Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the root-gradle-deps group with 12 updates #1545

Closed
wants to merge 1 commit into from
Closed

Bump the root-gradle-deps group with 12 updates #1545

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 12, 2024
edited
Loading

Bumps the root-gradle-deps group with 12 updates:

Package From To
com.amazonaws:aws-java-sdk-bom 1.12.626 1.12.635
org.assertj:assertj-core 3.24.2 3.25.1
io.grpc:grpc-bom 1.60.1 1.61.0
io.grpc:grpc-api 1.60.1 1.61.0
io.grpc:grpc-netty-shaded 1.60.1 1.61.0
io.opentelemetry:opentelemetry-bom 1.34.0 1.34.1
io.opentracing.brave:brave-opentracing 1.0.0 1.0.1
io.zipkin.zipkin2:zipkin 2.25.2 3.0.2
io.zipkin.reporter2:zipkin-sender-okhttp3 2.17.1 3.1.1
io.zipkin.brave:brave 5.17.0 6.0.0
software.amazon.awssdk:s3 2.22.6 2.23.1
org.slf4j:slf4j-simple 2.0.9 2.0.11

Updates com.amazonaws:aws-java-sdk-bom from 1.12.626 to 1.12.635

Changelog

Sourced from com.amazonaws:aws-java-sdk-bom's changelog.

1.12.635 2024-01-11

AWS IoT

  • Features

    • Add ConflictException to Update APIs of AWS IoT Software Package Catalog

AWS IoT FleetWise

  • Features

    • The following dataTypes have been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType; CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason; CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType

AWS Secrets Manager

  • Features

    • Doc only update for Secrets Manager

Amazon EC2 Container Service

  • Features

    • This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.

Amazon Elastic Compute Cloud

  • Features

    • This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.

Amazon EventBridge

  • Features

    • Adding AppSync as an EventBridge Target

Amazon WorkSpaces

  • Features

    • Added AWS Workspaces RebootWorkspaces API - Extended Reboot documentation update

1.12.634 2024-01-10

AWS SDK for Java

Amazon CloudWatch Logs

  • Features

    • Add support for account level subscription filter policies to PutAccountPolicy, DescribeAccountPolicies, and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified with new optional "selectionCriteria" parameter for resource selection.

Amazon Connect Wisdom Service

  • Features

    • QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.

Amazon Location Service

  • Features

    • This release adds API support for custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap.

Amazon Q Connect

  • Features

    • QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.

... (truncated)

Commits
  • 1159a89 AWS SDK for Java 1.12.635
  • 31ae884 Update GitHub version number to 1.12.635-SNAPSHOT
  • d3023b7 AWS SDK for Java 1.12.634
  • 2c1bf03 Update GitHub version number to 1.12.634-SNAPSHOT
  • d773a7f AWS SDK for Java 1.12.633
  • 4999801 Update GitHub version number to 1.12.633-SNAPSHOT
  • ea0e807 AWS SDK for Java 1.12.632
  • 4aa3464 Update GitHub version number to 1.12.632-SNAPSHOT
  • ddb42e9 AWS SDK for Java 1.12.631
  • ea82c41 Update GitHub version number to 1.12.631-SNAPSHOT
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.24.2 to 3.25.1

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.25.1

🧩 Binary Compatibility

The release is:

  • Binary compatible with the previous minor version.
  • Binary incompatible with the previous patch version.

🐛 Bug Fixes

Core

  • Revert "Provide value when assertThatThrownBy/thenThrownBy fail" #3318
  • Revert "fix: containsExactly does not work properly with maps not using equals to compare keys" #3321

v3.25.0

🧩 Binary Compatibility

The release is binary compatible with the previous minor version.

