Skip to content

Bump the all-dependencies group across 1 directory with 11 updates #523

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the all-dependencies group across 1 directory with 11 updates #523

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 1, 2025
edited
Loading

Bumps the all-dependencies group with 11 updates in the /router directory:

Package From To
com.amazonaws:aws-lambda-java-core 1.2.3 1.3.0
com.amazonaws:aws-lambda-java-events 3.14.0 3.15.0
org.slf4j:slf4j-api 2.0.16 2.0.17
com.fasterxml.jackson.core:jackson-databind 2.18.2 2.19.0
com.fasterxml.jackson.module:jackson-module-kotlin 2.18.2 2.19.0
com.google.guava:guava 33.4.0-jre 33.4.8-jre
org.junit.jupiter:junit-jupiter-engine 5.11.4 5.13.0
org.junit.jupiter:junit-jupiter-params 5.11.4 5.13.0
org.assertj:assertj-core 3.27.2 3.27.3
io.mockk:mockk 1.13.14 1.14.2
ch.qos.logback:logback-classic 1.5.16 1.5.18

Updates com.amazonaws:aws-lambda-java-core from 1.2.3 to 1.3.0

Commits

Updates com.amazonaws:aws-lambda-java-events from 3.14.0 to 3.15.0

Commits

Updates org.slf4j:slf4j-api from 2.0.16 to 2.0.17

Updates com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.19.0

Commits

Updates com.fasterxml.jackson.module:jackson-module-kotlin from 2.18.2 to 2.19.0

Commits
  • 023a1fc [maven-release-plugin] prepare release jackson-module-kotlin-2.19.0
  • bb76ac6 Prep for 2.19.0 release
  • 5b51812 Merge pull request #962 from k163377/fix/published
  • 055bd47 Fixed to not expose internal function
  • 3fef434 Merge pull request #961 from FasterXML/dependabot/github_actions/github-actio...
  • c3244f5 Bump actions/setup-java from 4.7.0 to 4.7.1 in the github-actions group
  • 268d222 Merge pull request #960 from k163377/fix/runs-on
  • 49dbd07 Add dependabot.yml
  • 15b73a0 Fixed versions of actions/checkout and actions/setup-java
  • 9d50fd7 Fixed to use ubuntu-latest in runs-on
  • Additional commits viewable in compare view

Updates com.google.guava:guava from 33.4.0-jre to 33.4.8-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.4.8

Guava 33.4.8 fixes a problem that we introduced while starting to migrate guava-android off Unsafe in 33.4.7.

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about the effects of Guava 33.4.5 and higher on the module system.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.8-jre</version>
  <!-- or, for Android: -->
  <version>33.4.8-android</version>
</dependency>

Jar files

Guava requires one runtime dependency, which you can download here:

Javadoc

JDiff

Changelog

  • util.concurrent: Removed our VarHandle code from guava-android. While the code was never used at runtime under Android, it was causing problems under the Android Gradle Plugin with a minSdkVersion below 26. To continue to avoid sun.misc.Unsafe under the JVM, guava-android will now always use AtomicReferenceFieldUpdater when run there. (75da92419a)

33.4.7

Prefer to upgrade straight to 33.4.8: 33.4.7 breaks the build of Android apps with a minSdkVersion below 26. We will publish a fixed version soon. This problem is fixed in 33.4.8.

Guava 33.4.7, like 33.4.6, fixes two problems that we introduced while modularizing Guava and migrating off Unsafe in 33.4.5.

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about the effects of Guava 33.4.5 and higher on the module system.

Maven

... (truncated)

Commits

Updates org.junit.jupiter:junit-jupiter-engine from 5.11.4 to 5.13.0

Release notes

Sourced from org.junit.jupiter:junit-jupiter-engine's releases.

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M2...r5.13.0-M3

JUnit 5.13.0-M2 = Platform 1.13.0-M2 + Jupiter 5.13.0-M2 + Vintage 5.13.0-M2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M1...r5.13.0-M2

JUnit 5.13.0-M1 = Platform 1.13.0-M1 + Jupiter 5.13.0-M1 + Vintage 5.13.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.12.1...r5.13.0-M1

JUnit 5.12.2 = Platform 1.12.2 + Jupiter 5.12.2 + Vintage 5.12.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.12.1...r5.12.2

JUnit 5.12.1 = Platform 1.12.1 + Jupiter 5.12.1 + Vintage 5.12.1

... (truncated)

Commits
  • f539f92 Release 5.13.0
  • a54ad65 Use set/get on AtomicBoolean compatibility with Java 8
  • 9bb6a0f Finalize 5.13.0 release notes
  • 5f0e4e6 Remove short-circuiting to ensure all classes are checked for cycles (#4598)
  • 36bb005 Improve assertion failure message in TestClassPredicatesTests
  • 2c86dfa Avoid publishing Gradle Module Metadata for shadowRuntimeElements
  • 4b27910 Allow publishing files to an existing directory
  • b819306 Fix console launcher's --uid option (#4589)
  • df46651 Fix :junit-platform-console:compileModule
  • 182a268 Force Gradle to update snapshots
  • Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter-params from 5.11.4 to 5.13.0

Release notes

Sourced from org.junit.jupiter:junit-jupiter-params's releases.

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M2...r5.13.0-M3

JUnit 5.13.0-M2 = Platform 1.13.0-M2 + Jupiter 5.13.0-M2 + Vintage 5.13.0-M2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M1...r5.13.0-M2

JUnit 5.13.0-M1 = Platform 1.13.0-M1 + Jupiter 5.13.0-M1 + Vintage 5.13.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.12.1...r5.13.0-M1

JUnit 5.12.2 = Platform 1.12.2 + Jupiter 5.12.2 + Vintage 5.12.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.12.1...r5.12.2

JUnit 5.12.1 = Platform 1.12.1 + Jupiter 5.12.1 + Vintage 5.12.1

... (truncated)

Commits
  • f539f92 Release 5.13.0
  • a54ad65 Use set/get on AtomicBoolean compatibility with Java 8
  • 9bb6a0f Finalize 5.13.0 release notes
  • 5f0e4e6 Remove short-circuiting to ensure all classes are checked for cycles (#4598)
  • 36bb005 Improve assertion failure message in TestClassPredicatesTests
  • 2c86dfa Avoid publishing Gradle Module Metadata for shadowRuntimeElements
  • 4b27910 Allow publishing files to an existing directory
  • b819306 Fix console launcher's --uid option (#4589)
  • df46651 Fix :junit-platform-console:compileModule
  • 182a268 Force Gradle to update snapshots
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.2 to 3.27.3

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.3

💥 Breaking Changes

Core

  • Revert "Propagate common basetype for the extracting method" #3737

    The enhancement introduced with #3673 breaks existing code on Kotlin 1.9; therefore, it has been reverted.

    As Spring Boot 3.4 currently supports Kotlin 1.9, we want to keep the same compatibility on AssertJ 3.x, while AssertJ 4.x will require Kotlin 2.x.

    Existing code relying on the changes introduced with #3673 will no longer compile and should be refactored.

🐛 Bug Fixes

Core

  • Fix StandardRepresentation regression for unquoted strings #3735

⚡ Improvements

Core

  • Add Class info to class loading strategy failures #3746

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​ccrvincent

Commits
  • c928dd3 [maven-release-plugin] prepare release assertj-build-3.27.3
  • f308d95 Fix StandardRepresentation regression for unquoted strings (#3735)
  • e5959f4 Add Java and Kotlin release references
  • 3eb809d Add Kotlin EAP reference
  • b39a8cf Add Kotlin 2.1.10-RC
  • e20e40d Add Class info to failure exception (#3746)
  • 79b87f0 Revert "Propagate common basetype for the extracting method (#3673)" (#3737)
  • bf439b3 chore(deps): bump com.diffplug.spotless:spotless-maven-plugin from 2.43.0 to ...
  • 30936ca Restructure Kotlin tests, add DisplayNameGenerator
  • b5b86cc Add Kotlin cross-version job (#3732)
  • Additional commits viewable in compare view

Updates io.mockk:mockk from 1.13.14 to 1.14.2

Release notes

Sourced from io.mockk:mockk's releases.

1.14.2

What's Changed

Full Changelog: mockk/mockk@1.14.0...1.14.2

1.14.0

What's Changed

New Contributors

Full Changelog: mockk/mockk@1.13.17...1.14.0

1.13.17

What's Changed

New Contributors

Full Changelog: mockk/mockk@1.13.16...1.13.17

1.13.16

What's Changed

Full Changelog: mockk/mockk@1.13.14...1.13.16

Commits

Updates ch.qos.logback:logback-classic from 1.5.16 to 1.5.18

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.17

2025-02-25 Release of logback version 1.5.17

• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.

• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits
  • b2a02f0 prepare release 1.5.18
  • 991de58 remove references to AccessController marked for deletion in the JDK
  • f54ab16 If compression mode is XZ but the XZ library is missing, then fallback to GZ ...
  • fb45971 add support for XZ compression
  • 31c1f55 add xz compression support with tests
  • 8968d0f introduce strategy based compression
  • 834059c start work on 1.5.18-SNAPSHOT
  • 1035872 prepare release 1.5.17
  • 2e6984d bump to slf4j version 2.0.17
  • 1009952 use a new LoggerContert instance when running LogbackListenerTest. This shoul...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-dependencies group across 1 directory with 11 updates
0fc58e4 
Bumps the all-dependencies group with 11 updates in the /router directory:

| Package | From | To |
| --- | --- | --- |
| [com.amazonaws:aws-lambda-java-core](https://github.com/aws/aws-lambda-java-libs) | `1.2.3` | `1.3.0` |
| [com.amazonaws:aws-lambda-java-events](https://github.com/aws/aws-lambda-java-libs) | `3.14.0` | `3.15.0` |
| org.slf4j:slf4j-api | `2.0.16` | `2.0.17` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.18.2` | `2.19.0` |
| [com.fasterxml.jackson.module:jackson-module-kotlin](https://github.com/FasterXML/jackson-module-kotlin) | `2.18.2` | `2.19.0` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.4.0-jre` | `33.4.8-jre` |
| [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit5) | `5.11.4` | `5.13.0` |
| [org.junit.jupiter:junit-jupiter-params](https://github.com/junit-team/junit5) | `5.11.4` | `5.13.0` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.2` | `3.27.3` |
| [io.mockk:mockk](https://github.com/mockk/mockk) | `1.13.14` | `1.14.2` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.16` | `1.5.18` |



Updates `com.amazonaws:aws-lambda-java-core` from 1.2.3 to 1.3.0
- [Commits](https://github.com/aws/aws-lambda-java-libs/commits)

Updates `com.amazonaws:aws-lambda-java-events` from 3.14.0 to 3.15.0
- [Commits](https://github.com/aws/aws-lambda-java-libs/commits)

Updates `org.slf4j:slf4j-api` from 2.0.16 to 2.0.17

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.18.2 to 2.19.0
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.module:jackson-module-kotlin` from 2.18.2 to 2.19.0
- [Commits](FasterXML/jackson-module-kotlin@jackson-module-kotlin-2.18.2...jackson-module-kotlin-2.19.0)

Updates `com.google.guava:guava` from 33.4.0-jre to 33.4.8-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.junit.jupiter:junit-jupiter-engine` from 5.11.4 to 5.13.0
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit-framework@r5.11.4...r5.13.0)

Updates `org.junit.jupiter:junit-jupiter-params` from 5.11.4 to 5.13.0
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit-framework@r5.11.4...r5.13.0)

Updates `org.assertj:assertj-core` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.2...assertj-build-3.27.3)

Updates `io.mockk:mockk` from 1.13.14 to 1.14.2
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](mockk/mockk@1.13.14...1.14.2)

Updates `ch.qos.logback:logback-classic` from 1.5.16 to 1.5.18
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.16...v_1.5.18)

---
updated-dependencies:
- dependency-name: com.amazonaws:aws-lambda-java-core
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: com.amazonaws:aws-lambda-java-events
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.slf4j:slf4j-api
  dependency-version: 2.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: com.fasterxml.jackson.module:jackson-module-kotlin
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: com.google.guava:guava
  dependency-version: 33.4.8-jre
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: org.junit.jupiter:junit-jupiter-engine
  dependency-version: 5.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.junit.jupiter:junit-jupiter-params
  dependency-version: 5.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 1, 2025
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mduesterhoeft mduesterhoeft Awaiting requested review from mduesterhoeft mduesterhoeft is a code owner

@blockvote blockvote Awaiting requested review from blockvote blockvote is a code owner

@jmoennich jmoennich Awaiting requested review from jmoennich jmoennich is a code owner

@raoulk raoulk Awaiting requested review from raoulk raoulk is a code owner

@KennethWussmann KennethWussmann Awaiting requested review from KennethWussmann KennethWussmann is a code owner

@uberbinge uberbinge Awaiting requested review from uberbinge uberbinge is a code owner

@jwigankow jwigankow Awaiting requested review from jwigankow jwigankow is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants