fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
com.github.ben-manes.caffeine:caffeine	3.1.8 -> 3.2.0
org.postgresql:postgresql (source)	42.7.4 -> 42.7.5
org.jetbrains.exposed:exposed-jdbc	0.57.0 -> 0.58.0
org.jetbrains.exposed:exposed-core	0.57.0 -> 0.58.0
com.diffplug.spotless	7.0.1 -> 7.0.2
io.grpc:grpc-netty	1.69.0 -> 1.69.1
io.grpc:grpc-protobuf	1.69.0 -> 1.69.1
io.grpc:grpc-stub	1.69.0 -> 1.69.1
io.grpc:grpc-core	1.69.0 -> 1.69.1
co.elastic.clients:elasticsearch-java	8.17.0 -> 8.17.1
io.projectreactor:reactor-core	3.7.1 -> 3.7.2
com.couchbase.client:metrics-micrometer (source)	0.7.6 -> 0.7.7
com.couchbase.client:java-client (source)	3.7.6 -> 3.7.7
com.couchbase.client:kotlin-client (source)	1.4.6 -> 1.4.7
org.springframework:spring-beans	6.2.1 -> 6.2.2
org.springframework:spring-context	6.2.1 -> 6.2.2
io.quarkus	3.17.6 -> 3.17.7
io.quarkus.arc:arc	3.17.6 -> 3.17.7
io.quarkus:quarkus-rest	3.17.6 -> 3.17.7
io.quarkus:quarkus-bom	3.17.6 -> 3.17.7

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

ben-manes/caffeine (com.github.ben-manes.caffeine:caffeine)

v3.2.0: 3.2.0

Cache

• Added Sigstore signing of maven artifacts
• Added Expiry static factory methods (#​1499)
• Migrated to JSpecify annotations (was checker framework)
• Fixed variable expiration calculation when nearing overflow
• Added logging when an async cache's removal listener fails
• Added an expiration write optimization to more operations (#​1320)
• Fixed when a Weigher or Expiry fail on an async completion (#​1687)
• Fixed cases when the expiration ticker was also used for statistics (#​1678)
• Fixed refresh handling to skip if the async cache's entry is still loading (#​1478)
• Fixed containsKey for an async cache's synchronous view while in-flight (#​1626)
• Fixed premature expiration for an async cache when using nearly immediate expiration (#​1623)
• For a bulk async load returning extra mappings, wait to be added to the cache before returning (#​1409)

Guava

• Relaxed the OSGi version requirement (#​1160)

JCache

• Allow hibernate.javax.cache.uri to load the configuration from a jar (#​1347)

pgjdbc/pgjdbc (org.postgresql:postgresql)

v42.7.5

Added

• ci: Test with Java 23 PR #​3381

Fixed

• regression: revert change in fc60537 PR #​3476
• fix: PgDatabaseMetaData implementation of catalog as param and return value PR #​3390
• fix: Support default GSS credentials in the Java Postgres client PR #​3451
• fix: return only the transactions accessible by the current_user in XAResource.recover PR #​3450
• feat: don't force send extra_float_digits for PostgreSQL >= 12 fix Issue #​3432 PR #​3446
• fix: exclude "include columns" from the list of primary keys PR #​3434
• perf: Enhance the meta query performance by specifying the oid. PR #​3427
• feat: support getObject(int, byte[].class) for bytea PR #​3274
• docs: document infinity and some minor edits PR #​3407
• fix: Added way to check for major server version, fixed check for RULE PR #​3402
• docs: fixed remaining paragraphs PR #​3398
• docs: fixed paragraphs in javadoc comments PR #​3397
• fix: Reuse buffers and reduce allocations in GSSInputStream addresses Issue #​3251 PR #​3255
• chore: Update Gradle to 8.10.2 PR #​3388
• fix: getSchemas() PR #​3386
• fix: Update rpm postgresql-jdbc.spec.tpl with scram-client PR #​3324
• fix: Clearing thisRow and rowBuffer on close() of ResultSet Issue #​3383 PR #​3384
• fix: Package was renamed to maven-bundle-plugin PR #​3382
• fix: As of version 18 the RULE privilege has been removed PR #​3378
• fix: use buffered inputstream to create GSSInputStream PR #​3373
• test: get rid of 8.4, 9.0 pg versions and use >= jdk version 17 PR #​3372
• Changed docker-compose version and renamed script file in instructions to match the real file name PR #​3363
• test:Do not assume "test" database in DatabaseMetaDataTransactionIsolationTest PR #​3364
• try to categorize dependencies PR #​3362

JetBrains/Exposed (org.jetbrains.exposed:exposed-jdbc)

v0.58.0

Compare Source

What's Changed

Breaking changes:

• fix: EXPOSED-662 SchemaUtils.listTables() returns empty list & closes db connection by @​joc-a in https://github.com/JetBrains/Exposed/pull/2331
  • SchemaUtils.listTables() returns only the tables from the current schema. The behaviour was returned to the 0.56.0 version.
  • To get tables from all the schemas the method SchemaUtils.listTablesInAllSchemas() could be used.

Features:

• feat: [MariaDB] Support RETURNING clause by @​devgor88 in https://github.com/JetBrains/Exposed/pull/2330
• feat: EXPOSED-654 Allow customizing the check constraint names of columns with check constraints by @​joc-a in https://github.com/JetBrains/Exposed/pull/2340

Infrastructure:

• springFramework 6.2.1
• log4j2 2.24.3
• org.junit:junit-bom 5.11.4
• org.jetbrains.dokka 2.0.0
• springBoot 3.4.1
• kotlinCoroutines 1.10.0
• kotlinCoroutines 1.10.1
• org.xerial:sqlite-jdbc from 3.47.2.0
• org.jetbrains.kotlinx.binary-compatibility-validator 0.17.0
• org.jetbrains.kotlinx:kotlinx-serialization-json 1.8.0

Docs:

• docs: Update documentation website by @​github-actions in https://github.com/JetBrains/Exposed/pull/2304
• docs: EXPOSED-207 Add link to SQLite ALTER TABLE restrictions in SchemaUtils Kdocs by @​bog-walk in https://github.com/JetBrains/Exposed/pull/2338
• docs: EXPOSED-670 Adjust YouTrack issue visibility and PR guidelines by @​bog-walk in https://github.com/JetBrains/Exposed/pull/2337
• docs: EXPOSED-600 Add links to API docs for functions and classes by @​vnikolova in https://github.com/JetBrains/Exposed/pull/2339
• docs: EXPOSED-682 Switch api link from deprecated select() by @​bog-walk in https://github.com/JetBrains/Exposed/pull/2349
• EXPOSED-675 Clarify that sort methods are from the Kotlin std lib by @​vnikolova in https://github.com/JetBrains/Exposed/pull/2352

grpc/grpc-java (io.grpc:grpc-netty)

v1.69.1

Bug Fixes

• okhttp: Improve certificate handling by rejecting non-ASCII subject alternative names and hostnames as seen in CVE-2021-0341 (#​11749) (a0982ca). Hostnames are considered trusted and CAs are required to use punycode for non-ASCII hostnames, so this is expected to provide defense-in-depth. See also the related GoSecure blog post and the AOSP fix
• xds: Preserve nonce when unsubscribing last watcher of a particular type so that new discovery requests of that type are handled correctly (1cf1927). This (along with 1cf1927) fixes a nonce-handling regression introduced in 1.66.0 that could cause resources to appear to not exist until re-creating the ADS stream. Triggering the behavior required specific config changes. It is easiest to trigger when clusters use EDS and routes are changed from one cluster to another. The error “found 0 leaf (logical DNS or EDS) clusters for root cluster” might then be seen
• xds: Remember nonces for unknown types (6c12c2b)
• xds: Unexpected types in the bootstrap’s server_features should be ignored (e8ff6da). They were previously required to be strings
• xds: Fixed unsupported unsigned 32 bits issue for circuit breaker (#​11735) (f8f6139). This fixes clients treating large max_requests as “no requests” and failing all requests
• xds: Remove xds authority label from metric registration (#​11760) (6516c73). This fixes the error “Incorrect number of required labels provided. Expected: 4” introduced in 1.69.0

reactor/reactor-core (io.projectreactor:reactor-core)

v3.7.2

What's Changed

✨ New features and improvements

• Depend on Micrometer 1.14.3 by @​chemicL in 0b721c5, check the release notes

📖 Documentation

• Update schedulers.adoc, Supplementary semicolon by @​ShuiMu-peng in https://github.com/reactor/reactor-core/pull/3951

New Contributors

• @​ShuiMu-peng made their first contribution in https://github.com/reactor/reactor-core/pull/3951

Full Changelog: reactor/reactor-core@v3.7.1...v3.7.2

spring-projects/spring-framework (org.springframework:spring-beans)

v6.2.2

⭐ New Features

• Track only qualifier annotations in BeanOverrideHandler #​34260
• Remove @FunctionalInterface declaration from BeanOverrideProcessor #​34259
• Refine default filtered headers for web data binding #​34182
• Improve query params in uri KeyValue with HTTP interface client #​34176
• Refine location checks for PathResource #​34167
• Avoid virtual thread pinning in procedure calling #​34133
• Type-level constraint violation should result in ParameterErrors #​34105
• Avoid logger serialization behind shared EntityManager proxy #​34084
• Improve PathMatcher to PathPatternParser migration in mvc XML configuration #​34064
• Support @MockitoBean at the type level on test classes #​33925

🐞 Bug Fixes

• HttpHeadersAssert#doesNotContainsHeaders has a typo #​34263
• Deadlock with background EntityManager bootstrap due to locking in getSingletonFactoryBeanForTypeCheck #​34247
• ApplicationListener no longer invoked for double generic ApplicationEvent with 6.2.1 #​34234
• Nested transaction savepoints are broken in SQL Server #​34233
• Error handling override in DefaultResponseErrorHandler ignored after upgrade to 6.2.0 #​34231
• FileNotFoundException is thrown when using ConfigurationPropertiesScan with Spring Context 6.2.1 #​34216
• BindException declared but not handled by ExceptionHandler #​34214
• @TestBean factory method resolution is incorrect within class hierarchy #​34204
• Bean Override in superclass takes precedence over Bean Override in subclass #​34194
• Ensure AsyncListener#onError does not return until dispatch completes #​34192
• BeanNotOfRequiredTypeException during transaction qualifier resolution in 6.2.1 #​34187
• BeanCurrentlyInCreationException is thrown when multiple threads simultaneously try to create bean #​34186
• DataBinder throws IndexOutOfBoundsException when indexed parameter uses nonconsecutive indices #​34145
• NullPointerException is thrown if WebClient is used with Apache Httpclient and cookies are disabled #​34132
• Wrong parentId tracking in FlightRecorderApplicationStartup #​34128
• PathMatchingResourcePatternResolver is not able to resolve file in SpringBoot Packaged JAR #​34126
• Placeholder resolution no longer considers exact match before resolving the placeholder key #​34124
• DataBinder throws StringIndexOutOfBoundsException for indexed property without nested property path #​34121
• Dependency injection matches wildcards too leniently with 6.2.1 #​34119
• PathMatchingResourcePatternResolver throws FileNotFoundException caused by wrong cache path #​34111
• SpEL fails to invoke MethodHandle function reference accepting only varargs #​34109
• Generic with a base type is no longer resolved to its base if the generic is unresolved #​34086
• DataBinder throws StringIndexOutOfBoundsException for map property without nested property path #​34043
• Fix implicit variable resolution in JSP EvalTag #​33945

📔 Documentation

• Fix inaccuracy in RequestHeaderArgumentResolver Javadoc #​34230
• Document that http.client.requests measure the entire HTTP exchange #​34201
• Misuse of em dash in "Basic Concept" section #​34165
• Fix typo in link #​34149
• Broken syntax in xml sample of "Reference to Other Beans" section #​34148
• Fix minor typo in reference documentation for Kotlin annotations #​34134
• Clarify documentation for the default uri client request observation metric #​34116
• Fix broken links in the web reference documentation #​34115
• Bean creation lazily ignores annotations like @EventListener #​34057

🔨 Dependency Upgrades

• Upgrade to Micrometer 1.14.3 #​34251
• Upgrade to Reactor 2024.0.2 #​34252

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Mattias-Sehlstedt, @​Spanching, @​brendenehlers, @​izeye, @​luozongle01, @​micopiira, @​ngocnhan-tran1996, @​quaff, @​rPraml, @​remeio, and @​scordio

quarkusio/quarkus (io.quarkus.arc:arc)

v3.17.7

Compare Source

Complete changelog

• #​10264 - elytron security: define role mapper (was: ldap security - role mapper)
• #​44047 - Demote Agroal's "JDBC resources leaked" warnings to DEBUG
• #​44540 - FORMAT_FAILURE when using Log.error(Object,Throwable)
• #​44565 - Ensure that all our handlers extend ExtHandler
• #​44773 - OpenAPI Extension (smallrye) produces wrong schema for Flow based return types
• #​45150 - OpenAPI Extension Misses Jackson Annotations on Methods that Return a Parameterized Type
• #​45167 - Long.parseLong Error with Redis Client Instrumentation
• #​45224 - PermissionChecker does not handle list of permission correctly
• #​45364 - Don't treat colon as a permission-to-action separator in @PermissionChecker value attribute
• #​45419 - Fix typos in deploying-to-kubernetes.adoc
• #​45424 - Bump smallrye-open-api.version from 4.0.5 to 4.0.6
• #​45439 - OpenTelemetry: fix the Redis instrumenter in case of a tainted connection
• #​45467 - Add FAQ about thread dumps in native reference guide
• #​45471 - Update code to get Mandrel version from native executable
• #​45482 - Execute the MongoDB Connection Health Check on Startup
• #​45486 - Remove yq installation step from GitHub Actions workflows
• #​45487 - Fix Quarkus platform BOM version info collection for analytics
• #​45509 - Parallelize bean scanning in SmallRyeFaultToleranceProcessor
• #​45512 - Add a cache for class proxies in BytecodeRecorderImpl
• #​45517 - Make scheduler timezone documentation consistent with javadoc
• #​45518 - Remove erroneous state tracking from client readers/writers
• #​45523 - Fix Mongo health checks
• #​45536 - Quarkus REST - Use ByteBufInputStream instead of copying bytes
• #​45564 - fix: possible NPE if data has not been set yet
• #​45576 - Revert "[oracle-jdbc] Remove unnecessary conditionals from @BuildSteps in the Oracle JDBC extension"
• #​45583 - Adjust logging level for JDBC resource leak warnings
• #​45586 - Elytron security LDAP: Document and test mapping of LDAP groups to SecurityIdentity roles

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Code Coverage

File	Coverage [100.00%]	✅
lib/stove-testing-e2e-wiremock/src/main/kotlin/com/trendyol/stove/testing/e2e/wiremock/Extensions.kt	100.00%	✅
starters/spring/stove-spring-testing-e2e-kafka/src/main/kotlin/com/trendyol/stove/testing/e2e/kafka/Caching.kt	100.00%	✅

Total Project Coverage	72.42%	❌

[codecov]

Codecov Report

Attention: Patch coverage is 66.66667% with 1 line in your changes missing coverage. Please review.

Project coverage is 83.08%. Comparing base (18d1a96) to head (48b0099).
Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
.../trendyol/stove/testing/e2e/wiremock/Extensions.kt	0.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #684      +/-   ##
==========================================
+ Coverage   83.04%   83.08%   +0.03%     
==========================================
  Files          85       85              
  Lines        2637     2637              
  Branches      163      163              
==========================================
+ Hits         2190     2191       +1     
  Misses        342      342              
+ Partials      105      104       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.