🚫 Deprecated

Core

  • Deprecate the following date/time related assertions in favor of isCloseTo:
    • isEqualToIgnoringHours
    • isEqualToIgnoringMinutes
    • isEqualToIgnoringSeconds
    • isEqualToIgnoringMillis
    • isEqualToIgnoringNanos
    • isInSameHourAs
    • isInSameMinuteAs
    • isInSameSecondAs
  • Deprecate asList in favor of asInstanceOf #3138

✨ New Features

Core

  • Add Descriptable#describedAs(Supplier<String>)
  • Add isInThePast and isInTheFuture to LocalDate assertions #2933
  • Add isInThePast and isInTheFuture to the missing Java 8 date/time types #2947
  • Add isRecord and isNotRecord to Class assertions #2968
  • Add hasNullValue and doesNotHaveNullValue to AtomicReferenceAssert #2969
  • Add asBoolean|Byte|Short|Int|Long|Float|Double to String assertions #2580
  • Add hasRecordComponents to Class assertions #2995
  • Add getters for field path in ComparisonDifference #3007
  • Allow to compare enum and string fields in the recursive comparison #2616
  • Provide value when assertThatThrownBy / thenThrownBy fail #3043
  • Add isSealed and isNotSealed to Class assertions #3080
  • Add assertThatCharSequence to disambiguate Groovy's GString #3132

... (truncated)

Commits
  • 65f6433 [maven-release-plugin] prepare release assertj-build-3.25.1
  • 4753165 Revert "fix: containsExactly does not work properly with maps not using equal...
  • 2a7c5a6 Revert "Provide value when assertThatThrownBy/thenThrownBy fail" (#3318)
  • 887f97b Update license headers
  • 25347d5 [maven-release-plugin] prepare for next development iteration
  • 2c1c083 [maven-release-plugin] prepare release assertj-build-3.25.0
  • c44129d Move flatten-maven-plugin version to separate property
  • 31cefaf Apply flatten-maven-plugin to assertj-core and assertj-guava (#3311)
  • 435d183 chore(deps-dev): bump org.testng:testng from 7.8.0 to 7.9.0 (#3312)
  • e044604 chore(deps-dev): bump nl.jqno.equalsverifier:equalsverifier from 3.15.4 to 3....
  • Additional commits viewable in compare view

Updates io.grpc:grpc-bom from 1.60.1 to 1.61.0

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.61.0

API Changes

  • Remove Unused experimental API ManagedChannelBuilder.enableFullStreamDecompression. (#10744)
  • api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

  • binder: Experimental support for asynchronous security policies (#10566) (a05388986)

Improvements

  • core: reduce CompositeReadableBuffer allocation (#3279) (0f21574bb)
  • core: Improve error message clarity when a channel leak is detected (201893f5e)
  • util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin
  • xDS: Implement ADS stream flow control mechanism (#10674)
  • Move Noop{Client,Server}Call from testing to api (#10753)

Bug Fixes

  • core: Fix outbound message size checking (#10739) (67b67f838)
  • util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
  • util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests
  • okhttp: Ignore known conscrypt socket close issue (#10812) (2531563a3). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

Dependencies

  • Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5
  • Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes "leaked" into the compile classpath. In particular, grpc-core (io.grpc.internal) will be less frequently included transitively at compile time
  • Upgrade dependencies (c985797d9)
    • Protobuf to 3.25.1
    • auto-value-annotations to 1.10.4
    • error_prone_annotations to 2.23.0
    • proto-google-common-protos to 2.29.0
    • google-cloud-logging to 3.15.14
    • guava to 32.1.3-android
    • okio to 3.4.0

Acknowledgements

Commits
  • f06abeb Bump version to 1.61.0
  • 7700510 Update README protoc references to 3.25.1
  • c639b81 Update README etc to reference 1.61.0
  • 5606081 fix flaky xds test due to verification race (#10798) (#10808)
  • 2531563 okhttp: Ignore known conscrypt socket close issue (#10811) (#10812)
  • 5b082ca Do not cache failed futures for async security policies indefinitely. (#10743)
  • 062f7a2 README.md: Correct gradle protobuf reference from 3.22.3 to 3.24.0 (#10772)
  • 597101c xds: fix flow control message not delivered when previous message type is unk...
  • 0f21574 core: reduce CompositeReadableBuffer allocation (#3279)
  • 846e008 xds: Revert xds flow control change. (#10784)
  • Additional commits viewable in compare view

Updates io.grpc:grpc-api from 1.60.1 to 1.61.0

Release notes

Sourced from io.grpc:grpc-api's releases.

v1.61.0

API Changes

  • Remove Unused experimental API ManagedChannelBuilder.enableFullStreamDecompression. (#10744)
  • api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

