[release-v1.19][maven]: Bump the patch group across 1 directory with 8 updates

[dependabot]

Bumps the patch group with 8 updates in the /data-plane directory:

Package	From	To
io.quarkus:quarkus-bom	3.25.0	3.25.4
io.micrometer:micrometer-bom	1.15.2	1.15.4
org.assertj:assertj-core	3.27.3	3.27.4
org.scala-lang:scala-reflect	2.13.14	2.13.16
com.google.cloud.tools:jib-maven-plugin	3.4.5	3.4.6
org.apache.maven.plugins:maven-surefire-plugin	3.5.3	3.5.4
org.apache.maven.plugins:maven-enforcer-plugin	3.6.0	3.6.1
org.apache.maven.plugins:maven-shade-plugin	3.6.0	3.6.1

Updates io.quarkus:quarkus-bom from 3.25.0 to 3.25.4

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.25.4

Complete changelog

• #47644 - Correct & clarify ActiveMQ Artemis doc details
• #49174 - "config property is deprecated and should not be used anymore" warnings in Gradle projects
• #49380 - Compose Dev Services do not work on Windows
• #49389 - OIDC Dev UI won't work behind an HTTP Proxy
• #49395 - Add Gradle repository to Bootstrap Core
• #49401 - Fix some other go-offline issues
• #49438 - Fix Proxy usage by OIDC devservices
• #49462 - Testing: "class loader confusion 1" (regression 3.25.0->3.25.1 + 3.25.2)
• #49470 - Quarkus extension using Gradle started failing after #49224
• #49489 - Update cors origin default info
• #49493 - Revisions for style and typos
• #49503 - Do not include default values when passing Gradle build configuration to Quarkus
• #49512 - Skip the root application artifact and clear the reloadable flag properly when processing deployment dependencies
• #49514 - Fix the extension Gradle plugin for the component variant-based approach
• #49521 - Upgrade to Vert.x 4.5.18 and Netty 4.1.124
• #49522 - Gradle configuration quarkusDev does not work since 3.25.1
• #49525 - Provided the example in yaml for logging customization
• #49529 - Set common attributes on quarkusDevCompileOnlyConfiguration
• #49532 - Cannot start application on 3.26.0.CR1
• #49539 - Hibernate Validator - Split feature in separate processor
• #49567 - Bump narayana-lra.version from 1.0.1.Final to 1.0.2.Final
• #49568 - Bump io.rest-assured:rest-assured from 5.5.5 to 5.5.6
• #49590 - Updates to Infinispan 15.0.19.Final
• #49604 - ComposeRunner - Avoid resetting env vars

3.25.3

Complete changelog

• #48503 - Continuous testing fails in multi-module project when using module as a dependency in 3.22 onwards
• #48946 - Native image: testGCCArgument produces confusing warnings
• #48959 - Avoids some WARNINGs from io.smallrye.common.process.Logging
• #49118 - 3.25.0 Docker Being Checked Always even if quarkus.devservices.enabled=false
• #49309 - Fix checking for docker enviroment when quarkus.devservices.enabled=false
• #49418 - java.lang.NullPointerException: Cannot invoke "String.replaceAll(String, String)" because the return value of "io.quarkus.devui.spi.buildtime.FooterLogBuildItem.getName()" is null
• #49419 - Enforce null checks for DiscoveredServiceBuilder
• #49422 - Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 in /devtools/gradle
• #49425 - Bump org.assertj:assertj-core from 3.27.3 to 3.27.4
• #49426 - Add wait_for.logs for Oracle DB Compose Dev Services example
• #49441 - Docs: Fix spelling typo in the Deploying to OpenShift guide
• #49446 - Bump org.mariadb.jdbc:mariadb-java-client from 3.5.4 to 3.5.5
• #49452 - Native container build does not redirect output to stdout
• #49454 - Log native build output to stdout
• #49455 - Fix native image generated static resources index
• #49456 - Make the ProcessBuilder calls intents a bit clearer
• #49467 - Add quarkus-extension-processor to quarkus-bom

... (truncated)

Commits

• 7d0fb76 [RELEASE] - Bump version to 3.25.4
• 8f0b37f Merge pull request #49614 from gsmet/3.25.4-backports-1
• b85aed4 Provided the example in yaml for logging customization
• d551302 Do not include default values when passing Gradle build configuration to Quarkus
• 46d30f8 ComposeRunner - Avoid resetting env vars
• c192dfa Updates to Infinispan 15.0.19.Final
• 4259178 Bump io.rest-assured:rest-assured from 5.5.5 to 5.5.6
• b7082e8 Upgrade to Vert.x 4.5.18 and Netty 4.1.124
• 109a35f Bump narayana-lra.version from 1.0.1.Final to 1.0.2.Final
• 0a023f5 Correct & clarify ActiveMQ Artemis doc details
• Additional commits viewable in compare view

Updates io.micrometer:micrometer-bom from 1.15.2 to 1.15.4

Release notes

Sourced from io.micrometer:micrometer-bom's releases.

1.15.4

🐞 Bug Fixes

• NettyAllocatorMetrics should not prevent collecting executors #6641
• [JOOQ] MetricsDSLContext - fetchExists doesn't report provided tags #6583

📔 Documentation

• add compatibility note for jOOQ overload delegation #6681

🔨 Dependency Upgrades

• Bump dropwizard-metrics from 4.2.33 to 4.2.36 #6677

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​HeeChanN

1.15.3

🐞 Bug Fixes

• Catch IllegalArgumentException in VirtualThreadMetrics #6584
• Handle ArrayIndexOutOfBoundsException from DoubleHistogram in TimeWindowPercentileHistogram.accumulate() defensively #6563

🔨 Dependency Upgrades

• Bump jersey3 from 3.1.10 to 3.1.11 #6607
• Bump com.netflix.spectator:spectator-reg-atlas from 1.8.16 to 1.8.17 #6600
• Bump io.netty:netty-bom from 4.1.122.Final to 4.1.123.Final #6537

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​genuss and @​izeye

Commits

• 68c4d22 Merge branch '1.14.x' into 1.15.x
• 2c77f86 Bump org.ehcache:ehcache from 3.10.8 to 3.10.9 (#6698)
• 05c9c05 Bump org.apache.felix:org.apache.felix.scr from 2.2.12 to 2.2.14 (#6699)
• dc9285f Bump org.apache.felix:org.apache.felix.scr from 2.2.12 to 2.2.14 (#6696)
• 2840e48 Bump org.ehcache:ehcache from 3.10.8 to 3.10.9 (#6697)
• 6ad623e Bump io.netty:netty-bom from 4.1.124.Final to 4.1.126.Final (#6691)
• ada8cff Bump io.netty:netty-bom from 4.1.124.Final to 4.1.126.Final (#6690)
• f4ef3e7 Bump dropwizard-metrics from 4.2.35 to 4.2.36 (#6688)
• 3cd227b Bump dropwizard-metrics from 4.2.35 to 4.2.36 (#6685)
• 9303ddb add compatibility note for jOOQ overload delegation (#6681)
• Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.3 to 3.27.4

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.4

🚫 Deprecated

Core

• Deprecate org.assertj.core.annotations.Beta in favor of org.assertj.core.annotation.Beta
• Deprecate org.assertj.core.util.CanIgnoreReturnValue in favor of org.assertj.core.annotation.CanIgnoreReturnValue
• Deprecate org.assertj.core.util.CheckReturnValue in favor of org.assertj.core.annotation.CheckReturnValue

🐛 Bug Fixes

Core

• Fix thread-safety in AbstractDateAssert #3874

⚡ Improvements

• Migrate to the Central Publisher Portal, enable snapshot publishing #3881

Core

• Annotate fail methods with custom @Contract #3882

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​kelunik

Commits

• 7a64cde [maven-release-plugin] prepare release assertj-build-3.27.4
• feb5f6f Annotate fail methods with custom @Contract (#3882)
• 43e8b65 Deprecate org.assertj.core.util.CheckReturnValue in favor of `org.assertj.c...
• 1bf8cd6 Deprecate org.assertj.core.util.CanIgnoreReturnValue in favor of `org.asser...
• 72d08b2 Deprecate org.assertj.core.annotations.Beta in favor of `org.assertj.core.a...
• 475c2eb Polish
• fdc9bc5 Skip tests during snapshot publishing
• 8f4a1b5 Migrate to the Central Publisher Portal, enable snapshot publishing (#3881)
• 7461b68 Fix thread-safety in AbstractDateAssert (#3874)
• 015f095 Remove EOL Java 23
• Additional commits viewable in compare view

Updates org.scala-lang:scala-reflect from 2.13.14 to 2.13.16

Release notes

Sourced from org.scala-lang:scala-reflect's releases.

Scala 2.13.16

The Scala team at Akka (formerly Lightbend) is pleased to announce Scala 2.13.16.

The following changes are highlights of this release:

Breaking change

• On the empty string, .tail and .init now throw (instead of returning the empty string) (#10851 by @​sh0hei)
  • This is a bugfix, but be aware that existing code might, perhaps inadvertently, be relying on the old behavior

Compatibility

• Support Scala 3.6 in TASTy reader (#10893)
• Support JDK 24 in optimizer (via ASM upgrade) (#10888 by @​Philippus)

REPL

• REPL: JLine 3.27.1 (was 3.26.3) and on Windows use JNI not JNA (#10899, #10898, #10882)
  • These upgrades hopefully won't be noticed, but, REPL users on Windows take note
  • JNA is no longer a dependency of scala-compiler.jar

Align with Scala 3

• Under -Xsource:3, deprecate infix named args (#10857 by @​som-snytt)

Errors and warnings

• Fix 2.13.15-only false positives with -Wunused:patvars (#10870 by @​som-snytt)

Collections

• Do not use rangeHash when rangeDiff is 0 (#10912 by @​Friendseeker)
  • This may affect fragile code relying on ordering of hash-based collections
• Deprecate collection.mutable.AnyRefMap (#10862 by @​wangyum)
  • Since Scala 2.13.0 it has no performance advantage over collection.mutable.HashMap

More changes

For the complete 2.13.16 change lists, see all merged PRs and all closed bugs.

Compatibility

As usual for our minor releases, Scala 2.13.16 is binary-compatible with the whole Scala 2.13 series.

Upgrading from 2.12? Enable -Xmigration while upgrading to request migration advice from the compiler.

Contributors

A big thank you to everyone who's helped improve Scala by reporting bugs, improving our documentation, spreading kindness in discussions around Scala, and submitting and reviewing pull requests! You are all magnificent.

... (truncated)

Commits

• 3f6bdae Merge pull request #10978 from scala/no-travis-ci-for-pr-validation
• f748f82 no more Travis-CI for PR validation, use GitHub Actions
• d2ab49d do not build the spec during PR validation
• 92a9eb2 Merge pull request #10974 from SethTisue/merge-2.12-to-2.13-20250106
• cb415ba Merge pull request #10966 from SethTisue/re-fix-sbt-bridge
• 942284b correctly fix NoClassDefFoundError in sbt bridge
• 63cf7c4 Merge remote-tracking branch 'origin/2.12.x' into merge-2.12-to-2.13-20250106
• b8a0aeb Merge commit 'b045381055674f3b5bb32b76cb5188116e8356f5' into merge-2.12-to-2....
• 393c05f Merge pull request #10973 from SethTisue/copyright-2025
• 786f44a bump copyright year to 2025
• Additional commits viewable in compare view

Updates com.google.cloud.tools:jib-maven-plugin from 3.4.5 to 3.4.6

Release notes

Sourced from com.google.cloud.tools:jib-maven-plugin's releases.

jib-maven-plugin v3.4.6

---

Major Changes

• Update retrieval of Maven properties to use the following order: user, project, system. #4344

See CHANGELOG.md for more details.

Commits

• See full diff in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.4

🚀 New features and improvements

• Name the shutdown hook (#3170) @​cstamas
• Implement fail-fast behavior for JUnit Platform provider (#3155) @​marcphilipp
• Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @​marcphilipp

🐛 Bug Fixes

• [SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @​olamy

👻 Maintenance

• feat: enable prevent branch protection rules (#3168) @​sparsick
• Get rid of plexus-annotations (#3163) @​olamy
• Remove maven-changes-plugin (#861) @​sparsick
• Enable GitHub Issues (#831) @​Bukama

📦 Dependency updates

• Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]
• Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]
• Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]
• Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]
• Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]
• Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]
• Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]
• Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]
• Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]
• Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

Commits

• 88513d8 [maven-release-plugin] prepare release surefire-3.5.4
• 9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
• 74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
• 6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
• 9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
• fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
• 1e63159 Name the shutdown hook (#3170)
• 76e806a feat: enable prevent branch protection rules (#3168)
• 0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
• 98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-enforcer-plugin from 3.6.0 to 3.6.1

Release notes

Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.

3.6.1

🚀 New features and improvements

• Improve performance of transitive dependency checks (#904) @​harrisric

🐛 Bug Fixes

• Fix NPE when a classifier part is specified in bannedDependencies (#905) @​harrisric

📝 Documentation updates

• Move contributing information into README (#911) @​slawekjaranowski
• Rewrite CONTRIBUTING.md to use the Github issue tracker instead of JIRA (#898) @​elharo

👻 Maintenance

• Remove unused javax.annotations dependency (#899) @​elharo
• Remove unused methods (#900) @​elharo
• Remove the from parameter names (#901) @​elharo
• Fix a grab bag of typos and minor grammar errors (#897) @​elharo
• remove unneeded contains check as add already does that (#896) @​elharo

📦 Dependency updates

• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#910) @dependabot[bot]

Commits

• 9b9b705 [maven-release-plugin] prepare release enforcer-3.6.1
• 469f45c Move contributing information into README - fix cla link
• fec424a Move contributing information into README
• 3abe11d Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#910)
• d58be76 Improve performance of transitive dependency checks (#904)
• 1f7ac3c null analysis (#907)
• 3bfbff8 Fix some typos
• 8da0311 Remove unused javax.annotations dependency (#899)
• 06bcf29 Remove unused methods (#900)
• b25c800 Fix NPE when a classifier part is specified but an artifact classifier is nul...
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-shade-plugin from 3.6.0 to 3.6.1

Release notes

Sourced from org.apache.maven.plugins:maven-shade-plugin's releases.

3.6.1

📝 Documentation updates

• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#250) @​Bukama

👻 Maintenance

• Enable prevent branch protection rules (#746) @​sparsick
• Enable GH issues (#253) @​Bukama
• Add missing @​Override annotations (#246) @​elharo
• Merge ApacheLicenseResourceTransformer tests (#245) @​Goooler
• Add test cases for .md supports in the Apache License and Notice transformers (#243) @​Goooler
• [MSHADE-479] - Make the mojo much less noisy (#233) @​elharo

📦 Dependency updates

• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#748) @dependabot[bot]
• Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 (#235) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 42 to 45 (#738) @dependabot[bot]
• Bump org.apache.commons:commons-compress from 1.26.2 to 1.28.0 (#743) @dependabot[bot]
• Bump org.xmlunit:xmlunit-legacy from 2.10.0 to 2.10.3 (#745) @dependabot[bot]
• Bump ASM 9.8 to support JDK 25 bytecode (#744) @​pan3793
• Bump commons-io:commons-io from 2.13.0 to 2.14.0 in /src/it/projects/MSHADE-105/shaded-jar (#241) @dependabot[bot]

Commits

• 9662c98 [maven-release-plugin] prepare for next development iteration
• 06902bd [maven-release-plugin] prepare release maven-shade-plugin-3.6.1
• 29e9a9d add .git
• 844e61a use github
• 43101f9 [maven-release-plugin] prepare release maven-shade-plugin-3.6.1
• 2ffb28d use release drafter v4 and dependabot to updade gha as well (#750)
• f5b590e Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0
• eee0319 Bump org.hamcrest:hamcrest-core from 2.2 to 3.0
• 0d5a7a4 fix upgrade, remove those useless final
• 6e5f0f3 Bump org.apache.maven.plugins:maven-plugins from 42 to 45
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign rudyredhat1 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift-knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.