Merge pull request #41798 from gsmet/3.12.2-backports-1

[3.12] 3.12.2 backports 1

Author: gsmet

.github/dependabot.yml

@@ -184,6 +184,7 @@ updates:
       - dependency-name: biz.paluch.logging:logstash-gelf
       - dependency-name: org.bitbucket.b_c:jose4j
       - dependency-name: io.fabric8:maven-model-helper
+      - dependency-name: org.codejive:java-properties
     ignore:
       # this one cannot be upgraded due to the usage of proxies in new versions
       # the proxy implements interfaces in a random order which causes issues

.mvn/extensions.xml

@@ -17,6 +17,6 @@
     <extension>
         <groupId>io.quarkus.develocity</groupId>
         <artifactId>quarkus-project-develocity-extension</artifactId>
-        <version>1.1.1</version>
+        <version>1.1.3</version>
     </extension>
 </extensions>

bom/application/pom.xml

@@ -92,14 +92,14 @@
         <!-- GraalVM sdk 23.1.2 has a minimum JDK requirement of 17+ at runtime -->
         <graal-sdk.version>23.1.2</graal-sdk.version>
         <gizmo.version>1.8.0</gizmo.version>
-        <jackson-bom.version>2.17.1</jackson-bom.version>
+        <jackson-bom.version>2.17.2</jackson-bom.version>
         <commons-logging-jboss-logging.version>1.0.0.Final</commons-logging-jboss-logging.version>
         <commons-lang3.version>3.14.0</commons-lang3.version>
         <commons-codec.version>1.17.0</commons-codec.version>
         <classmate.version>1.7.0</classmate.version>
         <!-- See root POM for hibernate-orm.version, hibernate-reactive.version, hibernate-validator.version,
              hibernate-search.version, antlr.version, bytebuddy.version, hibernate-commons-annotations.version -->
-        <narayana.version>7.0.1.Final</narayana.version>
+        <narayana.version>7.0.2.Final</narayana.version>
         <agroal.version>2.4</agroal.version>
         <jboss-transaction-spi.version>8.0.0.Final</jboss-transaction-spi.version>
         <elasticsearch-opensource-components.version>8.14.0</elasticsearch-opensource-components.version>

core/deployment/src/main/java/io/quarkus/deployment/dev/filesystem/StaticFileManager.java

@@ -31,16 +31,17 @@ public Iterable<? extends JavaFileObject> getJavaSources(Iterable<? extends File
     @Override
     public JavaFileObject getJavaFileForInput(Location location, String className, JavaFileObject.Kind kind)
             throws IOException {
+        JavaFileObject file = this.fileManager.getJavaFileForInput(location, className, kind);
         // Ignore the module info of the application in dev mode.
-        if (context.ignoreModuleInfo() && "CLASS_OUTPUT".equalsIgnoreCase(location.getName())
+        if (file != null && context.ignoreModuleInfo() && "CLASS_OUTPUT".equalsIgnoreCase(location.getName())
                 && "module-info".equalsIgnoreCase(className)) {
             if (once.compareAndSet(false, true)) {
                 Logger.getLogger(StaticFileManager.class).info("Ignoring module-info.java in dev mode, " +
                         "set the `quarkus.live-reload.ignore-module-info` property to `false` in your project descriptor (`pom.xml` or `build.gradle`) to disable this behavior.");
             }
             return null;
         }
-        return this.fileManager.getJavaFileForInput(location, className, kind);
+        return file;
     }
 
 }

core/deployment/src/main/java/io/quarkus/deployment/recording/BytecodeRecorderImpl.java

@@ -1235,9 +1235,16 @@ public void prepare(MethodContext context) {
                                 public void handle(MethodContext context, MethodCreator method,
                                         DeferredArrayStoreParameter out) {
                                     //get the collection
-                                    ResultHandle prop = method.invokeVirtualMethod(
-                                            MethodDescriptor.ofMethod(i.getReadMethod()),
-                                            context.loadDeferred(out));
+                                    ResultHandle prop;
+                                    if (i.getReadMethod().isDefault()) {
+                                        prop = method.invokeInterfaceMethod(
+                                                MethodDescriptor.ofMethod(i.getReadMethod()),
+                                                context.loadDeferred(out));
+                                    } else {
+                                        prop = method.invokeVirtualMethod(
+                                                MethodDescriptor.ofMethod(i.getReadMethod()),
+                                                context.loadDeferred(out));
+                                    }
                                     for (DeferredParameter i : params) {
                                         //add the parameter
                                         //TODO: this is not guarded against large collections, probably not an issue in practice

core/deployment/src/main/java/io/quarkus/deployment/steps/NativeImageConfigBuildStep.java

@@ -102,6 +102,7 @@ void reinitHostNameUtil(BuildProducer<RuntimeReinitializedClassBuildItem> runtim
         // so we reinitialize this to re-compute the field (and other related fields) during native application's
         // runtime
         runtimeReInitClass.produce(new RuntimeReinitializedClassBuildItem("org.wildfly.common.net.HostName"));
+        runtimeReInitClass.produce(new RuntimeReinitializedClassBuildItem("io.smallrye.common.net.HostName"));
     }
 
     private Boolean isSslNativeEnabled(SslNativeConfigBuildItem sslNativeConfig,

docs/src/main/asciidoc/cdi-integration.adoc

@@ -76,7 +76,7 @@ IMPORTANT: It is not possible to conditionally enable/disable additional beans v
 ----
 @BuildStep
 AdditionalBeanBuildItem additionalBeans() {
-     return new AdditionalBeanBuildItem(SmallRyeHealthReporter.class, HealthServlet.class)); <1>
+     return new AdditionalBeanBuildItem(SmallRyeHealthReporter.class, HealthServlet.class); <1>
 }
 ----
 <1> `AdditionalBeanBuildItem.Builder` can be used for more complex use cases.

docs/src/main/asciidoc/security-customization.adoc

@@ -682,7 +682,7 @@ The observers can be either synchronous or asynchronous.
 * `io.quarkus.oidc.SecurityEvent`
 * `io.quarkus.vertx.http.runtime.security.FormAuthenticationEvent`
 
-[[TIP]]
+[TIP]
 For more information about security events specific to the Quarkus OpenID Connect extension, please see
 the xref:security-oidc-code-flow-authentication.adoc#listen-to-authentication-events[Listening to important authentication events]
 section of the OIDC code flow mechanism for protecting web applications guide.

docs/src/main/asciidoc/security-keycloak-authorization.adoc

@@ -226,7 +226,7 @@ To start a Keycloak server, use the following Docker command:
 docker run --name keycloak -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8543:8443 -v "$(pwd)"/config/keycloak-keystore.jks:/etc/keycloak-keystore.jks quay.io/keycloak/keycloak:{keycloak.version} start  --hostname-strict=false --https-key-store-file=/etc/keycloak-keystore.jks
 ----
 
-where `keycloak.version` must be `23.0.0` or later and the `keycloak-keystore.jks` can be found in https://github.com/quarkusio/quarkus-quickstarts/blob/main/security-keycloak-authorization-quickstart/config/keycloak-keystore.jks[quarkus-quickstarts/security-keycloak-authorization-quickstart/config].
+where `keycloak.version` must be `25.0.0` or later and the `keycloak-keystore.jks` can be found in https://github.com/quarkusio/quarkus-quickstarts/blob/main/security-keycloak-authorization-quickstart/config/keycloak-keystore.jks[quarkus-quickstarts/security-keycloak-authorization-quickstart/config].
 
 Try to access your Keycloak server at https://localhost:8543[localhost:8543].
 

docs/src/main/asciidoc/security-oidc-auth0-tutorial.adoc

@@ -689,7 +689,7 @@ quarkus.oidc.auth-server-url=https://dev-3ve0cgn7.us.auth0.com
 
 which is all what is needed for the OIDC `service` application to fetch Auth0 public verification keys and use them to verify Auth0 access tokens in JWT format.
 
-[[NOTE]]
+[NOTE]
 ====
 In this tutorial you have already configured the OIDC `hybrid` application which can handle both authorization code and bearer token authentication flows. In production you will run microservices as separate servers but for the sake of simplicity `ApiEchoService` will not have to be started as a second server with its own configuration containing `quarkus.oidc.auth-server-url=https://dev-3ve0cgn7.us.auth0.com` only, and therefore the current configuration which already has the Auth0 dev tenant address configured will be reused.