deps(java): bump the all group across 1 directory with 10 updates

[dependabot]

Bumps the all group with 10 updates in the / directory:

Package	From	To
io.airlift:airbase	192	196
org.jdbi:jdbi3-bom	3.46.0	3.47.0
com.fasterxml.jackson.core:jackson-annotations	2.18.0	2.18.1
com.fasterxml.jackson.core:jackson-databind	2.18.0	2.18.1
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml	2.18.0	2.18.1
com.google.errorprone:error_prone_annotations	2.34.0	2.35.1
com.google.errorprone:error_prone_core	2.34.0	2.35.1
net.bytebuddy:byte-buddy	1.15.7	1.15.10
org.checkerframework:checker-qual	3.48.1	3.48.2
org.apache.maven.plugins:maven-dependency-plugin	3.8.0	3.8.1

Updates io.airlift:airbase from 192 to 196

Release notes

Sourced from io.airlift:airbase's releases.

Release 196

What's Changed

Dependency updates 📦

• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.1 to 3.5.2 by @​dependabot in airlift/airbase#571
• Bump net.bytebuddy:byte-buddy from 1.15.8 to 1.15.10 by @​dependabot in airlift/airbase#570
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.1 to 3.11.1 by @​dependabot in airlift/airbase#569

Full Changelog: airlift/airbase@195...196

Release 195

What's Changed

Dependency updates 📦

• Bump dep.packaging.version from 277 to 278 by @​dependabot in airlift/airbase#565
• Bump dep.packaging.version from 278 to 279 by @​dependabot in airlift/airbase#566
• Bump com.puppycrawl.tools:checkstyle from 10.19.0 to 10.20.0 by @​dependabot in airlift/airbase#567
• Bump net.bytebuddy:byte-buddy from 1.15.7 to 1.15.8 by @​dependabot in airlift/airbase#568

Full Changelog: airlift/airbase@194...195

Release 194

What's Changed

Dependency updates 📦

• Bump dep.packaging.version from 276 to 277 by @​dependabot in airlift/airbase#562
• Bump com.puppycrawl.tools:checkstyle from 10.18.2 to 10.19.0 by @​dependabot in airlift/airbase#561
• Bump com.fasterxml.jackson:jackson-bom from 2.18.0 to 2.18.1 by @​dependabot in airlift/airbase#563
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.25.0 to 3.26.0 by @​dependabot in airlift/airbase#564

Full Changelog: airlift/airbase@193...194

Release 193

What's Changed

Improvements 🎉

• Add enforcer rules by @​wendigo in airlift/airbase#554

Dependency updates 📦

• Bump dep.plugin.pmd-runtime.version from 7.6.0 to 7.7.0 by @​dependabot in airlift/airbase#556
• Bump com.google.errorprone:error_prone_annotations from 2.34.0 to 2.35.1 by @​dependabot in airlift/airbase#558
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.0 to 3.8.1 by @​dependabot in airlift/airbase#557
• Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.5.0 to 3.6.0 by @​dependabot in airlift/airbase#559
• Bump dep.logback.version from 1.5.11 to 1.5.12 by @​dependabot in airlift/airbase#560

... (truncated)

Commits

• See full diff in compare view

Updates org.jdbi:jdbi3-bom from 3.46.0 to 3.47.0

Release notes

Sourced from org.jdbi:jdbi3-bom's releases.

3.47.0

• spring aot: fix @JdbiRepository so aot generation works (#2727, thanks @​hpoettker !)
• spring/spring5: update spring dependency and tests to latest releases (dependabot #36 / CVE-2024-38820 asks for 5.3.41 but that is not released (neither is 5.3.40. Spring is a mess)).
• deprecate the spring5 module as Spring Framework 5.x is no longer under OSS support
• add new spring module that will focus on Spring Framework 6.x and beyond. This is currently the same code as spring5 but no longer needs to maintain Spring Framework 5.x backwards compatibility.

Changelog

Sourced from org.jdbi:jdbi3-bom's changelog.

3.47.0

• spring aot: fix @JdbiRepository so aot generation works (#2727, thanks @​hpoettker !)
• spring/spring5: update spring dependency and tests to latest releases (dependabot #36 / CVE-2024-38820 asks for 5.3.41 but that is not released (neither is 5.3.40. Spring is a mess)).
• deprecate the spring5 module as Spring Framework 5.x is no longer under OSS support
• add new spring module that will focus on Spring Framework 6.x and beyond. This is currently the same code as spring5 but no longer needs to maintain Spring Framework 5.x backwards compatibility.

Commits

• fa8e3d3 [maven-release-plugin] prepare release v3.47.0
• a92040d release notes 3.47.0
• ea7a902 fix typo
• 63ccde2 fix for CI testing with java 11
• 5250aa6 deprecation required version 3.47.0-SNAPSHOT
• 78b7fe6 Add 'spring' module to replace 'spring5'
• d2f5b7f gnumake needs every export on its own line
• 1bd31e1 small adoc table fix
• 13ea520 release notes #2727
• b858e84 Fix native Spring compile with @JdbiRepository
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.18.0 to 2.18.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.18.0 to 2.18.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-yaml from 2.18.0 to 2.18.1

Commits

• 4f3aa83 [maven-release-plugin] prepare release jackson-dataformats-text-2.18.1
• 2f722bc Prepare for 2.18.1 release
• 1619e14 Remove use of TypeFactory.defaultInstance()
• 998064b Backport #499 in 2.18(.1) as well
• 46de17e Merge branch '2.17' into 2.18
• 306d255 Backport #499 in 2.17(.3)
• cbf4ad9 Back to snapshot deps
• e4eca1c [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.google.errorprone:error_prone_annotations from 2.34.0 to 2.35.1

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: google/error-prone@v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: google/error-prone@v2.34.0...v2.35.0

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• See full diff in compare view

Updates com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: google/error-prone@v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: google/error-prone@v2.34.0...v2.35.0

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• See full diff in compare view

Updates net.bytebuddy:byte-buddy from 1.15.7 to 1.15.10

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.15.10

• Fix Java 8 patterns for multi-release jars to avoid that inner classes are excluded.

Byte Buddy 1.15.9

• Additional release after time out during previous Gradle plugin release.

Byte Buddy 1.15.8

• Extend ClassInjector API to support lazy resolution of class files.
• Extend DynamicType API to support lazy resolution of auxiliary types.
• Extend AgentBuilder.Transformer.ForAdvice to support injection of new classes by their name.

Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

4. November 2024: version 1.15.10

• Fix Java 8 patterns for multi-release jars to avoid that inner classes are excluded.

3. November 2024: version 1.15.9

• Additional release after time out during previous Gradle plugin release.

1. November 2024: version 1.15.8

• Extend ClassInjector API to support lazy resolution of class files.
• Extend DynamicType API to support lazy resolution of auxiliary types.
• Extend AgentBuilder.Transformer.ForAdvice to support injection of new classes by their name.

Commits

• 4681c91 [maven-release-plugin] prepare release byte-buddy-1.15.10
• d1c82da [release] Release new version.
• c43f8aa [release] Release new version
• f164ddd Extend regex to include inner classes.
• 732087c Add additional checksums.
• aa56c9a Update internal Byte Buddy.
• c15b988 [maven-release-plugin] prepare for next development iteration
• 4593b14 [maven-release-plugin] prepare release byte-buddy-1.15.9
• c8b3780 [release] Release new version
• 1590fda Add checksums
• Additional commits viewable in compare view

Updates org.checkerframework:checker-qual from 3.48.1 to 3.48.2

Release notes

Sourced from org.checkerframework:checker-qual's releases.

Checker Framework 3.48.2

Version 3.48.2 (November 1, 2024)

Closed issues:

#6371, #6867.

Changelog

Sourced from org.checkerframework:checker-qual's changelog.

Version 3.48.2 (November 1, 2024)

Closed issues:

#6371, #6867.

Commits

• 59f4594 new release 3.48.2
• 93e8fac Prep for release.
• 013a76c Update lists of aliases for @NonNull (#6883)
• f23bf98 Update dependency com.amazonaws:aws-java-sdk-bom to v1.12.777 (#6882)
• 07d8845 Don't re-compute the enclosing method (#6876)
• a70e1e9 Update dependency org.plumelib:plume-util to v1.10.0 (#6877)
• fc99f34 Update versions.errorprone to v2.35.1 (#6875)
• b7d9092 Update versions.errorprone to v2.34.0 (#6870)
• cfdd5c9 Expect crash due to javac bug
• 19419ac Cleaner logic to handle types of extends and implements clauses and fixed `ge...
• Additional commits viewable in compare view

Updates com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: google/error-prone@v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: google/error-prone@v2.34.0...v2.35.0

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• See full diff in compare view

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.8.0 to 3.8.1

Commits

• 954e44a [maven-release-plugin] prepare release maven-dependency-plugin-3.8.1
• 842075d Bump org.apache.maven.reporting:maven-reporting-impl
• 7e1aadc Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0
• 188531c Fix SCM tag
• 361058e Bump jettyVersion from 9.4.55.v20240627 to 9.4.56.v20240826
• 38ab100 Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1
• cbac4a7 Bump commons-io:commons-io from 2.16.1 to 2.17.0
• b19b7e0 [MDEP-930] Make test robust against platform default character sets (#448)
• e347ef7 Delete obsolete commented code for issue that was won't fixed 10 years ago (#...
• 7b137a1 [MDEP-946] Add analyze exclusions to list of goals
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions