteractionMode</code>
with sbt 1.8 then (which probably not many people do anyway)</p>
<h2>Further roadmap 🗺️</h2>
<p>...news coming soon...</p>
<h1>Merged pull requests</h1>
<p>Following pull requests got merged for this release:</p>
<ul>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11604">#11604</a>
[2.8.x] Upgrade netty + netty reactive streams + fix backports by <a
href="https://github.com/mkurz"><code>@mkurz</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11603">#11603</a>
[2.8.x] Escape Content-Disposition params according to WHATWG HTML
living standard (backport <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11571">#11571</a>)
by <a href="https://github.com/mkurz"><code>@mkurz</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11602">#11602</a>
[2.8.x] Add exceptionOverrideClassName Hikari config setting (backport
<a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11601">#11601</a>)
by <a
href="https://github.com/benwaffle"><code>@benwaffle</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11598">#11598</a>
[2.8.x] Fix the example code to DiscardingCookie for
Results#discardingCookies (backport <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11597">#11597</a>)
by <a
href="https://github.com/tsuyoshizawa"><code>@tsuyoshizawa</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11593">#11593</a>
Update PlayApplicationOverview.md by <a
href="https://github.com/SenthilNayagan"><code>@SenthilNayagan</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f71c8c9d48"><code>f71c8c9</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11604">#11604</a>
from mkurz/upgrades</li>
<li><a
href="a0d913f1d8"><code>a0d913f</code></a>
Use --release instead of -source, -targe, -bootclasspath</li>
<li><a
href="cb98bbdf5e"><code>cb98bbd</code></a>
Scala 2.12 compatibility</li>
<li><a
href="d78a9ec953"><code>d78a9ec</code></a>
Fix backport: Keep using scala.collection.JavaConverters._</li>
<li><a
href="caf25fe528"><code>caf25fe</code></a>
Upgrade netty + netty reactive streams</li>
<li><a
href="f81bc59354"><code>f81bc59</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11603">#11603</a>
from playframework/mergify/bp/2.8.x/pr-11571</li>
<li><a
href="bb1c127ae4"><code>bb1c127</code></a>
Fix conflicts</li>
<li><a
href="f6f1b864ec"><code>f6f1b86</code></a>
Escape Content-Disposition params according to WHATWG HTML living
standard</li>
<li><a
href="abbebe4326"><code>abbebe4</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/playframework/playframework/issues/11602">#11602</a>
from playframework/mergify/bp/2.8.x/pr-11601</li>
<li><a
href="baf3860434"><code>baf3860</code></a>
Only two params needed/allowed</li>
<li>Additional commits viewable in <a
href="https://github.com/playframework/playframework/compare/2.8.18...2.8.19">compare
view</a></li>
</ul>
</details>
<br />
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Can be reproduce (at least on Windows) using
```
java -javaagent:opentelemetry-javaagent.jar anything C:\one
```
producing
```
[otel.javaagent 2023-01-13 11:38:47:978 -0800] [main] INFO io.opentelemetry.javaagent.tooling.VersionLogger - opentelemetry-javaagent - version: 1.22.0
OpenTelemetry Javaagent failed to start
java.nio.file.InvalidPathException: Illegal char <:> at index 10: anything C:\one
at java.base/sun.nio.fs.WindowsPathParser.normalize(WindowsPathParser.java:182)
at java.base/sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:153)
at java.base/sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:77)
at java.base/sun.nio.fs.WindowsPath.parse(WindowsPath.java:92)
at java.base/sun.nio.fs.WindowsFileSystem.getPath(WindowsFileSystem.java:229)
at java.base/java.nio.file.Path.of(Path.java:147)
at java.base/java.nio.file.Paths.get(Paths.java:69)
at io.opentelemetry.instrumentation.resources.JarServiceNameDetector.getJarPathFromSunCommandLine(JarServiceNameDetector.java:104)
at io.opentelemetry.instrumentation.resources.JarServiceNameDetector.createResource(JarServiceNameDetector.java:59)
at io.opentelemetry.sdk.autoconfigure.ResourceConfiguration.configureResource(ResourceConfiguration.java:59)
at io.opentelemetry.sdk.autoconfigure.AutoConfiguredOpenTelemetrySdkBuilder.build(AutoConfiguredOpenTelemetrySdkBuilder.java:332)
at io.opentelemetry.javaagent.tooling.OpenTelemetryInstaller.installOpenTelemetrySdk(OpenTelemetryInstaller.java:29)
at io.opentelemetry.javaagent.tooling.AgentInstaller.installBytebuddyAgent(AgentInstaller.java:114)
at io.opentelemetry.javaagent.tooling.AgentInstaller.installBytebuddyAgent(AgentInstaller.java:94)
at io.opentelemetry.javaagent.tooling.AgentStarterImpl.start(AgentStarterImpl.java:78)
at io.opentelemetry.javaagent.bootstrap.AgentInitializer.initialize(AgentInitializer.java:35)
at io.opentelemetry.javaagent.OpenTelemetryAgent.startAgent(OpenTelemetryAgent.java:57)
at io.opentelemetry.javaagent.OpenTelemetryAgent.premain(OpenTelemetryAgent.java:45)
```
Related to #7107 and #7202
Support WebFlux 6.
Supporting reactor 3.5 seems pretty straightforward, the
`subscriberContext()` was deprecated in 3.4 in favor of
`contextWrite()`. In 3.5, `subscriberContext()` was removed.
This PR doesn't bump `latestDepTestLibrary` to 3.5 yet because there are
a couple of tests that succeed in 3.4 using `contextWrite()` but fail in
3.5 using `contextWrite()`.
My proposal is to review/merge this PR, and then I can ping our resident
reactor experts to see if they have thoughts on the failing tests in
3.5.
There were so many changes in the tests that extracting a base class
wouldn't really improve the readability; so I just reimplemented them in
Java.
The instrumentation itself is pretty much a copy-paste of the `jms-1.1`
instrumentation, with `s/javax/jakarta/` applied.
Bumps [junit-bom](https://github.com/junit-team/junit5) from 5.9.1 to
5.9.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">junit-bom's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release
Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ed3c66c7e"><code>8ed3c66</code></a>
Release 5.9.2</li>
<li><a
href="742f99fcce"><code>742f99f</code></a>
Prepare 5.9.2 release notes</li>
<li><a
href="a9a3cf5fb7"><code>a9a3cf5</code></a>
Fix bug and polish contribution</li>
<li><a
href="825ea38857"><code>825ea38</code></a>
Introduce new <code>@MethodSource</code> syntax to differentiate
overloaded local factor...</li>
<li><a
href="0c40f5ef05"><code>0c40f5e</code></a>
Polish Javadoc</li>
<li><a
href="7d54016421"><code>7d54016</code></a>
Update codecov-action</li>
<li><a
href="bfeeac4d41"><code>bfeeac4</code></a>
Remove duplicate copyright comment</li>
<li><a
href="b0d9083315"><code>b0d9083</code></a>
Format integration test projects with Spotless as well</li>
<li><a
href="c4ed325cb2"><code>c4ed325</code></a>
Update copyright</li>
<li><a
href="0e3a1d32e5"><code>0e3a1d3</code></a>
Update upload-artifact action</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps io.quarkus from 2.15.2.Final to 2.15.3.Final.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [quarkus-bom](https://github.com/quarkusio/quarkus-platform) from
2.15.2.Final to 2.15.3.Final.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3447093c5b"><code>3447093</code></a>
[maven-release-plugin] prepare release 2.15.3.Final</li>
<li><a
href="7859fa644d"><code>7859fa6</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/quarkusio/quarkus-platform/issues/743">#743</a>
from gsmet/quarkus-2.15.3</li>
<li><a
href="2f3b9b9fd2"><code>2f3b9b9</code></a>
Upgrade to Quarkus 2.15.3.Final</li>
<li><a
href="55678c7e08"><code>55678c7</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>See full diff in <a
href="https://github.com/quarkusio/quarkus-platform/compare/2.15.2.Final...2.15.3.Final">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `versions.junit` from 5.9.1 to 5.9.2.
Updates `junit-bom` from 5.9.1 to 5.9.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">junit-bom's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release
Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ed3c66c7e"><code>8ed3c66</code></a>
Release 5.9.2</li>
<li><a
href="742f99fcce"><code>742f99f</code></a>
Prepare 5.9.2 release notes</li>
<li><a
href="a9a3cf5fb7"><code>a9a3cf5</code></a>
Fix bug and polish contribution</li>
<li><a
href="825ea38857"><code>825ea38</code></a>
Introduce new <code>@MethodSource</code> syntax to differentiate
overloaded local factor...</li>
<li><a
href="0c40f5ef05"><code>0c40f5e</code></a>
Polish Javadoc</li>
<li><a
href="7d54016421"><code>7d54016</code></a>
Update codecov-action</li>
<li><a
href="bfeeac4d41"><code>bfeeac4</code></a>
Remove duplicate copyright comment</li>
<li><a
href="b0d9083315"><code>b0d9083</code></a>
Format integration test projects with Spotless as well</li>
<li><a
href="c4ed325cb2"><code>c4ed325</code></a>
Update copyright</li>
<li><a
href="0e3a1d32e5"><code>0e3a1d3</code></a>
Update upload-artifact action</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare
view</a></li>
</ul>
</details>
<br />
Updates `junit-jupiter-api` from 5.9.1 to 5.9.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">junit-jupiter-api's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release
Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ed3c66c7e"><code>8ed3c66</code></a>
Release 5.9.2</li>
<li><a
href="742f99fcce"><code>742f99f</code></a>
Prepare 5.9.2 release notes</li>
<li><a
href="a9a3cf5fb7"><code>a9a3cf5</code></a>
Fix bug and polish contribution</li>
<li><a
href="825ea38857"><code>825ea38</code></a>
Introduce new <code>@MethodSource</code> syntax to differentiate
overloaded local factor...</li>
<li><a
href="0c40f5ef05"><code>0c40f5e</code></a>
Polish Javadoc</li>
<li><a
href="7d54016421"><code>7d54016</code></a>
Update codecov-action</li>
<li><a
href="bfeeac4d41"><code>bfeeac4</code></a>
Remove duplicate copyright comment</li>
<li><a
href="b0d9083315"><code>b0d9083</code></a>
Format integration test projects with Spotless as well</li>
<li><a
href="c4ed325cb2"><code>c4ed325</code></a>
Update copyright</li>
<li><a
href="0e3a1d32e5"><code>0e3a1d3</code></a>
Update upload-artifact action</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare
view</a></li>
</ul>
</details>
<br />
Updates `junit-jupiter-engine` from 5.9.1 to 5.9.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">junit-jupiter-engine's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release
Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ed3c66c7e"><code>8ed3c66</code></a>
Release 5.9.2</li>
<li><a
href="742f99fcce"><code>742f99f</code></a>
Prepare 5.9.2 release notes</li>
<li><a
href="a9a3cf5fb7"><code>a9a3cf5</code></a>
Fix bug and polish contribution</li>
<li><a
href="825ea38857"><code>825ea38</code></a>
Introduce new <code>@MethodSource</code> syntax to differentiate
overloaded local factor...</li>
<li><a
href="0c40f5ef05"><code>0c40f5e</code></a>
Polish Javadoc</li>
<li><a
href="7d54016421"><code>7d54016</code></a>
Update codecov-action</li>
<li><a
href="bfeeac4d41"><code>bfeeac4</code></a>
Remove duplicate copyright comment</li>
<li><a
href="b0d9083315"><code>b0d9083</code></a>
Format integration test projects with Spotless as well</li>
<li><a
href="c4ed325cb2"><code>c4ed325</code></a>
Update copyright</li>
<li><a
href="0e3a1d32e5"><code>0e3a1d3</code></a>
Update upload-artifact action</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare
view</a></li>
</ul>
</details>
<br />
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `versions.junit` from 5.9.1 to 5.9.2.
Updates `junit-jupiter-api` from 5.9.1 to 5.9.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">junit-jupiter-api's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release
Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ed3c66c7e"><code>8ed3c66</code></a>
Release 5.9.2</li>
<li><a
href="742f99fcce"><code>742f99f</code></a>
Prepare 5.9.2 release notes</li>
<li><a
href="a9a3cf5fb7"><code>a9a3cf5</code></a>
Fix bug and polish contribution</li>
<li><a
href="825ea38857"><code>825ea38</code></a>
Introduce new <code>@MethodSource</code> syntax to differentiate
overloaded local factor...</li>
<li><a
href="0c40f5ef05"><code>0c40f5e</code></a>
Polish Javadoc</li>
<li><a
href="7d54016421"><code>7d54016</code></a>
Update codecov-action</li>
<li><a
href="bfeeac4d41"><code>bfeeac4</code></a>
Remove duplicate copyright comment</li>
<li><a
href="b0d9083315"><code>b0d9083</code></a>
Format integration test projects with Spotless as well</li>
<li><a
href="c4ed325cb2"><code>c4ed325</code></a>
Update copyright</li>
<li><a
href="0e3a1d32e5"><code>0e3a1d3</code></a>
Update upload-artifact action</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare
view</a></li>
</ul>
</details>
<br />
Updates `junit-jupiter-engine` from 5.9.1 to 5.9.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">junit-jupiter-engine's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release
Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ed3c66c7e"><code>8ed3c66</code></a>
Release 5.9.2</li>
<li><a
href="742f99fcce"><code>742f99f</code></a>
Prepare 5.9.2 release notes</li>
<li><a
href="a9a3cf5fb7"><code>a9a3cf5</code></a>
Fix bug and polish contribution</li>
<li><a
href="825ea38857"><code>825ea38</code></a>
Introduce new <code>@MethodSource</code> syntax to differentiate
overloaded local factor...</li>
<li><a
href="0c40f5ef05"><code>0c40f5e</code></a>
Polish Javadoc</li>
<li><a
href="7d54016421"><code>7d54016</code></a>
Update codecov-action</li>
<li><a
href="bfeeac4d41"><code>bfeeac4</code></a>
Remove duplicate copyright comment</li>
<li><a
href="b0d9083315"><code>b0d9083</code></a>
Format integration test projects with Spotless as well</li>
<li><a
href="c4ed325cb2"><code>c4ed325</code></a>
Update copyright</li>
<li><a
href="0e3a1d32e5"><code>0e3a1d3</code></a>
Update upload-artifact action</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare
view</a></li>
</ul>
</details>
<br />
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.gradle.enterprise from 3.12.1 to 3.12.2.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps dependency-check-gradle from 7.4.3 to 7.4.4.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps assertj-core from 3.23.1 to 3.24.1.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.gradle.enterprise from 3.11.4 to 3.12.2.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
Bumps [nullaway](https://github.com/uber/NullAway) from 0.10.6 to
0.10.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/uber/NullAway/blob/master/CHANGELOG.md">nullaway's
changelog</a>.</em></p>
<blockquote>
<h2>Version 0.10.7</h2>
<p>(Bug fix release)</p>
<ul>
<li>Resolve regression for type annotations directly on inner types. (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/706">#706</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="09fa6a6c93"><code>09fa6a6</code></a>
Prepare for release 0.10.7.</li>
<li><a
href="c5e1a799e9"><code>c5e1a79</code></a>
Resolve regression for type annotations directly on inner types. (<a
href="https://github-redirect.dependabot.com/uber/NullAway/issues/706">#706</a>)</li>
<li><a
href="d6d2978094"><code>d6d2978</code></a>
Prepare next development version.</li>
<li>See full diff in <a
href="https://github.com/uber/NullAway/compare/v0.10.6...v0.10.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [byte-buddy-dep](https://github.com/raphw/byte-buddy) from 1.12.20
to 1.12.21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/raphw/byte-buddy/releases">byte-buddy-dep's
releases</a>.</em></p>
<blockquote>
<h2>Byte Buddy 1.12.21</h2>
<ul>
<li>Create a Gradle source set for each JVM build automatically to
reduce boilerplate.</li>
<li>Fix Gradle plugin class loading to use correct class loader.</li>
<li>Use updated release plugin to avoid outdated timestamp in jar.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md">byte-buddy-dep's
changelog</a>.</em></p>
<blockquote>
<h2>Byte Buddy release notes</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="adb0638f70"><code>adb0638</code></a>
[maven-release-plugin] prepare release byte-buddy-1.12.21</li>
<li><a
href="f326a3e909"><code>f326a3e</code></a>
[release] Release new version</li>
<li><a
href="5ffe97cd98"><code>5ffe97c</code></a>
Correct class loading and use maybe create for configuration.</li>
<li><a
href="a070a5d19f"><code>a070a5d</code></a>
Avoid class loader creation if not needed.</li>
<li><a
href="cf84b72bd6"><code>cf84b72</code></a>
Adjust plugin to configure implicit source set.</li>
<li><a
href="deae823591"><code>deae823</code></a>
Minor refactoring.</li>
<li><a
href="283c195c26"><code>283c195</code></a>
Avoid skipping Gradle plugin if no transformations are explicitly
configured.</li>
<li><a
href="a305b20987"><code>a305b20</code></a>
Add missing checksums.</li>
<li><a
href="db03b3b7f5"><code>db03b3b</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/raphw/byte-buddy/issues/1381">#1381</a>
from 0dinD/fix-gitignore-build-dir</li>
<li><a
href="4a7fbb1ef8"><code>4a7fbb1</code></a>
Fix .gitignore rule for Gradle build directory</li>
<li>Additional commits viewable in <a
href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.20...byte-buddy-1.12.21">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [quarkus-bom](https://github.com/quarkusio/quarkus-platform) from
2.15.1.Final to 2.15.2.Final.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="32beed6ca6"><code>32beed6</code></a>
[maven-release-plugin] prepare release 2.15.2.Final</li>
<li><a
href="bae99cfe6e"><code>bae99cf</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/quarkusio/quarkus-platform/issues/742">#742</a>
from gsmet/quarkus-2.15.2</li>
<li><a
href="f46af6db88"><code>f46af6d</code></a>
Upgrade to Quarkus 2.15.2.Final</li>
<li><a
href="055f644d9b"><code>055f644</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>See full diff in <a
href="https://github.com/quarkusio/quarkus-platform/compare/2.15.1.Final...2.15.2.Final">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps io.quarkus from 2.15.1.Final to 2.15.2.Final.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot]
Trask Stalnaker
Amir Blum
OpenTelemetry Bot
Mateusz Rzeszutek
wallezhang
jack-berg
jason plumb
Lauri Tulmin