Skip to content

Bump the minor-and-patch group across 1 directory with 5 updates #537

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the minor-and-patch group across 1 directory with 5 updates #537

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 28, 2025
edited
Loading

Bumps the minor-and-patch group with 5 updates in the / directory:

Package From To
io.micrometer:micrometer-registry-prometheus 1.12.13 1.14.6
com.fasterxml.jackson.datatype:jackson-datatype-jsr310 2.18.3 2.19.0
org.flywaydb:flyway-database-postgresql 11.5.0 11.8.0
com.nimbusds:nimbus-jose-jwt 10.0.2 10.2
io.mockk:mockk 1.13.17 1.14.0

Updates io.micrometer:micrometer-registry-prometheus from 1.12.13 to 1.14.6

Release notes

Sourced from io.micrometer:micrometer-registry-prometheus's releases.

1.14.6

🐞 Bug Fixes

  • Gauge double registration warning for Kafka metrics #5757
  • Log warning about "function" meter re-registration #6070

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​izeye

1.14.5

🐞 Bug Fixes

  • Distribution value with |count| of 0 has a non-zero |mean| value of XXX errors in logs - similar to #4868 #5927

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.18.3 #5989
  • Bump com.netflix.spectator:spectator-reg-atlas from 1.8.4 to 1.8.6 #5941
  • Bump io.prometheus:prometheus-metrics-bom from 1.3.5 to 1.3.6 #5938
  • Bump me.champeau.gradle:japicmp-gradle-plugin from 0.4.5 to 0.4.6 #5940
  • Bump spring6 from 6.1.16 to 6.1.17 #5926
  • Bump testcontainers from 1.20.4 to 1.20.5 #5949

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​AlexElin, and @​izeye

1.14.4

🐞 Bug Fixes

  • Log4j2Metrics does not work with multiple registries and non-root loggers #5893
  • Fix LongTaskTimer output for LoggingMeterRegistry #5834
  • Log4j2Metrics creates more MetricsFilter instances than needed #5818
  • Fix unit discrepancy between Timer and FunctionTimer in LoggingMeterRegistry #5816
  • Distribution bucket_counts sum does not equal the count #4868

📔 Documentation

  • Remove obviated GraalVM native image compilation section from Stackdriver docs #5819
  • Update Docs with right contract of MeterFilter #5480

🔨 Dependency Upgrades

  • Bump com.netflix.spectator:spectator-reg-atlas from 1.8.3 to 1.8.4 #5907
  • Bump software.amazon.awssdk:cloudwatch from 2.29.46 to 2.29.52 #5869

... (truncated)

Commits
  • c3f3a80 Merge branch '1.13.x' into 1.14.x
  • fa523b1 Bump io.micrometer:context-propagation from 1.1.2 to 1.1.3 (#6115)
  • d5f3d34 Bump org.junit:junit-bom from 5.12.1 to 5.12.2 (#6111)
  • 9ebcde1 Bump com.netflix.spectator:spectator-reg-atlas from 1.8.9 to 1.8.10 (#6112)
  • 0ae9b47 Bump org.junit:junit-bom from 5.12.1 to 5.12.2 (#6107)
  • d0e70fc Merge branch '1.13.x' into 1.14.x
  • 3b2270c Bump uk.org.webcompere:system-stubs-jupiter from 2.1.7 to 2.1.8 (#6096)
  • f62f2ee Bump uk.org.webcompere:system-stubs-jupiter from 2.1.7 to 2.1.8 (#6094)
  • 53b9a35 Replace deprecated Project.task() (#6092)
  • 0ebdd7d Bump com.netflix.spectator:spectator-reg-atlas from 1.8.8 to 1.8.9 (#6091)
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.18.3 to 2.19.0

Updates org.flywaydb:flyway-database-postgresql from 11.5.0 to 11.8.0

Updates com.nimbusds:nimbus-jose-jwt from 10.0.2 to 10.2

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

10.0.2 (2025-02-25) * Updates JSONObjectUtils.parse and JSONArrayUtils.parse to reject JSON strings with object and array nesting deeper than 255. This is intended to prevent StackOverflowError's in Gson when a parsed JSON string with excessive nesting is serialised, for example to log the claims of a parsed JWT. Note that in Gson the JSON reader is not susceptible to StackOverflowError's, only the serialisation. The nesting limit of depth 255 is introduced in Gson 2.12.0 (iss #583). * Updates GSon to 2.12.1.

10.1 (2025-04-03) * Restores module-info.java. * Adds ExpiredJWTException extends BadJWTException to enable easy programmatic detection whether a JWT has expired (iss #585). * Adds URLBasedJWKSetSource getJWKSetURL and getResourceRetriever methods to ease class extension.

10.2 (2025-04-07) * Gson is made a direct instead of a shaded dependency to address module issues introduced in 10.1 (iss #550).

Commits
  • bcfaf09 [maven-release-plugin] prepare for next development iteration
  • 05e8b9a Change log 10.0.2 updates
  • 729f58b re-add module-info.java
  • b688e46 Edits X509CertChainUtilsTest.testParse_includeUnderlyingCertificateException ...
  • a6a0865 Merge branch 'master' into module-info
  • a655497 Merged in module-info (pull request #125)
  • 9fd3662 Edits CHANGELOG.txt
  • 40a33d2 Adds ExpiredJWTException extends BadJWTException to enable easy programmatic ...
  • 5b5530f Adds URLBasedJWKSetSource getJWKSetURL and getResourceRetriever methods
  • 5586970 Release version 10.1
  • Additional commits viewable in compare view

Updates io.mockk:mockk from 1.13.17 to 1.14.0

Release notes

Sourced from io.mockk:mockk's releases.

1.14.0

What's Changed

New Contributors

Full Changelog: mockk/mockk@1.13.17...1.14.0

Commits
  • c287427 Version bump
  • 561795a Merge pull request #1370 from VitalyVPinchuk/fix-1355
  • 9d1b6d6 Merge pull request #1366 from sgerke-1L/reproducer
  • d2121ac fix: handle fallback to default constructor parameters in constructedWith<>()
  • daf3357 Alternative fix
  • 01f80fc Merge pull request #1367 from rsvinicius/confirm-verified-test-case-isolation
  • c49b8d9 code review: remove clearMarks() test
  • cd3b6ca Don't generate visibility bridge for package private default implementations
  • 4c613ab fix: ensure confirmVerified is isolated per test
  • 0eefb0f Reproducer
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 28, 2025
@dependabot dependabot bot requested a review from a team as a code owner April 28, 2025 05:23
@dependabot
Bump the minor-and-patch group across 1 directory with 5 updates
3ba90c7 
Bumps the minor-and-patch group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [io.micrometer:micrometer-registry-prometheus](https://github.com/micrometer-metrics/micrometer) | `1.12.13` | `1.14.6` |
| com.fasterxml.jackson.datatype:jackson-datatype-jsr310 | `2.18.3` | `2.19.0` |
| org.flywaydb:flyway-database-postgresql | `11.5.0` | `11.8.0` |
| [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) | `10.0.2` | `10.2` |
| [io.mockk:mockk](https://github.com/mockk/mockk) | `1.13.17` | `1.14.0` |



Updates `io.micrometer:micrometer-registry-prometheus` from 1.12.13 to 1.14.6
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](micrometer-metrics/micrometer@v1.12.13...v1.14.6)

Updates `com.fasterxml.jackson.datatype:jackson-datatype-jsr310` from 2.18.3 to 2.19.0

Updates `org.flywaydb:flyway-database-postgresql` from 11.5.0 to 11.8.0

Updates `com.nimbusds:nimbus-jose-jwt` from 10.0.2 to 10.2
- [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/10.2..10.0.2)

Updates `io.mockk:mockk` from 1.13.17 to 1.14.0
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](mockk/mockk@1.13.17...1.14.0)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-registry-prometheus
  dependency-version: 1.14.6
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.flywaydb:flyway-database-postgresql
  dependency-version: 11.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.nimbusds:nimbus-jose-jwt
  dependency-version: '10.2'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/gradle/minor-and-patch-11ce230f75 branch from 2e7d7a5 to 3ba90c7 Compare May 5, 2025 06:03
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 12, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 12, 2025
@dependabot dependabot bot deleted the dependabot/gradle/minor-and-patch-11ce230f75 branch May 12, 2025 05:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants