[CORE-69]: Bump the minor-patch-dependencies group across 1 directory with 23 updates by dependabot[bot] · Pull Request #491 · DataBiosphere/terra-resource-buffer

dependabot · 2026-06-02T05:44:10Z

Bumps the minor-patch-dependencies group with 23 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-dependencies	`3.5.10`	`3.5.14`
org.springframework.boot:spring-boot-configuration-processor	`3.5.10`	`3.5.14`
org.springframework.boot	`3.5.10`	`3.5.14`
org.yaml:snakeyaml	`2.5`	`2.6`
com.nimbusds:nimbus-jose-jwt	`10.7`	`10.9.1`
io.projectreactor.netty:reactor-netty-http	`1.3.2`	`1.3.5`
com.fasterxml.jackson:jackson-bom	`2.21.0`	`2.22.0`
bio.terra:terra-common-lib	`1.1.70-SNAPSHOT`	`1.1.74-SNAPSHOT`
bio.terra:terra-resource-janitor-client	`0.113.51-SNAPSHOT`	`0.113.53-SNAPSHOT`
com.google.cloud:google-cloud-pubsub	`1.147.0`	`1.150.2`
com.google.guava:guava	`33.5.0-jre`	`33.6.0-jre`
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml	`2.21.0`	`2.22.0`
io.swagger.core.v3:swagger-annotations	`2.2.42`	`2.2.50`
org.webjars.npm:swagger-ui-dist	`5.31.0`	`5.32.6`
com.diffplug.spotless	`8.2.1`	`8.6.0`
com.github.ben-manes.versions	`0.53.0`	`0.54.0`
com.google.cloud.tools.jib	`3.5.2`	`3.5.3`
de.undercouch.download	`5.6.0`	`5.7.0`
org.sonarqube	`7.2.2.6593`	`7.3.0.8198`
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	`2.21.0`	`2.22.0`
ch.qos.logback:logback-classic	`1.5.27`	`1.5.34`
org.slf4j:slf4j-api	`2.0.17`	`2.0.18`
com.google.auth:google-auth-library-oauth2-http	`1.42.1`	`1.47.0`

Updates org.springframework.boot:spring-boot-dependencies from 3.5.10 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.14

