[PF-2987]: Bump the minor-patch-dependencies group with 9 updates

[dependabot]

Bumps the minor-patch-dependencies group with 9 updates:

Package	From	To
com.google.cloud:libraries-bom	26.50.0	26.52.0
org.apache.commons:commons-dbcp2	2.12.0	2.13.0
org.springframework:spring-context	6.2.0	6.2.1
org.springframework:spring-web	6.2.0	6.2.1
org.springframework.shell:spring-shell-starter	3.3.3	3.4.0
io.spring.dependency-management	1.1.6	1.1.7
org.springframework.boot	3.4.0	3.4.1
com.azure:azure-messaging-servicebus	7.17.6	7.17.7
io.netty:netty-bom	4.1.115.Final	4.1.116.Final

Updates com.google.cloud:libraries-bom from 26.50.0 to 26.52.0

Release notes

Sourced from com.google.cloud:libraries-bom's releases.

v26.52.0

GCP Libraries BOM 26.52.0

Here are the differences from the previous version (26.51.0)

New Addition

• com.google.cloud:google-cloud-valkey:0.1.0

The group ID of the following artifacts is com.google.cloud.

Notable Changes

google-cloud-bigquery 2.45.0 (prev: 2.44.0)

• Enable Lossless Timestamps in BQ java client lib (#3589) (c0b874a)

• Introduce java.time methods and variables (#3586) (31fb15f)

• test: Update schema for broken ConnImplBenchmark test (#3574) (8cf4387)

google-cloud-bigquerystorage 3.11.0 (prev: 3.10.3)

• Add support for byte and short (#2789) (98a714f)
• Introduce java.time methods and variables (#2780) (8dd66d5)

google-cloud-bigtable 2.51.0 (prev: 2.49.0)

• Introduce java.time (#2415) (bb96c3e)

• Move resource detection to the first export to avoid slow start (#2450) (cec010a)

google-cloud-datastore 2.25.1 (prev: 2.24.3)

• Introduce java.time methods and variables (#1671) (5a78a80)

google-cloud-logging 3.21.0 (prev: 3.20.7)

• Introduce java.time methods (#1729) (323eb33)

google-cloud-pubsub 1.135.0 (prev: 1.134.2)

• Introduce java.time variables and methods (#2271) (7edfd9c)

google-cloud-pubsublite 1.15.0 (prev: 1.14.8)

• Introduce java.time variables and methods (#1784) (2239c08)

google-cloud-spanner 6.83.0 (prev: 6.82.0)

• Add Metrics host for built in metrics (#3519) (4ed455a)
• Add opt-in for using multiplexed sessions for blind writes (#3540) (216f53e)
• Add UUID in Spanner TypeCode enum (41f83dc)
• Introduce java.time variables and methods (#3495) (8a7d533)
• spanner: Support multiplexed session for Partitioned operations (#3231) (4501a3e)
• Support 'set local' for retry_aborts_internally (#3532) (331942f)

google-cloud-storage 2.46.0 (prev: 2.45.0)

• Introduce java.time methods and variables (#2826) (baf30ee)

... (truncated)

Commits

• cd6a239 chore: release main (#6878)
• 125ffe4 deps: update dependency com.google.cloud:google-cloud-bigtable-bom to v2.51.0...
• 4529f52 deps: update dependency org.codehaus.plexus:plexus-utils to v3.6.0 (#6891)
• e095472 deps: update dependency com.google.cloud:gapic-libraries-bom to v1.49.0 (#6892)
• fc4869e deps: update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.25.1...
• a90efed deps: update dependency com.google.cloud:google-cloud-datastore-bom to v2.25....
• 2fc8d1a deps: update dependency com.google.cloud:google-cloud-spanner-bom to v6.83.0 ...
• cf9fe6e deps: update dependency com.google.cloud:google-cloud-bigquery to v2.45.0 (#6...
• 30d9b73 deps: update dependency com.google.cloud:google-cloud-logging-logback to v0.1...
• b3da142 deps: update dependency com.google.cloud:google-cloud-bigquerystorage-bom to ...
• Additional commits viewable in compare view

Updates org.apache.commons:commons-dbcp2 from 2.12.0 to 2.13.0

Updates org.springframework:spring-context from 6.2.0 to 6.2.1

Release notes

Sourced from org.springframework:spring-context's releases.

v6.2.1

⭐ New Features

• Implement toString() in TestBeanOverrideHandler #34072
• Log alias removal in DefaultListableBeanFactory #34070
• Log warning when one Bean Override overrides another Bean Override #34056
• Introduce "unsafeAllocated" flag in TypeHint #34055
• Cannot assert status reason phrase with MockMvcTester #34016
• Improve toString for reactive ScheduledTask #34010
• Optimize sending requests without a body in RestClient and WebClient with Reactor Netty #34003
• Add missing @Contract annotation to ObjectUtils#isEmpty #33984
• OptionalValidatorFactoryBean suppresses Hibernate Validator configuration failures too much #33979
• Support Flux<ServerSentEvent<Fragment>> in WebFlux #33975
• Update in FragmentsRendering to names of static methods #33974
• Honor @Fallback semantics for Test Bean Overrides #33924
• AdvisedSupport.MethodCacheKey should check for logical equality as well as identity #33915
• Fail with full description for XML diff in XmlExpectationsHelper #33827
• MapMethodProcessor should only resolve arguments of type Map or the ModelMap hierarchy #33160

🐞 Bug Fixes

• Support binding from request headers via constructor args #34073
• Unable to configure custom scheduler for @Scheduled annotation #34058
• Identical Bean Overrides are silently allowed #34054
• OOM due to NoTransactionInContextException in reactive pipeline #34048
• Priority header causes binding exception after upgrade to Spring Framework 6.2.0 #34039
• @MockitoBean incorrectly injects supertype into subtype field #34025
• NestedPlaceholder are not recursively resolved if the fallback is a placeholder #34020
• AOT no longer generates BeanInstanceSupplier signature for a CGLIB proxy with its public type #33998
• Nested transaction support via savepoints is broken in Oracle database #33987
• Proxy created with IntroductionInterceptor but without target always throws an exception #33985
• ApplicationListener no longer invoked for generic ApplicationEvent with 6.2.0 #33982
• Error handling override in DefaultResponseErrorHandler ignored after upgrade to 6.2.0 #33980
• BeanCurrentlyInCreationException is thrown when multiple threads simultaneously try to create a FactoryBean #33972
• HandshakeWebSocketService assumes jakarta websocket is present #33970
• @Value cases SpringCGLIB$$0 required a bean of type java.lang.String that could not be found in Native compile when migrating to SB 3.4 #33960
• PathMatchingResourcePatternResolver should not log directory-skip messages at info level #33956
• Avoid infinite recursion in BeanValidationBeanRegistrationAotProcessor with recursive generics #33950
• Skip runtime hint registration for validation constraint with missing dependencies #33949
• Move Kotlin value class unboxing to InvocableHandlerMethod #33943
• MockReset strategy is no longer honored for @MockitoBean and @MockitoSpyBean #33941
• TypeDescriptor with recursive generics triggers infinite recursion in ResolvableType.equals/hashCode #33932
• RestClient does not expose full URI template as attribute #33928
• Bean Overrides like @MockitoBean and @TestBean should not be allowed on static fields #33922
• Regression in duplicate beans with different method names #33920

📔 Documentation

• Fix link to MockMvcBuilders in reference documentation #34031
• Fix a typo in the filters documentation #33959

... (truncated)

Commits

• b4f10d4 Release v6.2.1
• 0aa721c Polishing
• 63af572 Upgrade to Jackson 2.18.2, RxJava 3.1.10, Checkstyle 10.20.2
• 72c2343 Avoid deprecated ListenableFuture name for internal class
• 8aeced9 Support header filtering in web data binding
• 70c326e Support headers in DataBinding via constructor args
• 7b4e19c Make ExtendedServletRequestDataBinder public
• 3b95d2c Support Flux<ServerSentEvent> in WebFlux
• 640e570 Minor refactoring in ServerSentEvent
• 66f33a8 MapMethodProcessor supportsParameter is more specific
• Additional commits viewable in compare view

Updates org.springframework:spring-web from 6.2.0 to 6.2.1

Release notes

Sourced from org.springframework:spring-web's releases.

v6.2.1

⭐ New Features

• Implement toString() in TestBeanOverrideHandler #34072
• Log alias removal in DefaultListableBeanFactory #34070
• Log warning when one Bean Override overrides another Bean Override #34056
• Introduce "unsafeAllocated" flag in TypeHint #34055
• Cannot assert status reason phrase with MockMvcTester #34016
• Improve toString for reactive ScheduledTask #34010
• Optimize sending requests without a body in RestClient and WebClient with Reactor Netty #34003
• Add missing @Contract annotation to ObjectUtils#isEmpty #33984
• OptionalValidatorFactoryBean suppresses Hibernate Validator configuration failures too much #33979
• Support Flux<ServerSentEvent<Fragment>> in WebFlux #33975
• Update in FragmentsRendering to names of static methods #33974
• Honor @Fallback semantics for Test Bean Overrides #33924
• AdvisedSupport.MethodCacheKey should check for logical equality as well as identity #33915
• Fail with full description for XML diff in XmlExpectationsHelper #33827
• MapMethodProcessor should only resolve arguments of type Map or the ModelMap hierarchy #33160

🐞 Bug Fixes

• Support binding from request headers via constructor args #34073
• Unable to configure custom scheduler for @Scheduled annotation #34058
• Identical Bean Overrides are silently allowed #34054
• OOM due to NoTransactionInContextException in reactive pipeline #34048
• Priority header causes binding exception after upgrade to Spring Framework 6.2.0 #34039
• @MockitoBean incorrectly injects supertype into subtype field #34025
• NestedPlaceholder are not recursively resolved if the fallback is a placeholder #34020
• AOT no longer generates BeanInstanceSupplier signature for a CGLIB proxy with its public type #33998
• Nested transaction support via savepoints is broken in Oracle database #33987
• Proxy created with IntroductionInterceptor but without target always throws an exception #33985
• ApplicationListener no longer invoked for generic ApplicationEvent with 6.2.0 #33982
• Error handling override in DefaultResponseErrorHandler ignored after upgrade to 6.2.0 #33980
• BeanCurrentlyInCreationException is thrown when multiple threads simultaneously try to create a FactoryBean #33972
• HandshakeWebSocketService assumes jakarta websocket is present #33970
• @Value cases SpringCGLIB$$0 required a bean of type java.lang.String that could not be found in Native compile when migrating to SB 3.4 #33960
• PathMatchingResourcePatternResolver should not log directory-skip messages at info level #33956
• Avoid infinite recursion in BeanValidationBeanRegistrationAotProcessor with recursive generics #33950
• Skip runtime hint registration for validation constraint with missing dependencies #33949
• Move Kotlin value class unboxing to InvocableHandlerMethod #33943
• MockReset strategy is no longer honored for @MockitoBean and @MockitoSpyBean #33941
• TypeDescriptor with recursive generics triggers infinite recursion in ResolvableType.equals/hashCode #33932
• RestClient does not expose full URI template as attribute #33928
• Bean Overrides like @MockitoBean and @TestBean should not be allowed on static fields #33922
• Regression in duplicate beans with different method names #33920

📔 Documentation

• Fix link to MockMvcBuilders in reference documentation #34031
• Fix a typo in the filters documentation #33959

... (truncated)

Commits

• b4f10d4 Release v6.2.1
• 0aa721c Polishing
• 63af572 Upgrade to Jackson 2.18.2, RxJava 3.1.10, Checkstyle 10.20.2
• 72c2343 Avoid deprecated ListenableFuture name for internal class
• 8aeced9 Support header filtering in web data binding
• 70c326e Support headers in DataBinding via constructor args
• 7b4e19c Make ExtendedServletRequestDataBinder public
• 3b95d2c Support Flux<ServerSentEvent> in WebFlux
• 640e570 Minor refactoring in ServerSentEvent
• 66f33a8 MapMethodProcessor supportsParameter is more specific
• Additional commits viewable in compare view

Updates org.springframework.shell:spring-shell-starter from 3.3.3 to 3.4.0

Release notes

Sourced from org.springframework.shell:spring-shell-starter's releases.

v3.4.0

Generic Notes

Dependency Updates

• Spring Boot 3.4.0
• Commons IO 2.18.0
• Starters and samples for FFM was not enabled even though it was in 3.4.0-M2.

3.4.0-M2

Generic Notes

Fixes

This release contains some notable changes:

• Builds on spring-boot 3.4.0-M3
• Support for JLine ffm provider
• New spring-shell-starter-ffm starter (JDK22)
• New spring-shell-sample-ffm sample (JDK22)

Issues

#1141 Upgrade gradle 8.10.1 #1137 Upgrade spring-boot 3.4.0-M3 #1132 Bundle Javadoc with Antora #1131 Support JDK FFM

3.4.0-M1

Generic Notes

Fixes

This release contains some notable changes:

• Builds on spring-boot 3.4.0-M2
• Builds on jline 3.26.3
• Better unicode support
• StatusBar is easier to use
• Better handling of invalid options

Issues

... (truncated)

Commits

• 605b8dd Release 3.4.0
• 82176a0 Remove setup-maven
• 7ebec6e Remove macos-13
• d044e16 Add JF_SERVER_ID variable
• 497a41d Update JFrog CLI Usage
• 7f702d5 Fix e2e macos configuration
• 9d2d0c0 Fix server id in JFrog configuration
• bec5185 Update to Boot 3.4.0
• 094ffeb Use jdk 22/17 in release workflows
• 747c030 Use jdk22 in e2e tests
• Additional commits viewable in compare view

Updates io.spring.dependency-management from 1.1.6 to 1.1.7

Release notes

Sourced from io.spring.dependency-management's releases.

v1.1.7

🐞 Bug Fixes

• Dependency management report task produces a deprecation warning with Gradle 8.12-rc-1 #400
• ExclusionResolver makes assumptions that won't hold true with Gradle 9 #394

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​octylFractal

Commits

• 99c6a87 Release v1.1.7
• e870ef7 Address another deprecation warning in report take
• fc43f90 Stop report task from triggering a deprecation warning
• 0d1b43d Merge pull request #394 from octylFractal
• 09853a2 Check for ModuleComponentIdentifier explicitly
• e85cd28 Next development version (v1.1.7-SNAPSHOT)
• See full diff in compare view

Updates org.springframework.boot from 3.4.0 to 3.4.1

Release notes

Sourced from org.springframework.boot's releases.

v3.4.1

🐞 Bug Fixes

• KafkaProperties fail to build SSL properties when the bundle name is an empty string #43563
• Diagnostics are poor when property resolution throws a ConversionFailedException #43559
• SpringApplicationShutdownHandlers do not run in deterministic order #43536
• Unable to find a @SpringBootConfiguration results in misleading error message #43507
• With multiple ResourceHandlerRegistrationCustomizer beans in the context, only one of them is used #43497
• Unable to use Docker Compose support when mixing dedicated and shared services #43472
• Kafka dependency management does not include the kafka-server module #43454
• Docker API version is incorrectly reported when '/_ping` calls fail and version should be fixed #43452
• Methods to build producer / consumer properties from KafkaProperties are inconvienenent to use without an SSL bundle #43448
• Failures in -Djarmode=tools do not consistently return a non-zero exit #43436
• HttpComponentsClientHttpRequestFactoryBuilder replaces the existing defaultRequestConfigCustomizer rather than adding to it #43429
• spring-boot-maven-plugin sets imagePlatform even if it's empty #43424
• OnBeanCondition fails to match on annotations when using Scoped Proxies #43423
• Failure analysis for InvalidConfigurationPropertyValueException doesn't correctly handle fuzzy matching of environment variables #43382
• H2ConsoleAutoConfiguration causes early initialization of DataSource beans #43359
• Accept progress on numbers >2GB #43356
• Servlet-based UserDetailsServiceAutoConfiguration is active in a reactive app #43334
• StructuredLoggingJsonMembersCustomizer implementations declared in spring.factories with a generic type more specific than Object are not called #43312
• Overriding log level with an environment variable does not work when using an environment prefix #43307
• Management endpoint access and enabled properties are ignored unless the endpoint ID is an exact match #43302
• UnsupportedOperationException when starting a Maven shaded application on Java 21 with virtual threads enabled #43291
• JmsListener failing with Narayana (pooled ConnectionFactory) since 3.4.0 #43277
• SslBundle can no longer open store file locations without using a 'file:' prefix #43274
• TestRestTemplate does not allow redirects to be customized #43258
• Testcontainers start() methods may be started multiple times #43253

📔 Documentation

• Fix typo in documentation #43558
• Document that server.ssl.cipher and server.ssl.enabled-protocols are not fallbacks used with SSL bundles #43552
• Use <annotationProcessorPaths> in Maven examples for configuring an annotation processor #43544
• Fix typo #43519
• Links to logback javadoc are incorrect #43456
• Fix JUnit javadoc links #43428
• Reference documentation incorrectly uses 'disabled' rather than 'none' for access restrictions #43351
• Restore System property in Logging section of the reference documentation #43342
• Fix link to proxyBeanMethods in @AutoConfiguration javadoc #43325
• Fix links to Servlet and JPA javadoc #43324
• Link to @EnableMethodSecurity instead of the deprecated @EnableGlobalMethodSecurity #43315
• Document that StructuredLoggingJsonMembersCustomizer implementations may optionally take constructor parameters #43314
• Update javadoc of StructuredLoggingJsonMembersCustomizer to note that implementations can registered through spring.factories #43313
• Fix Javadoc link for Hikari #43311
• Document how to use structured logging with custom log configuration #43301
• Update Javadoc since for OtlpMetricsProperties and OtlpTracingProperties #43249

🔨 Dependency Upgrades

... (truncated)

Commits

• 1832852 Release v3.4.1
• c9e8174 Merge branch '3.3.x'
• 316fe52 Next development version (v3.3.8-SNAPSHOT)
• 4300ee9 Merge branch '3.3.x'
• da59380 Upgrade to Spring Batch 5.2.1
• a085a01 Upgrade to Spring Batch 5.1.3
• fcc569e Upgrade to Hibernate 6.6.4.Final
• 1b8fcb6 Merge pull request #43560 from arefbehboudi
• dbc1fc2 Polish
• ef43160 Merge branch '3.3.x'
• Additional commits viewable in compare view

Updates com.azure:azure-messaging-servicebus from 7.17.6 to 7.17.7

Commits

• 67156c2 remove removed parameters
• b81f751 testing with scottb's one line changes
• f727f9c update release date
• 7278d4a rerun maven in mixedreality-remoterendering client sdk
• efed082 rerun maven in schemaregistry-apacheavro client sdk
• 4505965 rerun maven in webpubsub client sdk
• fe68f8f rerun maven in serch sdk
• 67a9947 rerun maven in monitor query sdk
• 6e8ca6f rerun maven in webpubsub sdk
• 2532641 rerun maven in schemaregistry sdk
• Additional commits viewable in compare view

Updates io.netty:netty-bom from 4.1.115.Final to 4.1.116.Final

Commits

• 2a58b07 [maven-release-plugin] prepare release netty-4.1.116.Final
• a739efa Adaptive: Add assert to guard against bugs related to chunk pooling (#14590)
• 22cb4ec Fix race and leaks introduced in tests by a16f8aaf2ff101567a526916b46… (#14588)
• ad104c6 Correctly gard aginst failure when running on systems with 1 core
• a16f8aa Allow PcapWriteHandler to output PCAP files larger than 2GB (#14478)
• dccfcc8 Adapt: Ensure Chunks from the central Queue are re-used even if there… (#14586)
• fdc10c4 chore: use readRetainedSlice to avoid copy in SpdyFrameDecoder (#14573)
• 46b11cc Adapt: Don't fail when we run on a host with 1 core (#14582) (#14584)
• 6138a5a Adapt: Only add Chunk to central Queue if unused (#14580) (#14583)
• 6c3041f Adaptive: Correctly restore allocatedBytes value on failure (#14577) (#14578)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: dependency, gradle.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud