Update all non-major dependencies

[renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
ghcr.io/navikt/mock-oauth2-server	service	patch	0.5.8 -> 0.5.9
gradle (source)		minor	8.1.1 -> 8.2
org.apache.groovy:groovy-json (source)	devDependencies	patch	4.0.12 -> 4.0.13
org.apache.groovy:groovy-xml (source)	devDependencies	patch	4.0.12 -> 4.0.13
io.rest-assured:xml-path (source)	devDependencies	patch	5.3.0 -> 5.3.1
io.rest-assured:json-path (source)	devDependencies	patch	5.3.0 -> 5.3.1
io.rest-assured:rest-assured (source)	devDependencies	patch	5.3.0 -> 5.3.1
org.liquibase:liquibase-core (source)	devDependencies	minor	4.22.0 -> 4.23.0
io.swagger.core.v3:swagger-core-jakarta	devDependencies	patch	2.2.11 -> 2.2.14
io.swagger.core.v3:swagger-jaxrs2-jakarta	devDependencies	patch	2.2.11 -> 2.2.14
io.swagger.core.v3:swagger-annotations-jakarta	devDependencies	patch	2.2.11 -> 2.2.14
org.apache.activemq:activemq-client-jakarta (source)	devDependencies	patch	5.18.1 -> 5.18.2
com.google.cloud.sql:mysql-socket-factory-connector-j-8	devDependencies	minor	1.11.2 -> 1.12.0
org.eclipse.jgit:org.eclipse.jgit.ssh.apache	devDependencies	minor	6.5.0.202303070854-r -> 6.6.0.202305301015-r
org.eclipse.jgit:org.eclipse.jgit	devDependencies	minor	6.5.0.202303070854-r -> 6.6.0.202305301015-r
org.bouncycastle:bcprov-jdk15to18 (source)	devDependencies	minor	1.73 -> 1.75
org.bouncycastle:bcpkix-jdk15to18 (source)	devDependencies	minor	1.73 -> 1.75
commons-codec:commons-codec (source)	devDependencies	minor	1.15 -> 1.16.0
org.webjars:webjars-locator-core (source)	devDependencies	minor	0.52 -> 0.53
software.amazon.awssdk:bom	devDependencies	patch	2.20.81 -> 2.20.97
io.swagger.core.v3.swagger-gradle-plugin	plugin	patch	2.2.11 -> 2.2.14
org.springframework.boot	plugin	patch	3.1.0 -> 3.1.1
com.google.truth.extensions:truth-java8-extension	devDependencies	patch	1.1.4 -> 1.1.5
com.github.jk1.dependency-license-report	plugin	minor	2.4 -> 2.5
com.google.truth:truth	devDependencies	patch	1.1.4 -> 1.1.5
com.google.guava:guava	devDependencies	minor	32.0.0-jre -> 32.1.1-jre
ch.qos.logback:logback-classic (source)	devDependencies	patch	1.4.7 -> 1.4.8
ch.qos.logback:logback-core (source)	devDependencies	patch	1.4.7 -> 1.4.8
org.mockito:mockito-bom	devDependencies	minor	5.3.1 -> 5.4.0
io.netty:netty-bom (source)	devDependencies	patch	4.1.93.Final -> 4.1.94.Final
org.springframework.boot:spring-boot-dependencies (source)	devDependencies	patch	3.1.0 -> 3.1.1
org.springframework:spring-framework-bom	devDependencies	patch	6.0.9 -> 6.0.10
com.gradle.enterprise	plugin	patch	3.13.3 -> 3.13.4

---

Release Notes

liquibase/liquibase (org.liquibase:liquibase-core)

v4.23.0

swagger-api/swagger-core (io.swagger.core.v3:swagger-core-jakarta)

v2.2.14: Swagger-core 2.2.14 released!

• OAS 3.1 siblings in refs resolving (#​4441)

v2.2.13: Swagger-core 2.2.13 released!

• fix: makes populating instance variables accessible to subclasses (#​4434)
• OAS 3.1 - properties and ref as siblings / fix ModelConvertes usage (#​4433)
• support custom annotation for containers (#​4429)

v2.2.12: Swagger-core 2.2.12 released!

• OAS 3.1 - fix webhooks class scanning (#​4426)
• OAS 3.1 - annotations and resolve logic (#​4425)
• Change ModelResolver to better handle JsonIgnoreProperties (#​4418)
• fix #​3581: recognize Hidden annotation on enum values. (#​4394)

GoogleCloudPlatform/cloud-sql-mysql-socket-factory (com.google.cloud.sql:mysql-socket-factory-connector-j-8)

v1.12.0

Features

• Use new certificate refresh logic (5ad6103)

Bug Fixes

• Fix refresh futures to avoid a hanging future when an api request fails during refresh. (#​1319) (1277b5e)
• log error when token is invalid (#​1313) (2130317), closes #​1174
• Retry when attempting to get the auth token (#​1301) (2694cc5), closes #​1288 #​1127

google/truth (com.google.truth.extensions:truth-java8-extension)

v1.1.5: 1.1.5

• Updated Truth to depend on Guava 32.0.1. The previous Guava version, 32.0.0, contained a bug under Windows, which did not affect Truth's functionality but could cause problems for people who use Guava's I/O functionality in their codebase. Affected users can already manually update their Guava dependency to 32.0.1, but if they don't depend directly on Guava, they may find it easier to upgrade to this new Truth release instead.
• Fixed IterableOfProtosSubject to produce a proper failure message instead of NPE when the actual value is null.

mockito/mockito (org.mockito:mockito-bom)

v5.4.0

^{Changelog generated by Shipkit Changelog Gradle Plugin}

5.4.0

• 2023-06-18 - 22 commit(s) by Alexander von Trostorff, Andriy Redko, Benoit Maggi, Chris Povirk, DerFrZocker, Nicolas Ot, Tim van der Lippe, dependabot[bot], ellaella12
• Bump versions.errorprone from 2.19.1 to 2.20.0 (#​3041)
• Bump org.eclipse.platform:org.eclipse.osgi from 3.18.300 to 3.18.400 (#​3038)
• Bump com.google.auto.service:auto-service from 1.1.0 to 1.1.1 (#​3036)
• Bump com.github.ben-manes.versions from 0.46.0 to 0.47.0 (#​3034)
• Bump kotlinVersion from 1.8.21 to 1.8.22 (#​3033)
• Documentation about MockMakers slightly outdated in some places. Fixes #​3031 (#​3032)
• Documentation about MockMakers slightly outdated in some places (#​3031)
• Bump versions.bytebuddy from 1.14.4 to 1.14.5 (#​3025)
• Edit DoAnswerStyleStubbing.isSet() to return true if there are answers (#​3020)
• Bump com.diffplug.spotless from 6.18.0 to 6.19.0 (#​3018)
• Bump com.google.auto.service:auto-service from 1.0.1 to 1.1.0 (#​3017)
• Bump versions.errorprone from 2.18.0 to 2.19.1 (#​3009)
• Fix @Mock(serializable = true) for parameterized types. (#​3007)
• Add varargs changes to ArgumentMatchers#any() JavaDoc
  (#​3003)
• Mockito 5 any() does not match a vararg int[] argument anymore. I need to use any(int[].class) to get the ArgumentMatcher to work (#​2998)
• Bump com.google.googlejavaformat:google-java-format from 1.16.0 to 1.17.0 (#​2996)
• Remove redundant double "now" in JavaDocs for mock without class (#​2994)
• Bump org.junit.platform:junit-platform-launcher from 1.9.2 to 1.9.3 (#​2993)
• Bump versions.junitJupiter from 5.9.2 to 5.9.3 (#​2992)
• Provide a variant of assertArg that works well with checked exceptions (#​2991)
• Bump kotlinVersion from 1.8.10 to 1.8.21 (#​2990)
• Fix #​2915 Forbid spy on mocked interface (#​2989)
• Bump net.ltgt.gradle:gradle-errorprone-plugin from 3.0.1 to 3.1.0 (#​2987)
• @Mock(serializable = true) no longer works with parameterized types (#​2979)
• Bug with @​InjectMocks in 5.3.0 (#​2978)
• �Function name is incorrect. (#​2955)
• Verify on Spy Interface incorrect count of actual invocation (#​2915)
• Only run injection once (#​2603)
• mockito-core MockitoAnnotations::openMocks initializes class twice if said class has super class (#​2602)

spring-projects/spring-boot (org.springframework.boot:spring-boot-dependencies)

v3.1.1

🐞 Bug Fixes

• Websockets don't work when using WebFlux with Jetty #​36009
• When using SimpleClientHttpRequestFactory, non-GET requests sent with RestTemplate have the wrong HttpMethod when SSLBundles are used #​36007
• Spring Boot properties migrator can create circular references #​35934
• Actuator loggers list endpoint throws exception on Log4J2 loggers with custom log levels #​35922
• SSL configuration overwrites other WebClient customization #​35914
• Validation is not applied for ConfigurationProperties that implement Validator and use @ConstructorBinding #​35913
• Tracing only supports a single context propagation type #​35907
• SpringApplication.from(?).with(?) adds its sources to every context that's created #​35873
• Devtools does not support package-private main classes #​35865
• DevTools prevent startup in native image with ClassNotFoundException #​35853
• Password is not used from spring.data.redis.url property without username #​35850
• Docker Compose connection details for MongoDB is missing the authSource option when authentication is configured #​35777
• Processing of @EndpointCloudFoundryExtension logs a warnings as it does not use @AliasFor on its override of the endpoint attribute #​35766
• Java 20 is supported but there's no value for it in the JavaVersion enum #​35764
• SpringApplication.from(...) is hard to use with Kotlin #​35756
• Spring Boot 3.1.0 incompatible with Flyway 9.0 #​35721
• The error message is unhelpful when spring.rabbitmq.host is configured with a comma-separated value #​35684
• Docker Compose support produces non-working native image #​35676
• Metadata for spring.ssl properties are missing #​35667
• The new support for testcontainers in Spring Boot 3.1.0 does not work with native tests #​35663
• Constructor binding of @ConfigurationProperties to a lateinit property fails with kotlin.UninitializedPropertyAccessException #​35654
• PEM SSL bundles do not support encrypted PKCS8 private keys #​35652
• When a configuration properties bean is defined using a @Bean method, BindableRuntimeHintsRegistrar may incorrectly register hints for constructor binding #​35647
• Enabling Spring Data Elasticsearch auditing causes application startup failure #​35610
• ZipkinAutoConfiguration always need a ZipkinProperties bean in SB 3.1 #​35592
• MongoDB authentication to different DB than used no longer works in spring boot 3.1 #​35567
• Auto-configuration for Spring Data MongoDB ignores spring.data.mongodb.database when spring.data.mongodb.uri has been set #​35566

📔 Documentation

• Remove @EnableBatchProcessing mentions in reference documentation for sliced tests and user configuration #​36004
• Update description of spring-boot-starter-data-rest to clarify that it uses Spring MVC #​35911
• Add @DynamicPropertySource to documented list of property source ordering #​35909
• Fix typo in Docker Compose documentation #​35818
• Move property notes up to external configuration section #​35769
• Improve OAuth2 Client section of docs #​35767
• Description of spring.data.mongodb.uri property incorrectly states that it overrides spring.data.mongodb.database #​35690
• Fix error in SSL bundle documentation #​35665
• Document how to add parameters to the JDBC URL created for a Docker Compose managed container #​35636
• Documenting audience support in Oauth2 resource server #​35634
• Description of build-image and build-image-no-fork Maven plugin goals is inconsistent #​35618
• Some spring.docker.compose properties do not document their default values #​35598
• Description of never value for spring.docker.compose.readiness.wait is incorrect #​35597
• ServiceConnection Typo In name Documentation #​35594
• Declare @Testcontainers before @SpringBootTest in documentation examples to ensure that Testcontainers is started before the application tries to use its containers #​35572

🔨 Dependency Upgrades

• Upgrade to Byte Buddy 1.14.5 #​35826
• Upgrade to Couchbase Client 3.4.7 #​35883
• Upgrade to Dropwizard Metrics 4.2.19 #​35827
• Upgrade to Git Commit ID Maven Plugin 5.0.1 #​35828
• Upgrade to Glassfish JAXB 4.0.3 #​35829
• Upgrade to Hazelcast 5.2.4 #​35884
• Upgrade to Hibernate 6.2.5.Final #​35994
• Upgrade to HSQLDB 2.7.2 #​35831
• Upgrade to HttpCore5 5.2.2 #​35995
• Upgrade to Infinispan 14.0.11.Final #​35996
• Upgrade to Jackson Bom 2.15.2 #​35833
• Upgrade to Jakarta Json 2.1.2 #​35834
• Upgrade to Jakarta Mail 2.1.2 #​35835
• Upgrade to Jaybird 5.0.2.java11 #​35836
• Upgrade to JBoss Logging 3.5.1.Final #​35837
• Upgrade to Jersey 3.1.2 #​35838
• Upgrade to Json-smart 2.4.11 #​35839
• Upgrade to Kafka 3.4.1 #​35840
• Upgrade to Kotlin 1.8.22 #​35781
• Upgrade to Logback 1.4.8 #​35885
• Upgrade to Lombok 1.18.28 #​35841
• Upgrade to Micrometer 1.11.1 #​35745
• Upgrade to Micrometer Tracing 1.1.2 #​35746
• Upgrade to Native Build Tools Plugin 0.9.23 #​35997
• Upgrade to Neo4j Java Driver 5.9.0 #​35868
• Upgrade to Netty 4.1.94.Final #​35998
• Upgrade to R2DBC MSSQL 1.0.1.RELEASE #​35843
• Upgrade to R2DBC MySQL 1.0.2 #​35844
• Upgrade to R2DBC Proxy 1.1.1.RELEASE #​35845
• Upgrade to Reactor Bom 2022.0.8 #​35747
• Upgrade to REST Assured 5.3.1 #​35999
• Upgrade to Spring AMQP 3.0.5 #​35748
• Upgrade to Spring Authorization Server 1.1.1 #​35749
• Upgrade to Spring Data Bom 2023.0.1 #​35750
• Upgrade to Spring Framework 6.0.10 #​35751
• Upgrade to Spring GraphQL 1.2.1 #​35752
• Upgrade to Spring Integration 6.1.1 #​35859
• Upgrade to Spring Kafka 3.0.8 #​36000
• Upgrade to Spring Retry 2.0.2 #​35753
• Upgrade to Spring Security 6.1.1 #​35754
• Upgrade to Spring Session 3.1.1 #​35755
• Upgrade to Spring WS 4.0.5 #​36017
• Upgrade to SQLite JDBC 3.41.2.2 #​35846
• Upgrade to Testcontainers 1.18.3 #​35847
• Upgrade to Tomcat 10.1.10 #​35886
• Upgrade to UnboundID LDAPSDK 6.0.9 #​35848
• Upgrade to Undertow 2.3.7.Final #​35849

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​KitBolourchi, @​ThomasKasene, @​bbulgarelli, @​bikash30851, @​dreis2211, @​eddumelendez, @​fcappi, @​izeye, @​quaff, @​rafaelrc7, @​sdeleuze, @​sjohnr, @​sungchanjo, and @​twobiers

spring-projects/spring-framework (org.springframework:spring-framework-bom)

v6.0.10

Compare Source

⭐ New Features

• ClassLoader can be null in DeserializingConverter and should be annotated with @Nullable #​30670
• Introduce TestExecutionListener for Micrometer's ObservationRegistry in the TestContext framework #​30658
• Add missing hint for ResourceEditor #​30628
• Add missing hint for converting String to URI #​30627
• Redesign inner Pointcut implementations as standalone classes #​30621
• Add missing @Nullable in DefaultJmsListenerContainerFactory #​30620
• Handle custom JMS acknowledgment modes as client acknowledge #​30619
• Declare Advisor#isPerInstance() as default method #​30614
• Improve error message for unsupported character in SpEL expression #​30602
• Multipart data is always read irrelevant of handler response #​30590
• Performance optimization in AbstractBeanFactoryBasedTargetSource.hashCode() #​30576
• Log a warning when commons-logging is in the classpath #​30575
• Always use MethodArgumentNotValidException(MethodParameter, BindingResult) constructor #​30558
• Remove non-empty filename check in ContentDisposition builder #​30537
• Add missing EntityManagerFactory hints for SharedEntityManagerCreator #​30523
• Disable Hibernate reflection optimizer with native #​30521
• Introduce a method in MockHttpServletRequestBuilder to set remote address #​30497
• Skip class transformer in PersistenceUnitInfoDescriptor for native images #​30492
• @Bean 'lite' mode not supported if @Bean methods are not declared locally #​30449
• Align HibernateJpaVendorAdapter with Hibernate ORM 6.2 #​30288
• Add nested propagation support to R2dbcTransactionManager #​30134

🐞 Bug Fixes

• Cron expression scheduling might be triggered 1 millisecond earlier #​30666
• Change of behaviour for UUID in bean validation output in v5.3.27 #​30661
• Test context cache stats are not logged when ApplicationContext fails to load #​30635
• Inconsistent ProxyCallbackFilter#equals/hashCode methods in CglibAopProxy #​30615
• SpEL's CompoundExpression.toStringAST() incorrectly includes . for indexed properties #​30610
• NPE in ReactiveTransactionSupport.unwrapIfResourceCleanupFailure #​30597
• CollectionFactory.createMap(HashMap.class, 0) now returns a LinkedHashMap rather than a HashMap #​30596
• ThreadLocalTargetSource does not include actual target bean name in NamedThreadLocal #​30581
• ApplicationListenerMethodAdapter inconsistently publishes events from CompletableFuture #​30578
• Unsupported SQL type: TIMESTAMP_WITH_TIMEZONE when using OffsetDateTime with MySQL #​30556
• SpringBeanContainer not called with Hibernate ORM 6.2 #​30545
• WebFlux returns 406 instead of RFC 7807 response for subtype of ProblemDetail #​30533
• HTTP Interface client cannot send URI query parameter with multipart request #​30520
• Transaction isolation level not working with R2dbcTransactionManager #​30508
• Support for AOT processing with GraalVM tracing agent is not consistent #​30511
• For @Bean method that returns null, @Autowired injects NullBean instead of null for cached arguments #​30485
• MediaType property binding issue in native builds #​30491
• InjectionMetadata AOT contributions do not check for existing property value #​30476
• Spring Framework 6.0.8 appears to cause issues in OSGi environment #​30389
• Empty @RequestMapping method should match both "" and "/" consistently #​30293
• EclipseLinkJpaDialect: Unexpected default isolation levels #​29997
• Memory leak with CglibAopProxy$ProxyCallbackFilter #​26266

📔 Documentation

• Fix markup issue in Javadoc of QuartzCronField #​30646
• Document @DirtiesContext semantics when declared at the class level and method level #​30623
• Add missing Javadoc for RegisteredBean.resolveAutowiredArgument() #​30609
• Fix invalid link in transaction resources #​30570
• FileSystemUtils::deleteRecursively Javadoc refers to File instead of Path #​30554
• Improve Javadoc for ExchangeFilterFunction #​30543
• Update Javadoc and reference doc for WebMvcConfigurer to mention Boot's HttpMessageConverters #​30538
• Add Javadoc since to InjectedElement.shouldInject() #​30512
• Fix wording in r2dbc Statement Filters section of ref docs #​30482
• Typo in Spring official documentation #​30473
• Link for @javax.annotation.Nonnull is wrong in Javadoc for Spring's @NonNull #​30455
• Improve how the build deals with javadoc invalid references #​30428
• Docs: Remove duplicate in SpEL feature list #​30404
• Document which @Scheduled attributes support SpEL expressions #​29290

🔨 Dependency Upgrades

• Upgrade to micrometer-bom 1.10.8 and context-propagation 1.0.3 #​30657
• Upgrade to Reac

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[forking-renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.