🐞 Bug Fixes

ApplicationPidFileWriter does not handle symlinks correctly #50173

RandomValuePropertySource is not suitable for secrets #50172

Cassandra auto-configuration misconfigures CqlSessionBuilder #50171

ApplicationTemp does not handle symlinks correctly #50170

Remote DevTools performs comparison incorrectly #50169

spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168

EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035

Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033

Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021

WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008

500 response from env endpoint when supplied pattern is invalid #49942

HTTP method is lost when configuring excludes in EndpointRequest #49885

Docker Compose support doesn't work with apache/artemis image #49865

Honor HttpMethod for reactive additional endpoint paths #49864

Docker Compose support doesn't work with apache/activemq image #49863

Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

Link to the observability section of the Lettuce documentation is broken #50092

Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083

MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023

Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010

Link to the Kubernetes documentation when discussing startup probes #50007

Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895

Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

Upgrade to Groovy 4.0.31 #49905

Upgrade to Hibernate 6.6.49.Final #50140

Upgrade to Jaxen 2.0.1 #50109

Upgrade to Jaybird 6.0.5 #49907

Upgrade to Jetty 12.0.34 #49908

Upgrade to jOOQ 3.19.32 #50110

Upgrade to Lombok 1.18.46 #50148

Upgrade to MariaDB 3.5.8 #49909

Upgrade to Micrometer 1.15.11 #49961

Upgrade to Micrometer Tracing 1.5.11 #49962

Upgrade to MySQL 9.7.0 #50161

Upgrade to Neo4j Java Driver 5.28.13 #50074

Upgrade to Reactor Bom 2024.0.17 #49963

Upgrade to Spring AMQP 3.2.10 #49964

Upgrade to Spring Authorization Server 1.5.7 #49965

Upgrade to Spring Data Bom 2025.0.11 #49966

Upgrade to Spring Framework 6.2.18 #49967

Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

7d7b3ac Release v3.5.14
9dc5aa2 Polish
f533a45 Do not follow symlinks when writing PID file
f3b8eb0 Use SecureRandom in RandomValuePropertySource
e22083a Enable hostname verification for SSL connections to Cassandra
5ceb1a2 Improve ApplicationTemp's temporary directory creation
4b0862c Use constant-time comparison for remote DevTools secret
e4febe2 Apply verify-hostname consistently
2c2ffe5 Fix Windows test failure
0046a44 Protect against corrupt buildpack archives
Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-configuration-processor from 3.5.10 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-configuration-processor's releases.

v3.5.14

🐞 Bug Fixes

ApplicationPidFileWriter does not handle symlinks correctly #50173

RandomValuePropertySource is not suitable for secrets #50172

Cassandra auto-configuration misconfigures CqlSessionBuilder #50171

ApplicationTemp does not handle symlinks correctly #50170

Remote DevTools performs comparison incorrectly #50169

spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168

EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035

Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033

Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021

WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008

500 response from env endpoint when supplied pattern is invalid #49942

HTTP method is lost when configuring excludes in EndpointRequest #49885

Docker Compose support doesn't work with apache/artemis image #49865

Honor HttpMethod for reactive additional endpoint paths #49864

Docker Compose support doesn't work with apache/activemq image #49863

Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

Link to the observability section of the Lettuce documentation is broken #50092

Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083

MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023

Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010

Link to the Kubernetes documentation when discussing startup probes #50007

Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895

Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

Upgrade to Groovy 4.0.31 #49905

Upgrade to Hibernate 6.6.49.Final #50140

Upgrade to Jaxen 2.0.1 #50109

Upgrade to Jaybird 6.0.5 #49907

Upgrade to Jetty 12.0.34 #49908

Upgrade to jOOQ 3.19.32 #50110

Upgrade to Lombok 1.18.46 #50148

Upgrade to MariaDB 3.5.8 #49909

Upgrade to Micrometer 1.15.11 #49961

Upgrade to Micrometer Tracing 1.5.11 #49962

Upgrade to MySQL 9.7.0 #50161

Upgrade to Neo4j Java Driver 5.28.13 #50074

Upgrade to Reactor Bom 2024.0.17 #49963

Upgrade to Spring AMQP 3.2.10 #49964

Upgrade to Spring Authorization Server 1.5.7 #49965

Upgrade to Spring Data Bom 2025.0.11 #49966

Upgrade to Spring Framework 6.2.18 #49967

Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

7d7b3ac Release v3.5.14
9dc5aa2 Polish
f533a45 Do not follow symlinks when writing PID file
f3b8eb0 Use SecureRandom in RandomValuePropertySource
e22083a Enable hostname verification for SSL connections to Cassandra
5ceb1a2 Improve ApplicationTemp's temporary directory creation
4b0862c Use constant-time comparison for remote DevTools secret
e4febe2 Apply verify-hostname consistently
2c2ffe5 Fix Windows test failure
0046a44 Protect against corrupt buildpack archives
Additional commits viewable in compare view

Updates org.springframework.boot from 3.5.10 to 3.5.14

Release notes

Sourced from org.springframework.boot's releases.

v3.5.14

🐞 Bug Fixes

ApplicationPidFileWriter does not handle symlinks correctly #50173

RandomValuePropertySource is not suitable for secrets #50172

Cassandra auto-configuration misconfigures CqlSessionBuilder #50171

ApplicationTemp does not handle symlinks correctly #50170

Remote DevTools performs comparison incorrectly #50169

spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168

EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035

Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033

Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021

WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008

500 response from env endpoint when supplied pattern is invalid #49942

HTTP method is lost when configuring excludes in EndpointRequest #49885

Docker Compose support doesn't work with apache/artemis image #49865

Honor HttpMethod for reactive additional endpoint paths #49864

Docker Compose support doesn't work with apache/activemq image #49863

Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

Link to the observability section of the Lettuce documentation is broken #50092

Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083

MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023

Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010

Link to the Kubernetes documentation when discussing startup probes #50007

Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895

Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

Upgrade to Groovy 4.0.31 #49905

Upgrade to Hibernate 6.6.49.Final #50140

Upgrade to Jaxen 2.0.1 #50109

Upgrade to Jaybird 6.0.5 #49907

Upgrade to Jetty 12.0.34 #49908

Upgrade to jOOQ 3.19.32 #50110

Upgrade to Lombok 1.18.46 #50148

Upgrade to MariaDB 3.5.8 #49909

Upgrade to Micrometer 1.15.11 #49961

Upgrade to Micrometer Tracing 1.5.11 #49962

Upgrade to MySQL 9.7.0 #50161

Upgrade to Neo4j Java Driver 5.28.13 #50074

Upgrade to Reactor Bom 2024.0.17 #49963

Upgrade to Spring AMQP 3.2.10 #49964

Upgrade to Spring Authorization Server 1.5.7 #49965

Upgrade to Spring Data Bom 2025.0.11 #49966

Upgrade to Spring Framework 6.2.18 #49967

Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

7d7b3ac Release v3.5.14
9dc5aa2 Polish
f533a45 Do not follow symlinks when writing PID file
f3b8eb0 Use SecureRandom in RandomValuePropertySource
e22083a Enable hostname verification for SSL connections to Cassandra
5ceb1a2 Improve ApplicationTemp's temporary directory creation
4b0862c Use constant-time comparison for remote DevTools secret
e4febe2 Apply verify-hostname consistently
2c2ffe5 Fix Windows test failure
0046a44 Protect against corrupt buildpack archives
Additional commits viewable in compare view

Updates org.yaml:snakeyaml from 2.5 to 2.6

Commits

cc19a61 [maven-release-plugin] prepare for next development iteration
bc4a8f4 Minor fixes in Javadoc
f18203a Add a test for Y79Y-003
ad1fceb Less output in tests
1db66b7 Add (failing) build with JDK 25
88ebaa8 build: fix JKD 25 tests compilation
6af8790 Update Javadoc
a006b7a Update Javadoc
c143db2 Update changes
d78d11f Update changes
Additional commits viewable in compare view

Updates com.nimbusds:nimbus-jose-jwt from 10.7 to 10.9.1

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

version 1.0 (2012-03-01)

First version based on the OpenInfoCard JWT, JWS and JWE code base.

version 1.1 (2012-03-06)

Introduces type-safe enumeration of the JSON Web Algorithms (JWA).

Refactors the JWT class.

version 1.2 (2012-03-08)

Moves JWS and JWE code into separate classes.

version 1.3 (2012-03-09)

Switches to Apache Commons Codec for Base64URL encoding and decoding

Consolidates the crypto utilities within the package.

Introduces a JWT content serialiser class.

version 1.4 (2012-03-09)

Refactoring of JWT class and JUnit tests.

version 1.5 (2012-03-18)

Switches to JSON Smart for JSON serialisation and parsing.

Introduces claims set class with JSON objects, string, Base64URL and byte array views.

version 1.6 (2012-03-20)

Creates class for representing, serialising and parsing JSON Web Keys (JWK).

Introduces separate class for representing JWT headers.

version 1.7 (2012-04-01)

Introduces separate classes for plain, JWS and JWE headers.

Introduces separate classes for plain, signed and encrypted JWTs.

Removes the JWTContent class.

Removes password-based (PE820) encryption support.

version 1.8 (2012-04-03)

Adds support for the ZIP JWE header parameter.

Removes unsupported algorithms from the JWA enumeration.

version 1.9 (2012-04-03)

Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod().

version 1.9.1 (2012-04-03)

Upgrades JSON Smart JAR to 1.1.1.

version 1.10 (2012-04-14)

Introduces serialize() method to base abstract JWT class.

version 1.11 (2012-05-13)

JWT.serialize() throws checked JWTException instead of

... (truncated)

Commits

9509dc5 [maven-release-plugin] prepare for next development iteration
0e27c9c Adds a PasswordBasedDecrypter(byte[], Set<String>) constructor to specify nam...
decee47 Fixes getDeferredCriticalHeaderParams() in AESDecrypter, DirectDecrypter, RSA...
b8d40c9 [maven-release-plugin] prepare release 10.8
e48aa07 [maven-release-plugin] prepare for next development iteration
4b02531 Adds X509CertUtils.computeSHA1Thumbprint(X509Certificate) method
6b52455 [maven-release-plugin] prepare release 10.9
94f4387 [maven-release-plugin] prepare for next development iteration
5370446 Back-ports fix for iss #619
62d00fc [maven-release-plugin] prepare release 10.9.1
See full diff in compare view

Updates io.projectreactor.netty:reactor-netty-http from 1.3.2 to 1.3.5

Release notes

Sourced from io.projectreactor.netty:reactor-netty-http's releases.

v1.3.5

Reactor Netty 1.3.5 is part of 2025.0.5 Release Train.

What's Changed

✨ New features and improvements

Depend on Reactor Core v3.8.5 by @violetagg in b68dacab12f5ff46575f9009f34ea676a212879d, see release notes

Depend on Netty v4.2.12.Final by @violetagg in #4167

Depend on Netty QUIC Codec v0.0.75.Final by @violetagg in #4148

Depend on Brave v6.3.1 by @dependabot[bot] in #4159

Optimise uri construction with baseUrl in HttpClientHandler by @violetagg in #4130

Optimise UriEndpoint#toSocketAddressStringWithoutDefaultPort by @violetagg in #4131

Store resolved SocketAddress in UriEndpoint for absolute URLs by @violetagg in #4132

Lazily compute HttpClientOperations#resourceUrl by @violetagg in #4135

Pre-compute path in UriEndpoint when URI is provided by @violetagg in #4136

Cleanup HTTP/2 WebSocket extension handlers by @violetagg in #4152

Optimise Flux body accumulation for GET/HEAD/DELETE requests by @violetagg in #4164

Fix HTTP/3 connection pool max streams handling by @violetagg in #4182

🐞 Bug fixes

Ensure connection concurrency and acquired counters are updated before delivering the slot by @violetagg in #4179

Fix StackOverflowError in ServerTransport graceful shutdown by @violetagg in #4181

Fix invalidated connection reuse in Http2Pool by @violetagg in #4180

New Contributors

@Junuu made their first contribution in #4137

Full Changelog: reactor/reactor-netty@v1.3.4...v1.3.5

v1.3.4

Reactor Netty 1.3.4 is part of 2025.0.4 Release Train.

What's Changed

✨ New features and improvements

Depend on Reactor Core v3.8.4 by @chemicL in 53e8319e6fc66e101c3b52fc3a1267a891d1aeff, see release notes

Avoid DefaultChannelId generation for DisposedChannel by @violetagg in #4095

Push-based maxConcurrentStreams update via SETTINGS frame handler by @violetagg in #4106

Add configurable maxLifeTime with per-resource variance by @violetagg in #4111

Add Http2AllocationStrategy#streamBatchSize for batched stream dispatching by @violetagg in #4114

Override isSharable() explicitly to avoid annotation lookup by @violetagg in #4120

Add fast-path short-circuit for is100ContinueExpected check by @violetagg in #4123

Cache resolved HttpHeadersFactory instances to avoid repeated allocation by @violetagg in #4124

🐞 Bug fixes

Add FlushConsolidationHandler to H2C upgrade pipeline by @violetagg in #4097

Fix Http2Pool returning connection to the pool before H2C upgrade completes by @violetagg in #4098

Fix Http2Pool ACQUIRED counter not rolled back when deliver is rejected by @violetagg in #4099

... (truncated)

Commits

b68daca [release] Prepare and release 1.3.5
f8fc51b Merge-ignore release 1.2.17 into 1.3.5
4cffaf0 [release] Back to snapshots, next is 1.2.18-SNAPSHOT
3f6ae4c Defer asciidoctor-pdf check to execution time
9f6f3e0 [release] Prepare and release 1.2.17
7b2c429 Merge #4190 into 1.3.5
6225c6d Bump ruby/setup-ruby from 1.299.0 to 1.301.0 (#4190)
f4f9b50 Bump org.bouncycastle:bcpkix-jdk18on from 1.83 to 1.84 (#4191)
5b344dc Merge #4187 into 1.3.5
e177f39 Bump @springio/antora-extensions from 1.14.10 to 1.14.11 in /docs (#4187)
Additional commits viewable in compare view

Updates com.fasterxml.jackson:jackson-bom from 2.21.0 to 2.22.0

Commits

112e859 [maven-release-plugin] prepare release jackson-bom-2.22.0
2cae2ce Prep for 2.22.0 release
7955d21 Merge branch '2.21' into 2.x
8922a05 Post-release dep version bump
1fa9943 [maven-release-plugin] prepare for next development iteration
d1abd31 [maven-release-plugin] prepare release jackson-bom-2.21.4
2aaea43 Prep for 2.21.4 release
902ec69 Update Woodstox/stax2-api (to 7.2.0/4.3.0)
2570647 Merge branch '2.21' into 2.x
9d3a9d5 Post-release dep version bump
Additional commits viewable in compare view

Updates bio.terra:terra-common-lib from 1.1.70-SNAPSHOT to 1.1.74-SNAPSHOT

Updates bio.terra:terra-resource-janitor-client from 0.113.51-SNAPSHOT to 0.113.53-SNAPSHOT

Updates com.google.cloud:google-cloud-pubsub from 1.147.0 to 1.150.2

Release notes

Sourced from com.google.cloud:google-cloud-pubsub's releases.

v1.150.2

1.150.2 (2026-05-07)

Bug Fixes

deps: Update the Java code generator (gapic-generator-java) to 2.72.0 (a9b68a2)

Dependencies

Update dependency com.google.cloud:sdk-platform-java-config to v3.62.0 (#2729) (77e0c65)

Update googleapis/google-cloud-java action to v1.86.0 (#2727) (3da5b3b)

v1.150.1

1.150.1 (2026-04-14)

Bug Fixes

deps: Update the Java code generator (gapic-generator-java) to 2.71.0 (49cb97f)

Increase streaming pull timeout (49cb97f)

Dependencies

Update dependency com.google.cloud:sdk-platform-java-config to v3.61.0 (#2714) (7f6dbcc)

Documentation

Fix documentation URL AIInference MessageTransform service_account_email field (49cb97f)

v1.150.0

1.150.0 (2026-03-23)

Features

Add BigtableConfig type (f69de7e)

Bug Fixes

deps: Update the Java code generator (gapic-generator-java) to 2.68.0 (f69de7e)

Dependencies

Update dependency com.google.cloud:sdk-platform-java-config to v3.58.0 (#2709) (e82a6ff)

... (truncated)

Changelog

Sourced from com.google.cloud:google-cloud-pubsub's changelog.

1.150.2 (2026-05-07)

Bug Fixes

deps: Update the Java code generator (gapic-generator-java) to 2.72.0 (a9b68a2)

Dependencies

Update dependency com.google.cloud:sdk-platform-java-config to v3.62.0 (#2729) (77e0c65)

Update googleapis/google-cloud-java action to v1.86.0 (#2727) (3da5b3b)

1.150.1 (2026-04-14)

Bug Fixes

deps: Update the Java code generator (gapic-generator-java) to 2.71.0 (49cb97f)

Increase streaming pull timeout (49cb97f)

Dependencies

Update dependency com.google.cloud:sdk-platform-java-config to v3.61.0 (#2714) (7f6dbcc)

Documentation

Fix documentation URL AIInference MessageTransform service_account_email field (49cb97f)

1.150.0 (2026-03-23)

Features

Add BigtableConfig type (f69de7e)

Bug Fixes

deps: Update the Java code generator (gapic-generator-java) to 2.68.0 (f69de7e)

Dependencies

Update dependency com.google.cloud:sdk-platform-java-config to v3.58.0 (#2709) (e82a6ff)

1.149.0 (2026-02-26)

... (truncated)

Commits

d21882f chore(main): release 1.150.2 (#2734)
a9b68a2 chore: Update generation configuration at Thu May 7 00:15:53 UTC 2026 (#2730)
b2f79dc chore(main): release 1.150.2-SNAPSHOT (#2718)
50a213c Revert "deps: update googleapis/google-cloud-java action to v1.86.0 (#2727)" ...
3da5b3b deps: update googleapis/google-cloud-java action to v1.86.0 (#2727)
77e0c65 deps: update dependency com.google.cloud:sdk-platform-java-config to v3.62.0 ...
052b02c ci: use CLOUD_JAVA_BOT_GITHUB_TOKEN (#2728)
b6a4d2f chore: stop referencing googleapis/sdk-platform-java (#2724)
880f28a chore(main): release 1.150.1 (#2717)
49cb97f chore: Update generation configuration at Tue Apr 14 03:07:21 UTC 2026 (#2713)
Additional commits viewable in compare view

Updates com.google.guava:guava from 33.5.0-jre to 33.6.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.6.0

Maven
<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.6.0-jre</version>
  
  <version>33.6.0-android</version>
</dependency>
Jar files

33.6.0-jre.jar

33.6.0-android.jar

Guava requires one runtime dependency, which you can download here:

failureaccess-1.0.3.jar

Javadoc

33.6.0-jre

33.6.0-android

JDiff

33.6.0-jre vs. 33.5.0-jre

33.6.0-android vs. 33.5.0-android

33.6.0-android vs. 33.6.0-jre

Changelog

Migrated some classes from finalize() to PhantomReference in preparation for the removal of finalization. (786b619dd6, 7c6b17c, aeef90988d)

cache: Deprecated CacheBuilder APIs that use TimeUnit in favor of those that use Duration. (73f8b0bb84)

collect: Added toImmutableSortedMap collectors that use the natural comparator. (64d70b9f94)

collect: Changed ConcurrentHashMultiset, ImmutableMap and TreeMultiset deserialization to avoid mutating final fields. In extremely unlikely scenarios in which an instance of that type contains an object that refers back to that instance, this could lead to a broken instance that throws NullPointerException when used. (8240c7e596, 046468055f)

graph: Removed @Beta from all APIs in the package. (dae9566b73)

graph: Added support to Graphs.transitiveClosure() for different strategies for adding self-loops. (2e13df25b2)

graph: Added an asNetwork() view to Graph and ValueGraph. (909c593c61)

hash: Added BloomFilter.serializedSize(). (df9bcc251a)

net: Added HttpHeaders.CDN_CACHE_CONTROL. (75331b5030)

Commits

See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-yaml from 2.21.0 to 2.22.0

Commits

23d487c [maven-release-plugin] prepare release jackson-dataformats-text-2.22.0
6e8f04f Prep for 2.22.0 release
8ee5b1f Merge branch '2.21' into 2.x
2ce6349 Post-release dep version bump
de47c46 [maven-release-plugin] prepare for next development iteration
95debb7 [maven-release-plugin] prepare release jackson-dataformats-text-2.21.4
c426a04 Prep for 2.21.4 release

Description has been truncated

… with 23 updates Bumps the minor-patch-dependencies group with 23 updates in the / directory: | Package | From | To | | --- | --- | --- | | [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) | `3.5.10` | `3.5.14` | | [org.springframework.boot:spring-boot-configuration-processor](https://github.com/spring-projects/spring-boot) | `3.5.10` | `3.5.14` | | [org.springframework.boot](https://github.com/spring-projects/spring-boot) | `3.5.10` | `3.5.14` | | [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) | `2.5` | `2.6` | | [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) | `10.7` | `10.9.1` | | [io.projectreactor.netty:reactor-netty-http](https://github.com/reactor/reactor-netty) | `1.3.2` | `1.3.5` | | [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.21.0` | `2.22.0` | | bio.terra:terra-common-lib | `1.1.70-SNAPSHOT` | `1.1.74-SNAPSHOT` | | bio.terra:terra-resource-janitor-client | `0.113.51-SNAPSHOT` | `0.113.53-SNAPSHOT` | | [com.google.cloud:google-cloud-pubsub](https://github.com/googleapis/java-pubsub) | `1.147.0` | `1.150.2` | | [com.google.guava:guava](https://github.com/google/guava) | `33.5.0-jre` | `33.6.0-jre` | | [com.fasterxml.jackson.dataformat:jackson-dataformat-yaml](https://github.com/FasterXML/jackson-dataformats-text) | `2.21.0` | `2.22.0` | | io.swagger.core.v3:swagger-annotations | `2.2.42` | `2.2.50` | | [org.webjars.npm:swagger-ui-dist](https://github.com/swagger-api/swagger-ui) | `5.31.0` | `5.32.6` | | com.diffplug.spotless | `8.2.1` | `8.6.0` | | com.github.ben-manes.versions | `0.53.0` | `0.54.0` | | com.google.cloud.tools.jib | `3.5.2` | `3.5.3` | | [de.undercouch.download](https://github.com/michel-kraemer/gradle-download-task) | `5.6.0` | `5.7.0` | | org.sonarqube | `7.2.2.6593` | `7.3.0.8198` | | com.fasterxml.jackson.datatype:jackson-datatype-jsr310 | `2.21.0` | `2.22.0` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.27` | `1.5.34` | | org.slf4j:slf4j-api | `2.0.17` | `2.0.18` | | com.google.auth:google-auth-library-oauth2-http | `1.42.1` | `1.47.0` | Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.10 to 3.5.14 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.10...v3.5.14) Updates `org.springframework.boot:spring-boot-configuration-processor` from 3.5.10 to 3.5.14 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.10...v3.5.14) Updates `org.springframework.boot` from 3.5.10 to 3.5.14 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.10...v3.5.14) Updates `org.yaml:snakeyaml` from 2.5 to 2.6 - [Commits](https://bitbucket.org/snakeyaml/snakeyaml/branches/compare/snakeyaml-2.6..snakeyaml-2.5) Updates `com.nimbusds:nimbus-jose-jwt` from 10.7 to 10.9.1 - [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt) - [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/10.9.1..10.7) Updates `io.projectreactor.netty:reactor-netty-http` from 1.3.2 to 1.3.5 - [Release notes](https://github.com/reactor/reactor-netty/releases) - [Commits](reactor/reactor-netty@v1.3.2...v1.3.5) Updates `com.fasterxml.jackson:jackson-bom` from 2.21.0 to 2.22.0 - [Commits](FasterXML/jackson-bom@jackson-bom-2.21.0...jackson-bom-2.22.0) Updates `bio.terra:terra-common-lib` from 1.1.70-SNAPSHOT to 1.1.74-SNAPSHOT Updates `bio.terra:terra-resource-janitor-client` from 0.113.51-SNAPSHOT to 0.113.53-SNAPSHOT Updates `com.google.cloud:google-cloud-pubsub` from 1.147.0 to 1.150.2 - [Release notes](https://github.com/googleapis/java-pubsub/releases) - [Changelog](https://github.com/googleapis/java-pubsub/blob/main/CHANGELOG.md) - [Commits](googleapis/java-pubsub@v1.147.0...v1.150.2) Updates `com.google.guava:guava` from 33.5.0-jre to 33.6.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.21.0 to 2.22.0 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.21.0...jackson-dataformats-text-2.22.0) Updates `io.swagger.core.v3:swagger-annotations` from 2.2.42 to 2.2.50 Updates `org.webjars.npm:swagger-ui-dist` from 5.31.0 to 5.32.6 - [Release notes](https://github.com/swagger-api/swagger-ui/releases) - [Commits](swagger-api/swagger-ui@v5.31.0...v5.32.6) Updates `org.springframework.boot:spring-boot-configuration-processor` from 3.5.10 to 3.5.14 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.10...v3.5.14) Updates `com.diffplug.spotless` from 8.2.1 to 8.6.0 Updates `com.github.ben-manes.versions` from 0.53.0 to 0.54.0 Updates `com.google.cloud.tools.jib` from 3.5.2 to 3.5.3 Updates `de.undercouch.download` from 5.6.0 to 5.7.0 - [Release notes](https://github.com/michel-kraemer/gradle-download-task/releases) - [Commits](michel-kraemer/gradle-download-task@5.6.0...5.7.0) Updates `org.sonarqube` from 7.2.2.6593 to 7.3.0.8198 Updates `org.springframework.boot` from 3.5.10 to 3.5.14 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.10...v3.5.14) Updates `com.fasterxml.jackson.datatype:jackson-datatype-jsr310` from 2.21.0 to 2.22.0 Updates `ch.qos.logback:logback-classic` from 1.5.27 to 1.5.34 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.27...v_1.5.34) Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18 Updates `com.google.auth:google-auth-library-oauth2-http` from 1.42.1 to 1.47.0 --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-version: 3.5.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: org.springframework.boot:spring-boot-configuration-processor dependency-version: 3.5.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: org.springframework.boot dependency-version: 3.5.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: org.yaml:snakeyaml dependency-version: '2.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: com.nimbusds:nimbus-jose-jwt dependency-version: 10.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: io.projectreactor.netty:reactor-netty-http dependency-version: 1.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: bio.terra:terra-common-lib dependency-version: 1.1.74-SNAPSHOT dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: bio.terra:terra-resource-janitor-client dependency-version: 0.113.53-SNAPSHOT dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: com.google.cloud:google-cloud-pubsub dependency-version: 1.150.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: com.google.guava:guava dependency-version: 33.6.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: io.swagger.core.v3:swagger-annotations dependency-version: 2.2.50 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: org.webjars.npm:swagger-ui-dist dependency-version: 5.32.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: org.springframework.boot:spring-boot-configuration-processor dependency-version: 3.5.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: com.diffplug.spotless dependency-version: 8.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: com.github.ben-manes.versions dependency-version: 0.54.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: com.google.cloud.tools.jib dependency-version: 3.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: de.undercouch.download dependency-version: 5.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: org.sonarqube dependency-version: 7.3.0.8198 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: org.springframework.boot dependency-version: 3.5.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310 dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch-dependencies - dependency-name: com.google.auth:google-auth-library-oauth2-http dependency-version: 1.47.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2026-06-02T05:44:52Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot Bot added dependency gradle labels Jun 2, 2026

dependabot Bot requested a review from a team as a code owner June 2, 2026 05:44

dependabot Bot requested review from jgainerdewar and marctalbott and removed request for a team June 2, 2026 05:44

dependabot Bot added dependency gradle labels Jun 2, 2026

github-actions Bot approved these changes Jun 2, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[CORE-69]: Bump the minor-patch-dependencies group across 1 directory with 23 updates#491

[CORE-69]: Bump the minor-patch-dependencies group across 1 directory with 23 updates#491
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/gradle/master/minor-patch-dependencies-f8a99f22da

dependabot Bot commented on behalf of github Jun 2, 2026

Uh oh!

sonarqubecloud Bot commented Jun 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 2, 2026

v3.5.14

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v3.5.14

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v3.5.14

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v1.3.5

What's Changed

✨ New features and improvements

🐞 Bug fixes

New Contributors

v1.3.4

What's Changed

✨ New features and improvements

🐞 Bug fixes

v1.150.2

1.150.2 (2026-05-07)

Bug Fixes

Dependencies

v1.150.1

1.150.1 (2026-04-14)

Bug Fixes

Dependencies

Documentation

v1.150.0

1.150.0 (2026-03-23)

Features

Bug Fixes

Dependencies

1.150.2 (2026-05-07)

Bug Fixes

Dependencies

1.150.1 (2026-04-14)

Bug Fixes

Dependencies

Documentation

1.150.0 (2026-03-23)

Features

Bug Fixes

Dependencies

1.149.0 (2026-02-26)

33.6.0

Maven

Jar files

Javadoc

JDiff

Changelog

Uh oh!

sonarqubecloud Bot commented Jun 2, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants