Skip to content

Bump the all-modules group across 1 directory with 5 updates#1513

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/sda-sftp-inbox/all-modules-f45e7b35bf
Closed

Bump the all-modules group across 1 directory with 5 updates#1513
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/sda-sftp-inbox/all-modules-f45e7b35bf

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 24, 2025
edited
Loading

Bumps the all-modules group with 5 updates in the /sda-sftp-inbox directory:

Package From To
org.springframework.boot:spring-boot-starter-parent 3.4.2 3.4.4
org.apache.sshd:sshd-sftp 2.14.0 2.15.0
com.amazonaws:aws-java-sdk-s3 1.12.781 1.12.782
com.google.guava:guava 33.4.0-jre 33.4.5-jre
org.junit.vintage:junit-vintage-engine 5.11.4 5.12.1

Updates org.springframework.boot:spring-boot-starter-parent from 3.4.2 to 3.4.4

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.4.4

❗ Noteworthy Changes

Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.

Please see the updated release notes for details.

🐞 Bug Fixes

  • Actuator throws an exception when using prototype scoped DataSource bean #44706
  • Docker API error message is missing in some cases #44630
  • DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public #44585
  • When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource #44516
  • When the main class is not proxied, native testing that uses the application's main method does not work #44481
  • When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream #44473
  • When loading from a resource, PemContent does not close the InputStream #44454
  • ResourceBanner does not close the InputStream used to read the banner #44452
  • ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader #44450
  • Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' #44437
  • Kafka in native-image fails when using SSL bundles #44436
  • Nested test classes don't inherit properties from @DataJpaTest on enclosing class #44407
  • Failure diagnostics are poor when trying to use an image platform that is not supported by the builder #44059
  • Checking if APR is available logs a warning on Java 24 #44033

📔 Documentation

  • Multiline properties in documentation are missing backslashes #44790
  • Polish javadoc of SqlR2dbcScriptDatabaseInitializer #44764
  • Document support for Java 24 #44754
  • Remove OpenShift link that 404s #44748
  • Fix link to javadoc for JavaExec.setArgsString #44536
  • Fix typo in documentation #44523
  • Update descriptions of properties that no longer require Flyway Teams #44483
  • Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA #44469
  • Samples for metadata annotation processers have invalid fold attribute #44420
  • Clarify which Mongo properties are ignored when URI property is set #44404
  • Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener #44402

🔨 Dependency Upgrades

  • Upgrade to ActiveMQ 6.1.6 #44663
  • Upgrade to AspectJ 1.9.23 #44720
  • Upgrade to Groovy 4.0.26 #44546
  • Upgrade to Hibernate 6.6.11.Final #44739
  • Upgrade to Infinispan 15.0.14.Final #44548
  • Upgrade to Jackson Bom 2.18.3 #44549
  • Upgrade to Jetty 12.0.18 #44774
  • Upgrade to Jetty Reactive HTTPClient 4.0.9 #44773
  • Upgrade to jOOQ 3.19.21 #44665
  • Upgrade to Logback 1.5.18 #44775
  • Upgrade to Maven Deploy Plugin 3.1.4 #44552

... (truncated)

Commits
  • d4eb556 Increase Nexus timeouts
  • 0226b6a Release v3.4.4
  • 6ba94ae Merge branch '3.3.x' into 3.4.x
  • 36a5936 Next development version (v3.3.11-SNAPSHOT)
  • 375aba6 Upgrade to Spring Framework 6.2.5
  • 37e4a3c Merge branch '3.3.x' into 3.4.x
  • 99fa21c Upgrade to asciidoctor-extensions 1.0.0-alpha.17
  • f86a6fb Upgrade to Spring Batch 5.2.2
  • 6567609 Merge branch '3.3.x' into 3.4.x
  • 80b6c59 Improve debuggability of DockerComposeTestExtension
  • Additional commits viewable in compare view

Updates org.apache.sshd:sshd-sftp from 2.14.0 to 2.15.0

Release notes

Sourced from org.apache.sshd:sshd-sftp's releases.

Apache MINA SSHD 2.15.0

What's Changed

New Contributors

Full Changelog: apache/mina-sshd@sshd-2.14.0...sshd-2.15.0

Changelog

Sourced from org.apache.sshd:sshd-sftp's changelog.

Previous Versions

Latest Released Version

Planned for Next Version

Bug Fixes

  • GH-650 Use the correct key from a user certificate in server-side pubkey auth
  • GH-663 Fix racy IoSession creation
  • GH-664 Skip MAC negotiation if an AEAD cipher was negotiated
  • GH-677 Fix current directory handling in ScpShell for WinSCP
  • GH-678 ScpShell: write month names in English for WinSCP
  • GH-690 Handle append mode for buggy SFTP v3 servers
  • GH-700 Fix race in AbstractCloseable.doCloseImmediately()

New Features

  • GH-705 New method TcpipServerChannel.getPort() returning the ChannelToPortHandler

  • SSHD-1161 Support pubkey auth with user certificates (server-side)

    • Client-side support was introduced in version 2.8.0 already

  • SSHD-1167 Check host certificates against known_hosts file (implements @cert-authority)

Potential Compatibility Issues

Client-side KEX: we've changed the default of the setting CoreModuleProperties.ABORT_ON_INVALID_CERTIFICATE from false to true.

... (truncated)

Commits
  • c651f7c [maven-release-plugin] prepare release sshd-2.15.0
  • 2835991 Bump version to 2.15.0-SNAPSHOT
  • 909b5e2 Abstract revoked key handling in KnownHostsServerKeyVerifier
  • 11a9277 Update documentation
  • 3427b21 Bump Bouncy Castle 1.79 -> 1.80
  • e59dd00 GH-654: sshd-contrib: use test scope for assertj dependency
  • e5f805e OpenSshmlKemTest: use alpine 3.21
  • 7b19f6b Update CHANGES.md
  • fb21e1f Merge pull request #639 from ianjoneill/f-ed25519-bc
  • 9c49609 Update docs
  • Additional commits viewable in compare view

Updates com.amazonaws:aws-java-sdk-s3 from 1.12.781 to 1.12.782

Changelog

Sourced from com.amazonaws:aws-java-sdk-s3's changelog.

1.12.782 2025-02-17

AWS SDK for Java

  • Features

    • Add account endpoint business metrics to user agent
Commits

Updates com.google.guava:guava from 33.4.0-jre to 33.4.5-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.4.5

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about Guava 33.4.5's effect on the module system.

Known issue: We misconfigured our build, so Guava 33.4.5 contains an extra copy of each of its classes. This will be fixed when we release 33.4.6. Sorry for the trouble. For now, you can still upgrade to 33.4.4, which does not contain the extra copies.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.5-jre</version>
  <!-- or, for Android: -->
  <version>33.4.5-android</version>
</dependency>

Jar files

Guava requires one runtime dependency, which you can download here:

Javadoc

JDiff

Changelog

  • Changed the Guava jar (plus guava-testlib and failureaccess jars) to be a modular jar. (7a71ea0bfa, 287c701a86)
  • Changed various classes to stop using sun.misc.Unsafe under Java 9+. (ee63055ddd, 80aab00dc5b7a36785f5e09b6a54397388980cde, 400af25292096746ed3f6164f0ff88209acbb19f, 71d0692d418a5dd001c9b3786275a5f1f94e1971, d1a3cd5037528a2ae990bfceed9cdd009fbc54de, b3bb29a54b8f13d6f6630b6cb929867adbf6b9a0, 1a300f6b2f7ba03ae9bc3620a80c4d4589c65b69)
    • Note that, if you use guava-android on the JVM (instead of using guava-jre), Guava will still try to use sun.misc.Unsafe. We will do further work on this in the future.
  • Belatedly updated the Public Suffix List data. (ee3b9c64382037f72b3a8341915cc64b87850b53, d25d62fc843ece1c3866859bc8639b815093eac8)

Special thanks to @​sgammon for his modularization efforts.

33.4.4

This is one of a series of releases that improve Guava's nullness annotations. For more information, including troubleshooting help, see the release notes for Guava 33.4.1. Most users can update directly to Guava 33.4.5.

Maven

... (truncated)

Commits

Updates org.junit.vintage:junit-vintage-engine from 5.11.4 to 5.12.1

Release notes

Sourced from org.junit.vintage:junit-vintage-engine's releases.

JUnit 5.12.1 = Platform 1.12.1 + Jupiter 5.12.1 + Vintage 5.12.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.12.0...r5.12.1

JUnit 5.12.0 = Platform 1.12.0 + Jupiter 5.12.0 + Vintage 5.12.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.11.4...r5.12.0

JUnit 5.12.0-RC2 = Platform 1.12.0-RC2 + Jupiter 5.12.0-RC2 + Vintage 5.12.0-RC2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.12.0-RC1...r5.12.0-RC2

JUnit 5.12.0-RC1 = Platform 1.12.0-RC1 + Jupiter 5.12.0-RC1 + Vintage 5.12.0-RC1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.12.0-M1...r5.12.0-RC1

JUnit 5.12.0-M1 = Platform 1.12.0-M1 + Jupiter 5.12.0-M1 + Vintage 5.12.0-M1

See Release Notes.

New Contributors

... (truncated)

Commits
  • ba9c9ae Release 5.12.1
  • e28ad4a Finalize 5.12.1 release notes
  • 1044e2c Move entry to 5.12.1 release notes
  • bea821d Fix Javadoc formatting
  • 1a1a67d Set stable module name for the standalone JAR file
  • 062d3fa Remove internal packages from API reports
  • 74521ab Introduce ExtensionContext.getEnclosingTestClasses()
  • 1e135b9 Create initial 5.12.1 release notes from template
  • d540e4f Link to correct method
  • 31d60b7 Split API reports by module and package
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-modules group across 1 directory with 5 updates
4dfa67d 
Bumps the all-modules group with 5 updates in the /sda-sftp-inbox directory:

| Package | From | To |
| --- | --- | --- |
| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.4.2` | `3.4.4` |
| [org.apache.sshd:sshd-sftp](https://github.com/apache/mina-sshd) | `2.14.0` | `2.15.0` |
| [com.amazonaws:aws-java-sdk-s3](https://github.com/aws/aws-sdk-java) | `1.12.781` | `1.12.782` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.4.0-jre` | `33.4.5-jre` |
| [org.junit.vintage:junit-vintage-engine](https://github.com/junit-team/junit5) | `5.11.4` | `5.12.1` |



Updates `org.springframework.boot:spring-boot-starter-parent` from 3.4.2 to 3.4.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.4.2...v3.4.4)

Updates `org.apache.sshd:sshd-sftp` from 2.14.0 to 2.15.0
- [Release notes](https://github.com/apache/mina-sshd/releases)
- [Changelog](https://github.com/apache/mina-sshd/blob/master/CHANGES.md)
- [Commits](apache/mina-sshd@sshd-2.14.0...sshd-2.15.0)

Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.781 to 1.12.782
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](aws/aws-sdk-java@1.12.781...1.12.782)

Updates `com.google.guava:guava` from 33.4.0-jre to 33.4.5-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.junit.vintage:junit-vintage-engine` from 5.11.4 to 5.12.1
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit-framework@r5.11.4...r5.12.1)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-modules
- dependency-name: org.apache.sshd:sshd-sftp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-modules
- dependency-name: com.amazonaws:aws-java-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-modules
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-modules
- dependency-name: org.junit.vintage:junit-vintage-engine
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from a team March 24, 2025 21:12
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 24, 2025
@jbygdell jbygdell self-requested a review March 25, 2025 08:17
@Parisa68 Parisa68 mentioned this pull request Mar 27, 2025
Merged
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 28, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Mar 28, 2025
@dependabot dependabot Bot deleted the dependabot/maven/sda-sftp-inbox/all-modules-f45e7b35bf branch March 28, 2025 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jbygdell jbygdell Awaiting requested review from jbygdell

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jbygdell