  • binder: Experimental support for asynchronous security policies (#10566) (a05388986)

Improvements

  • core: reduce CompositeReadableBuffer allocation (#3279) (0f21574bb)
  • core: Improve error message clarity when a channel leak is detected (201893f5e)
  • util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin
  • xDS: Implement ADS stream flow control mechanism (#10674)
  • Move Noop{Client,Server}Call from testing to api (#10753)

Bug Fixes

  • core: Fix outbound message size checking (#10739) (67b67f838)
  • util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
  • util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests
  • okhttp: Ignore known conscrypt socket close issue (#10812) (2531563a3). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

Dependencies

  • Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5
  • Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes "leaked" into the compile classpath. In particular, grpc-core (io.grpc.internal) will be less frequently included transitively at compile time
  • Upgrade dependencies (c985797d9)
    • Protobuf to 3.25.1
    • auto-value-annotations to 1.10.4
    • error_prone_annotations to 2.23.0
    • proto-google-common-protos to 2.29.0
    • google-cloud-logging to 3.15.14
    • guava to 32.1.3-android
    • okio to 3.4.0

Acknowledgements

Commits
  • f06abeb Bump version to 1.61.0
  • 7700510 Update README protoc references to 3.25.1
  • c639b81 Update README etc to reference 1.61.0
  • 5606081 fix flaky xds test due to verification race (#10798) (#10808)
  • 2531563 okhttp: Ignore known conscrypt socket close issue (#10811) (#10812)
  • 5b082ca Do not cache failed futures for async security policies indefinitely. (#10743)
  • 062f7a2 README.md: Correct gradle protobuf reference from 3.22.3 to 3.24.0 (#10772)
  • 597101c xds: fix flow control message not delivered when previous message type is unk...
  • 0f21574 core: reduce CompositeReadableBuffer allocation (#3279)
  • 846e008 xds: Revert xds flow control change. (#10784)
  • Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.60.1 to 1.61.0

Release notes

Sourced from io.grpc:grpc-netty-shaded's releases.

v1.61.0

API Changes

  • Remove Unused experimental API ManagedChannelBuilder.enableFullStreamDecompression. (#10744)
  • api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

  • binder: Experimental support for asynchronous security policies (#10566) (a05388986)

Improvements

  • core: reduce CompositeReadableBuffer allocation (#3279) (0f21574bb)
  • core: Improve error message clarity when a channel leak is detected (201893f5e)
  • util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin
  • xDS: Implement ADS stream flow control mechanism (#10674)
  • Move Noop{Client,Server}Call from testing to api (#10753)

Bug Fixes

  • core: Fix outbound message size checking (#10739) (67b67f838)
  • util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
  • util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests
  • okhttp: Ignore known conscrypt socket close issue (#10812) (2531563a3). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

Dependencies

  • Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5
  • Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes "leaked" into the compile classpath. In particular, grpc-core (io.grpc.internal) will be less frequently included transitively at compile time
  • Upgrade dependencies (c985797d9)
    • Protobuf to 3.25.1
    • auto-value-annotations to 1.10.4
    • error_prone_annotations to 2.23.0
    • proto-google-common-protos to 2.29.0
    • google-cloud-logging to 3.15.14
    • guava to 32.1.3-android
    • okio to 3.4.0

Acknowledgements

Commits
  • f06abeb Bump version to 1.61.0
  • 7700510 Update README protoc references to 3.25.1
  • c639b81 Update README etc to reference 1.61.0
  • 5606081 fix flaky xds test due to verification race (#10798) (#10808)
  • 2531563 okhttp: Ignore known conscrypt socket close issue (#10811) (#10812)
  • 5b082ca Do not cache failed futures for async security policies indefinitely. (#10743)
  • 062f7a2 README.md: Correct gradle protobuf reference from 3.22.3 to 3.24.0 (#10772)
  • 597101c xds: fix flow control message not delivered when previous message type is unk...
  • 0f21574 core: reduce CompositeReadableBuffer allocation (#3279)
  • 846e008 xds: Revert xds flow control change. (#10784)
  • Additional commits viewable in compare view

Updates io.opentelemetry:opentelemetry-bom from 1.34.0 to 1.34.1

Release notes

Sourced from io.opentelemetry:opentelemetry-bom's releases.

Version 1.34.1

This is a patch release on the previous 1.34.0 release, fixing the issue(s) below.

  • Fix prometheus exporter regressions (#6138)
  • Fix native image regression (#6134)
Changelog

Sourced from io.opentelemetry:opentelemetry-bom's changelog.

Version 1.34.1 (2024-01-11)

  • Fix prometheus exporter regressions (#6138)
  • Fix native image regression (#6134)
Commits
  • 91c4a1b [release/v1.34.x] Prepare release 1.34.1 (#6144)
  • 20cf66c Update changelog for 1.34.1 (#6143)
  • 92c470e [release/v1.34.x] Recreate graal RetryPolicy issue (#6142)
  • ed1f8ba [release/v1.34.x] Restore prometheus metric name mapper tests, fix regression...
  • See full diff in compare view

Updates io.opentracing.brave:brave-opentracing from 1.0.0 to 1.0.1

Commits

Updates io.zipkin.zipkin2:zipkin from 2.25.2 to 3.0.2

Release notes

Sourced from io.zipkin.zipkin2:zipkin's releases.

Zipkin 3.0 updates to Spring Boot 3 and floor JRE 17. The core library io.zipkin.zipkin2:zipkin now targets Java 8. This is a major version change for these reasons.

Apart from raising the server's Java target to 17, actual changes for Spring Boot 3 were a breeze. Upgrade breeze is not by accident, rather thanks to conscious thinking by the Spring Boot team. Please thank them for the good work!

On Java version changes

Recent releases of Zipkin use JRE 21 in docker images, as that's the latest LTS. The server now requires JRE 17 because that's the minimal Java target allowed by Spring Boot 3. JDK 17 no longer supports compilation below Java 8, which impacted our version range. The next notes cover impacts on the core library.

io.zipkin.zipkin2:zipkin now targets Java 8, formerly Java 6. Libraries who need to retain Java 6 or old Android versions should stay on 2.x or move to latest zipkin-reporter-brave which still supports Java 6. This should not impact many because known libraries that depend on zipkin require Java 8 or later.

Again, Zipkin Reporter 3 and Brave 6 no longer have a strict dependency on io.zipkin.zipkin2:zipkin so, still support Java 6.

Notable updates

As this is a major version update, we updated all server extensions we maintain, including:

We also opened a contrib repository for OpenTelemetry zipkin-otel. It is currently empty because the code changes requested haven't migrated, yet. Please watch this if interested or help make it similar to zipkin-gcp.

Also, based on popular demand, zipkin will be added to homebrew soon. Please track this PR for updates.

Finally, have a look at the community page if you are new to zipkin or want to reach out and let people know what's new. Let's look forward to many more years of stable simple tracing together!

Zipkin 2.27.0 adds Eureka integration and adds a docker HEALTHCHECK timeout to ensure abhorrent checks take no longer than one second. Thanks a lot to @​anuraaga @​rogierslag and @​reta for support on this release.

Eureka

Eureka is a service registry originally started at Netflix. Zipkin can register itself in Eureka, allowing traced services to discover its listen address and health state. This is enabled when EUREKA_SERVICE_URL is set to a valid v2 endpoint of the Eureka REST API.

Example usage:

$ EUREKA_SERVICE_URL=http://localhost:8761/eureka/v2 java -jar zipkin.jar

Note: Eureka server registration only includes host and port details. Tracers need to resolve this to the POST endpoint "/api/v2/spans". See our server documentation for more.

Note: This setting does not cause Zipkin to use Eureka to discover any configured dependencies such as Kafka or Elasticsearch. If you need something like this, please open an issue and discuss your setup.

Other service registries

We added Eureka first first due to popular demand. If you need Consul please find or open an issue. Consul should be easy as Zipkin is an Armeria app, and Armeria already supports it. Similar situation with ZooKeeper (which was how zipkin was originally discovered at Twitter!). Nacos has been requested, but not in a long time. If interested, please 👍 the corresponding issue. We might need a hand with Nacos.

Full Changelog: openzipkin/zipkin@2.26.0...2.27.0

Zipkin 2.26.0 supports Elasticsearch 8.x and drops testing for 6.x which is no longer supported by Elastic. It also sets the minimum server JRE to 11, despite the core jar remaining Java 1.6 compatible for instrumentation. Finally, this updates the UI's react dependencies.

... (truncated)

Commits
  • f459eea [maven-release-plugin] prepare release 3.0.2
  • bc7696a removes log4j warning message (#3687)
  • 480b7c1 [maven-release-plugin] prepare for next development iteration
  • 3a74d65 [maven-release-plugin] prepare release 3.0.1
  • 45f240a fixes default release version from 17 to 11 (#3686)
  • 5368d76 docker: test with 3.0 images (#3685)
  • 7139d93 [maven-release-plugin] prepare for next development iteration
  • dc43a57 [maven-release-plugin] prepare release 3.0.0
  • 7aa3990 Fix typo in IllegalArgumentException (#3682)
  • e19058d Prepares for 3.0 by updating to Spring Boot 3 and floor Java 8 (#3684)
  • Additional commits viewable in compare view

Updates io.zipkin.reporter2:zipkin-sender-okhttp3 from 2.17.1 to 3.1.1

Release notes

Sourced from io.zipkin.reporter2:zipkin-sender-okhttp3's releases.

Zipkin Reporter 3.1 adds custom encoding (non-JSON) support for zipkin-reporter-brave's AsyncZipkinSpanHandler.

This was first used in encoder-stackdriver-brave) to allow traced apps to send spans to stackdriver without a zipkin core jar dependency

spanHandler = AsyncZipkinSpanHandler.newBuilder(sender).build(new StackdriverV2Encoder(Tags.ERROR));

Full Changelog: openzipkin/zipkin-reporter-java@3.0.1...3.1.1

Zipkin Reporter 3.0.1 fixes a problem where classpath scanners such as spring would trigger a zipkin2.Span class load on AsyncZipkinSpanHandler in zipkin-reporter-brave, which intentionally has no dependency on that.

Zipkin Reporter 3.0.0 makes the io.zipkin.zipkin2:zipkin dependency of io.zipkin.reporter2:zipkin-reporter-brave optional. This means those using the AsyncZipkinSpanHandler will have no dependencies except any sender they configure. In particular, this allows those using Brave for things besides zipkin (e.g. wavefront) to avoid a dependency. Also, those sending spans zipkin have simpler dependency configuration and save a couple hundred KB, as well.

Those using types from the core io.zipkin.reporter2:zipkin-reporter artifact should depend on this directly, possibly using our bom to align deps. io.zipkin.reporter2:zipkin-reporter still defaults to depend on io.zipkin.zipkin2:zipkin, but it can be excluded if you know what you are doing.

Technically, some base classes to accommodate this, but they don't have affect on call sites except those implementing a custom Reporter or Sender. Due to these type changes, this is a major version change. However, must users will have a drop-in experience, except possibly dependency configuration changes.

Thanks a lot to @​anuraaga and @​reta who helped think through this!

Zipkin Reporter 2.17.2

Zipkin Reporter v2.17.2 fixes a bug where the jars that should be at Java 1.6 or 1.7 bytecode were not.

Full Changelog: https://github.com/openzipkin/zipkin-reporter-java/compare/2.17.0..2.17.2

Commits
  • 9508452 [maven-release-plugin] prepare release 3.1.1
  • 9c666c4 ci: deploys bom separately to allow re-do on partial failure (#241)
  • 73ac34b Increases deploy timeouts due to recent failures uploading to sonatype (#240)
  • 4c57453 [maven-release-plugin] prepare for next development iteration
  • 36a160d [maven-release-plugin] prepare release 3.1.0
  • dea1650 brave: allows AsyncZipkinSpanHandler to be built with custom formats (#239)
  • af70e4c [maven-release-plugin] prepare for next development iteration
  • 4587e0e [maven-release-plugin] prepare release 3.0.2
  • 3f9229d [maven-release-plugin] prepare for next development iteration
  • a21e3e4 [maven-release-plugin] prepare release 3.0.1
  • Additional commits viewable in compare view

Updates io.zipkin.brave:brave from 5.17.0 to 6.0.0

Release notes

Sourced from io.zipkin.brave:brave's releases.

Brave 6 removes all modules and functions deprecated in Brave 5.x. It no longer has any dependency on io.zipkin.zipkin2:zipkin. Special thanks to @​reta and @​anuraaga for a lot of review support leading to this release!

No more deprecated functions

The final release of Brave 5 with deprecated functions was 5.18.1. Removing these functions was the only way to decouple Brave from zipkin's core library (io.zipkin.zipkin2:zipkin). However, this does not change Brave's floor Java 6 support. We still integration test this via the brave-example repository.

Here's an example of a working Java 6 and Spring 2.5 application, which is 280KB smaller due to use of the lean combination of Brave 6 and Zipkin Reporter 3.x:

# brave 5.18.1
3860    target/brave-example-webmvc25-1.0-SNAPSHOT.war
# brave 6.0.0
3580    target/brave-example-webmvc25-1.0-SNAPSHOT.war

No more io.zipkin.reporter2:zipkin-reporter or io.zipkin.zipkin2:zipkin dependencies

io.zipkin.brave:brave-bom used to manage zipkin-reporter dependencies. Since Brave no longer has dependencies on zipkin, it no longer manages them.

This impact is that users will need to manage their own versions for zipkin-reporter, likely via io.zipkin.reporter2:zipkin-reporter-bom described in the zipkin-reporter README.

To fully remove a zipkin core library dependency from your traced applications, use io.zipkin.reporter2:zipkin-reporter-brave 3.x AsyncZipkinSpanHandler. This is described in the zipkin-reporter README. You can expect currently maintained frameworks to do this on your behalf.

Thanks for your patience with the major upgrade. Things like this allow easier maintenance and a longer life for Brave, particularly as zipkin-server moves ahead with later Java versions.

Full Changelog: https://github.com/openzipkin/brave/compare/5.17.1..5.18.1

Brave 5.18 prepares for Brave 6 by deprecating instrumentation for libraries not released in 1.5-3.5 years including:

  • context/rxjava2 - last released Feb 2021
    • replaced by RxJava3, but unlikely this module will be ported as it wasn't used widely.
  • instrumentation/dubbo-rpc - (alibaba) last released Dec 2021
    • replaced by Apache Dubbo instrumentation/dubbo
  • instrumentation/p6spy - last released July 2020
    • project dormant
  • instrumentation/sparkjava - last released July 2022
    • project dormant

A minor change is we changed the artifact we use to test MySQL 8 to com.mysql:mysql-connector-j (instead of mysql:mysql-connector-java), to ensure we validate against current versions. Thanks @​m1ngyuan for the help on this.

Full Changelog: https://github.com/openzipkin/brave/compare/5.17.1..5.18.1

Brave 5.17.1

Brave v5.17.1 fixes a bug where the jars that should be at Java 1.6 or 1.7 bytecode were not.

Full Changelog: https://github.com/openzipkin/brave/compare/5.17.0..5.17.1

Commits
  • 6aa32a2 [maven-release-plugin] prepare release 6.0.0
  • f57f544 kafka-streams: cleans up after deprecation removal (#1404)
  • 5a81bf3 Docs: adds note about explicit reporter dependencies (#1402)
  • cf8dbf9 Revert "Temporarily revert brave 6 change"
  • 39b76ff [maven-release-plugin] prepare for next development iteration
  • a50e658 [maven-release-plugin] prepare release 5.18.1
  • 67b6013 deps: reverts to zipkin-reporter 2.x (#1403)
  • 5c977a2 Temporarily revert brave 6 change
  • f99265d bump to 6.0.0-SNAPSHOT
  • 44e4081 Removes all deprecated types and modules for Brave v6 (#1395)
  • Additional commits viewable in compare view

Updates software.amazon.awssdk:s3 from 2.22.6 to 2.23.1

Updates org.slf4j:slf4j-simple from 2.0.9 to 2.0.11

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the root-gradle-deps group with 12 updates
9948cf4 
Bumps the root-gradle-deps group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [com.amazonaws:aws-java-sdk-bom](https://github.com/aws/aws-sdk-java) | `1.12.626` | `1.12.635` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.24.2` | `3.25.1` |
| [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) | `1.60.1` | `1.61.0` |
| [io.grpc:grpc-api](https://github.com/grpc/grpc-java) | `1.60.1` | `1.61.0` |
| [io.grpc:grpc-netty-shaded](https://github.com/grpc/grpc-java) | `1.60.1` | `1.61.0` |
| [io.opentelemetry:opentelemetry-bom](https://github.com/open-telemetry/opentelemetry-java) | `1.34.0` | `1.34.1` |
| [io.opentracing.brave:brave-opentracing](https://github.com/openzipkin-contrib/opentracing-brave) | `1.0.0` | `1.0.1` |
| [io.zipkin.zipkin2:zipkin](https://github.com/openzipkin/zipkin) | `2.25.2` | `3.0.2` |
| [io.zipkin.reporter2:zipkin-sender-okhttp3](https://github.com/openzipkin/zipkin-reporter-java) | `2.17.1` | `3.1.1` |
| [io.zipkin.brave:brave](https://github.com/openzipkin/brave) | `5.17.0` | `6.0.0` |
| software.amazon.awssdk:s3 | `2.22.6` | `2.23.1` |
| org.slf4j:slf4j-simple | `2.0.9` | `2.0.11` |


Updates `com.amazonaws:aws-java-sdk-bom` from 1.12.626 to 1.12.635
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](aws/aws-sdk-java@1.12.626...1.12.635)

Updates `org.assertj:assertj-core` from 3.24.2 to 3.25.1
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.24.2...assertj-build-3.25.1)

Updates `io.grpc:grpc-bom` from 1.60.1 to 1.61.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.60.1...v1.61.0)

Updates `io.grpc:grpc-api` from 1.60.1 to 1.61.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.60.1...v1.61.0)

Updates `io.grpc:grpc-netty-shaded` from 1.60.1 to 1.61.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.60.1...v1.61.0)

Updates `io.opentelemetry:opentelemetry-bom` from 1.34.0 to 1.34.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-java/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-java/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-java@v1.34.0...v1.34.1)

Updates `io.opentracing.brave:brave-opentracing` from 1.0.0 to 1.0.1
- [Commits](https://github.com/openzipkin-contrib/opentracing-brave/commits)

Updates `io.zipkin.zipkin2:zipkin` from 2.25.2 to 3.0.2
- [Release notes](https://github.com/openzipkin/zipkin/releases)
- [Changelog](https://github.com/openzipkin/zipkin/blob/master/RELEASE.md)
- [Commits](openzipkin/zipkin@2.25.2...3.0.2)

Updates `io.zipkin.reporter2:zipkin-sender-okhttp3` from 2.17.1 to 3.1.1
- [Release notes](https://github.com/openzipkin/zipkin-reporter-java/releases)
- [Changelog](https://github.com/openzipkin/zipkin-reporter-java/blob/master/RELEASE.md)
- [Commits](openzipkin/zipkin-reporter-java@2.17.1...3.1.1)

Updates `io.zipkin.brave:brave` from 5.17.0 to 6.0.0
- [Release notes](https://github.com/openzipkin/brave/releases)
- [Changelog](https://github.com/openzipkin/brave/blob/master/RELEASE.md)
- [Commits](openzipkin/brave@5.17.0...6.0.0)

Updates `software.amazon.awssdk:s3` from 2.22.6 to 2.23.1

Updates `org.slf4j:slf4j-simple` from 2.0.9 to 2.0.11

---
updated-dependencies:
- dependency-name: com.amazonaws:aws-java-sdk-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.grpc:grpc-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.grpc:grpc-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.grpc:grpc-netty-shaded
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.opentelemetry:opentelemetry-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
- dependency-name: io.opentracing.brave:brave-opentracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
- dependency-name: io.zipkin.zipkin2:zipkin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: root-gradle-deps
- dependency-name: io.zipkin.reporter2:zipkin-sender-okhttp3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: root-gradle-deps
- dependency-name: io.zipkin.brave:brave
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: root-gradle-deps
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: org.slf4j:slf4j-simple
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner January 12, 2024 18:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jan 12, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 16, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 16, 2024
@dependabot dependabot bot deleted the dependabot/gradle/root-gradle-deps-41c738bfab branch January 16, 2024 05:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants