[CORE-69]: Bump the minor-and-patch-updates group across 1 directory with 8 updates

[dependabot]

Bumps the minor-and-patch-updates group with 8 updates in the / directory:

Package	From	To
org.springframework.boot	3.4.2	3.4.3
io.sentry:sentry-logback	8.1.0	8.2.0
com.google.mug:mug	8.3	8.5
org.webjars.npm:swagger-ui-dist	5.18.3	5.19.0
au.com.dius.pact.provider:spring	4.6.16	4.6.17
au.com.dius.pact.consumer:junit5	4.6.16	4.6.17
com.google.cloud:google-cloud-nio	0.127.30	0.127.31
au.com.dius.pact	4.6.16	4.6.17

Updates org.springframework.boot from 3.4.2 to 3.4.3

Release notes

Sourced from org.springframework.boot's releases.

v3.4.3

⭐ New Features

• Add TWENTY_FOUR to JavaVersion enum #44209

🐞 Bug Fixes

• Console output may be lost when using Log4j2 with something that replaces System.out #44380
• Maven plugin does not consistently use ArgFile for classpath argument on Windows #44328
• Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support #44319
• When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception #44317
• View resolver for Thymeleaf should back off if spring-webmvc is not present #44296
• WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails #44294
• Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration #44293
• Banner placeholder and defaults do not work during development #44255
• Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header #44193
• Servlet EndpointRequest doesn't match web server namespace correctly #44188
• java.lang.ClassCastException when using default management security with WebFlux and health probes enabled #44052
• Logback configuration that relies on inner-classes does not work in a native image #44025
• IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 #43989
• Metrics and health do not include non-default candidate beans #43481

📔 Documentation

• Document that auto-configuration classes should be identified using their binary names #44303
• Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off #44301
• Link to JarLauncher's javadoc #44170
• When using observability annotations, recommend that care is taken to avoid double instrumentation #44145
• Fix typo in Running Your Application #44035
• Document Kubernetes preStop handler when using a Docker image without a shell #44022
• Source snippet in Developing Your First Spring Boot Application section uses the root package #43983
• Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" #43975
• Add links to Jackson Javadoc #43971
• Warn that some Quartz database schema scripts must be modified before use #43958

🔨 Dependency Upgrades

• Upgrade to Commons Pool2 2.12.1 #44173
• Upgrade to Couchbase Client 3.7.8 #44269
• Upgrade to Groovy 4.0.25 #44174
• Upgrade to Hibernate 6.6.8.Final #44332
• Upgrade to HttpClient5 5.4.2 #44176
• Upgrade to HttpCore5 5.3.3 #44177
• Upgrade to Infinispan 15.0.13.Final #44178
• Upgrade to jOOQ 3.19.19 #44368
• Upgrade to Json-smart 2.5.2 #44264
• Upgrade to Maven Clean Plugin 3.4.1 #44349
• Upgrade to Micrometer 1.14.4 #44115
• Upgrade to Micrometer Tracing 1.4.3 #44116
• Upgrade to Native Build Tools Plugin 0.10.5 #44179

... (truncated)

Commits

• 2f53c0a Release v3.4.3
• f99171f Merge branch '3.3.x' into 3.4.x
• 70e0744 Next development version (v3.3.10-SNAPSHOT)
• 07d9db3 Merge pull request #44380 from nosan
• 2295809 Register Log42J StatusListener
• 575655c Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4
• c74397a Merge branch '3.3.x' into 3.4.x
• c718461 Protect against NoSuchMethodException on setReadOnly
• 7dc9bf2 Upgrade to Testcontainers Redis Module 2.2.4
• 7d1fc06 Upgrade to Testcontainers 1.20.5
• Additional commits viewable in compare view

Updates io.sentry:sentry-logback from 8.1.0 to 8.2.0

Release notes

Sourced from io.sentry:sentry-logback's releases.

8.2.0

Breaking Changes

• The Kotlin Language version is now set to 1.6 (#3936)

Features

• Create onCreate and onStart spans for all Activities (#4025)
• Add split apks info to the App context (#3193)
• Expose new withSentryObservableEffect method overload that accepts SentryNavigationListener as a parameter (#4143)
  • This allows sharing the same SentryNavigationListener instance across fragments and composables to preserve the trace
• (Internal) Add API to filter native debug images based on stacktrace addresses (#4089)
• Propagate sampling random value (#4153)
  • The random value used for sampling traces is now sent to Sentry and attached to the baggage header on outgoing requests
• Update sampleRate that is sent to Sentry and attached to the baggage header on outgoing requests (#4158)
  • If the SDK uses its sampleRate or tracesSampler callback, it now updates the sampleRate in Dynamic Sampling Context.

Fixes

• Log a warning when envelope or items are dropped due to rate limiting (#4148)
• Do not log if OtelContextScopesStorage cannot be found (#4127)
  • Previously java.lang.ClassNotFoundException: io.sentry.opentelemetry.OtelContextScopesStorage was shown in the log if the class could not be found.
  • This is just a lookup the SDK performs to configure itself. The SDK also works without OpenTelemetry.
• Session Replay: Fix various crashes and issues (#4135)
  • Fix FileNotFoundException when trying to read/write .ongoing_segment file
  • Fix IllegalStateException when registering onDrawListener
  • Fix SIGABRT native crashes on Motorola devices when encoding a video
• Mention javadoc and sources for published artifacts in Gradle .module metadata (#3936)
• (Jetpack Compose) Modifier.sentryTag now uses Modifier.Node (#4029)
  • This allows Composables that use this modifier to be skippable

Dependencies

• Bump Native SDK from v0.7.19 to v0.7.20 (#4128)
  • changelog
  • diff
• Bump Gradle from v8.9.0 to v8.12.1 (#4106)
  • changelog
  • diff

Changelog

Sourced from io.sentry:sentry-logback's changelog.

8.2.0

Breaking Changes

• The Kotlin Language version is now set to 1.6 (#3936)

Features

• Create onCreate and onStart spans for all Activities (#4025)
• Add split apks info to the App context (#3193)
• Expose new withSentryObservableEffect method overload that accepts SentryNavigationListener as a parameter (#4143)
  • This allows sharing the same SentryNavigationListener instance across fragments and composables to preserve the trace
• (Internal) Add API to filter native debug images based on stacktrace addresses (#4089)
• Propagate sampling random value (#4153)
  • The random value used for sampling traces is now sent to Sentry and attached to the baggage header on outgoing requests
• Update sampleRate that is sent to Sentry and attached to the baggage header on outgoing requests (#4158)
  • If the SDK uses its sampleRate or tracesSampler callback, it now updates the sampleRate in Dynamic Sampling Context.

Fixes

• Log a warning when envelope or items are dropped due to rate limiting (#4148)
• Do not log if OtelContextScopesStorage cannot be found (#4127)
  • Previously java.lang.ClassNotFoundException: io.sentry.opentelemetry.OtelContextScopesStorage was shown in the log if the class could not be found.
  • This is just a lookup the SDK performs to configure itself. The SDK also works without OpenTelemetry.
• Session Replay: Fix various crashes and issues (#4135)
  • Fix FileNotFoundException when trying to read/write .ongoing_segment file
  • Fix IllegalStateException when registering onDrawListener
  • Fix SIGABRT native crashes on Motorola devices when encoding a video
• Mention javadoc and sources for published artifacts in Gradle .module metadata (#3936)
• (Jetpack Compose) Modifier.sentryTag now uses Modifier.Node (#4029)
  • This allows Composables that use this modifier to be skippable

Dependencies

• Bump Native SDK from v0.7.19 to v0.7.20 (#4128)
  • changelog
  • diff
• Bump Gradle from v8.9.0 to v8.12.1 (#4106)
  • changelog
  • diff

Commits

• f291098 release: 8.2.0
• 80eda8c Update sampleRate in DSC (#4158)
• dc85168 Propagate sampling random value (#4153)
• 367d8b9 Log a warning when envelope or items are dropped due to rate limiting (#4148)
• c2c78de Fix config cache for build command (#4157)
• 5e31a6b feat(android-ndk): add api for getting debug images by addresses (#4089)
• f4162ef Bump gradle/actions from 6962c6c931ff9effc947259cc1b9c6edba90b9d3 to aa23778d...
• 33f1664 Bump github/codeql-action from 3.28.8 to 3.28.9 (#4149)
• 6cd406d Bump actions/create-github-app-token from 1.11.2 to 1.11.3 (#4151)
• 95020ab Cherry-pick: Modifier.sentryTag uses Modifier.Node (#4029) (#4144)
• Additional commits viewable in compare view

Updates com.google.mug:mug from 8.3 to 8.5

Release notes

Sourced from com.google.mug:mug's releases.

Release 8.5

• {condition -> subquery} support for SafeQuery and SafeSql.
• SafeSql.queryLazily() that returns Stream

Commits

• d9eb63e [maven-release-plugin] prepare release mug-root-8.5
• dc5fab8 have to use 8.4. Likely because the 8.5 move was not automated
• a0f1a02 use ep 8.5
• ba01c73 use 8.4 for mug-guava EP
• 5f2d530 prepare for 8.5
• b46e39a update SafeSql javadoc to point to the 8.4 EP check
• d654a49 Re-enable errorprone
• 71acf4f flip the SafeSql javadoc order a bit
• f6cd970 flip the SafeSql javadoc order a bit
• 8f78d52 flip the SafeSql javadoc order a bit
• Additional commits viewable in compare view

Updates org.webjars.npm:swagger-ui-dist from 5.18.3 to 5.19.0

Release notes

Sourced from org.webjars.npm:swagger-ui-dist's releases.

Swagger UI v5.19.0 Released!

5.19.0 (2025-02-17)

Features

• add support for OpenAPI 3.0.4 (#10247) (d437474)

Commits

• dfa908d chore(release): cut the v5.19.0 release
• e6d8190 chore(package-lock): regenerate package lock to install latest deps (#10299)
• 4844eb8 chore(deps-dev): bump webpack-cli from 5.1.4 to 6.0.1 (#10294)
• c5f2405 chore(deps): bump @​babel/runtime-corejs3 from 7.26.7 to 7.26.9 (#10297)
• d194c83 chore(deps): bump nginx from 1.27.3-alpine to 1.27.4-alpine (#10283)
• d437474 feat: add support for OpenAPI 3.0.4 (#10247)
• 5d1c42c chore(deps-dev): bump start-server-and-test from 2.0.8 to 2.0.10 (#10295)
• c4147a0 chore(deps): bump @​babel/runtime-corejs3 from 7.26.0 to 7.26.7 (#10293)
• 23cb459 chore(deps-dev): bump @​babel/core from 7.24.7 to 7.26.8 (#10292)
• 6a0d51e chore(deps-dev): bump eslint-plugin-jest from 28.8.3 to 28.11.0 (#10291)
• Additional commits viewable in compare view

Updates au.com.dius.pact.provider:spring from 4.6.16 to 4.6.17

Release notes

Sourced from au.com.dius.pact.provider:spring's releases.

4.6.17

Bugfix Release

• b3656418f - fix: Only coerce strings to numbers when comparing headers and query parameters
• 1b1cf8432 - chore(compatibility-suite): Correct the shared steps after updating the compatibility suite
• c3938b4c8 - chore: Fix compatibility-suite CI build
• dea8fb762 - chore: Fix compatibility-suite CI build
• 8c5b0b1da - fix: Only split values of known multi-value headers #1852
• d7d30304c - fix: Matching rule paths for fields with only digits should not be written as indices #1851
• 5dba442e2 - fix: Lambda based DSL stringType method did not match the old DSL #1850
• 287b16c44 - feat: Pass any transport config to the plugin in the test context under the transport_config key
• 80d8a8779 - chore: Add example of a test with a pending interaction

Changelog

Sourced from au.com.dius.pact.provider:spring's changelog.

4.6.17 - Bugfix Release

• b3656418f - fix: Only coerce strings to numbers when comparing headers and query parameters (Ronald Holshausen, Fri Feb 14 10:27:01 2025 +1100)
• 00e4b409f - Merge commit '8cb9773b51dc729c4d03414bcb8bc0a8843662a1' (Ronald Holshausen, Fri Feb 14 10:24:30 2025 +1100)
• 8cb9773b5 - Squashed 'compatibility-suite/pact-compatibility-suite/' changes from cc76eac3c..1acfa1ecb (Ronald Holshausen, Fri Feb 14 10:24:30 2025 +1100)
• 1b1cf8432 - chore(compatibility-suite): Correct the shared steps after updating the compatibility suite (Ronald Holshausen, Thu Feb 13 10:23:52 2025 +1100)
• f6fa6e3fe - Squashed 'compatibility-suite/pact-compatibility-suite/' changes from 416f3a64d..cc76eac3c (Ronald Holshausen, Thu Feb 13 10:06:48 2025 +1100)
• 878949219 - Merge commit 'f6fa6e3fe1da4c8fa8a7285f844c3187252365b3' (Ronald Holshausen, Thu Feb 13 10:06:48 2025 +1100)
• c3938b4c8 - chore: Fix compatibility-suite CI build (Ronald Holshausen, Thu Feb 13 09:34:10 2025 +1100)
• dea8fb762 - chore: Fix compatibility-suite CI build (Ronald Holshausen, Thu Feb 13 09:15:34 2025 +1100)
• 8c5b0b1da - fix: Only split values of known multi-value headers #1852 (Ronald Holshausen, Wed Feb 12 16:01:17 2025 +1100)
• d7d30304c - fix: Matching rule paths for fields with only digits should not be written as indices #1851 (Ronald Holshausen, Wed Feb 12 11:21:26 2025 +1100)
• 5dba442e2 - fix: Lambda based DSL stringType method did not match the old DSL #1850 (Ronald Holshausen, Wed Feb 12 10:27:13 2025 +1100)
• 287b16c44 - feat: Pass any transport config to the plugin in the test context under the transport_config key (Ronald Holshausen, Mon Dec 16 10:34:56 2024 +1100)
• 80d8a8779 - chore: Add example of a test with a pending interaction (Ronald Holshausen, Fri Dec 6 09:38:52 2024 +1100)
• 8b09520f2 - bump version to 4.6.17 (Ronald Holshausen, Thu Dec 5 09:50:10 2024 +1100)

Commits

• See full diff in compare view

Updates au.com.dius.pact.consumer:junit5 from 4.6.16 to 4.6.17

Release notes

Sourced from au.com.dius.pact.consumer:junit5's releases.

4.6.17

Bugfix Release

• b3656418f - fix: Only coerce strings to numbers when comparing headers and query parameters
• 1b1cf8432 - chore(compatibility-suite): Correct the shared steps after updating the compatibility suite
• c3938b4c8 - chore: Fix compatibility-suite CI build
• dea8fb762 - chore: Fix compatibility-suite CI build
• 8c5b0b1da - fix: Only split values of known multi-value headers #1852
• d7d30304c - fix: Matching rule paths for fields with only digits should not be written as indices #1851
• 5dba442e2 - fix: Lambda based DSL stringType method did not match the old DSL #1850
• 287b16c44 - feat: Pass any transport config to the plugin in the test context under the transport_config key
• 80d8a8779 - chore: Add example of a test with a pending interaction

Changelog

Sourced from au.com.dius.pact.consumer:junit5's changelog.

4.6.17 - Bugfix Release

• b3656418f - fix: Only coerce strings to numbers when comparing headers and query parameters (Ronald Holshausen, Fri Feb 14 10:27:01 2025 +1100)
• 00e4b409f - Merge commit '8cb9773b51dc729c4d03414bcb8bc0a8843662a1' (Ronald Holshausen, Fri Feb 14 10:24:30 2025 +1100)
• 8cb9773b5 - Squashed 'compatibility-suite/pact-compatibility-suite/' changes from cc76eac3c..1acfa1ecb (Ronald Holshausen, Fri Feb 14 10:24:30 2025 +1100)
• 1b1cf8432 - chore(compatibility-suite): Correct the shared steps after updating the compatibility suite (Ronald Holshausen, Thu Feb 13 10:23:52 2025 +1100)
• f6fa6e3fe - Squashed 'compatibility-suite/pact-compatibility-suite/' changes from 416f3a64d..cc76eac3c (Ronald Holshausen, Thu Feb 13 10:06:48 2025 +1100)
• 878949219 - Merge commit 'f6fa6e3fe1da4c8fa8a7285f844c3187252365b3' (Ronald Holshausen, Thu Feb 13 10:06:48 2025 +1100)
• c3938b4c8 - chore: Fix compatibility-suite CI build (Ronald Holshausen, Thu Feb 13 09:34:10 2025 +1100)
• dea8fb762 - chore: Fix compatibility-suite CI build (Ronald Holshausen, Thu Feb 13 09:15:34 2025 +1100)
• 8c5b0b1da - fix: Only split values of known multi-value headers #1852 (Ronald Holshausen, Wed Feb 12 16:01:17 2025 +1100)
• d7d30304c - fix: Matching rule paths for fields with only digits should not be written as indices #1851 (Ronald Holshausen, Wed Feb 12 11:21:26 2025 +1100)
• 5dba442e2 - fix: Lambda based DSL stringType method did not match the old DSL #1850 (Ronald Holshausen, Wed Feb 12 10:27:13 2025 +1100)
• 287b16c44 - feat: Pass any transport config to the plugin in the test context under the transport_config key (Ronald Holshausen, Mon Dec 16 10:34:56 2024 +1100)
• 80d8a8779 - chore: Add example of a test with a pending interaction (Ronald Holshausen, Fri Dec 6 09:38:52 2024 +1100)
• 8b09520f2 - bump version to 4.6.17 (Ronald Holshausen, Thu Dec 5 09:50:10 2024 +1100)

Commits

• See full diff in compare view

Updates com.google.cloud:google-cloud-nio from 0.127.30 to 0.127.31

Release notes

Sourced from com.google.cloud:google-cloud-nio's releases.

v0.127.31

0.127.31 (2025-02-13)

Dependencies

• Update dependency com.google.cloud:google-cloud-storage to v2.48.1 (#1533) (f6b9472)
• Update dependency com.google.cloud:google-cloud-storage to v2.48.2 (#1537) (74b2803)
• Update dependency com.google.cloud:sdk-platform-java-config to v3.43.0 (#1536) (d024538)

Changelog

Sourced from com.google.cloud:google-cloud-nio's changelog.

0.127.31 (2025-02-13)

Dependencies

• Update dependency com.google.cloud:google-cloud-storage to v2.48.1 (#1533) (f6b9472)
• Update dependency com.google.cloud:google-cloud-storage to v2.48.2 (#1537) (74b2803)
• Update dependency com.google.cloud:sdk-platform-java-config to v3.43.0 (#1536) (d024538)

Commits

• 259431a chore(main): release 0.127.31 (#1535)
• 74b2803 deps: update dependency com.google.cloud:google-cloud-storage to v2.48.2 (#1537)
• d024538 deps: update dependency com.google.cloud:sdk-platform-java-config to v3.43.0 ...
• 4df95f2 chore(deps): update dependency com.google.cloud:libraries-bom to v26.54.0 (#1...
• f6b9472 deps: update dependency com.google.cloud:google-cloud-storage to v2.48.1 (#1533)
• 728e7e3 chore(deps): update dependency com.google.cloud:google-cloud-nio to v0.127.30...
• 0f0c538 chore(main): release 0.127.31-SNAPSHOT (#1531)
• See full diff in compare view

Updates au.com.dius.pact from 4.6.16 to 4.6.17

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud