fix(deps): update all dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/upload-artifact	action	minor	v4.5.0 -> v4.6.0
github/codeql-action	action	patch	v3.28.0 -> v3.28.8
gradle (source)		patch	8.12 -> 8.12.1
gradle/actions	action	minor	v4.2.2 -> v4.3.0
lint-staged	dependencies	minor	15.3.0 -> 15.4.3
stefanzweifel/git-auto-commit-action	action	minor	v5.0.1 -> v5.1.0
org.assertj:assertj-core (source)	dependencies	patch	3.27.2 -> 3.27.3
net.sourceforge.plantuml:plantuml	dependencies	minor	1.2024.8 -> 1.2025.0
jakarta.validation:jakarta.validation-api (source)	dependencies	patch	3.1.0 -> 3.1.1
com.google.code.gson:gson	dependencies	minor	2.11.0 -> 2.12.1
io.netty:netty-codec-http (source)	dependencies	patch	4.1.116.Final -> 4.1.117.Final
io.netty:netty-codec (source)	dependencies	patch	4.1.116.Final -> 4.1.117.Final
me.champeau.jmh	plugin	patch	0.7.2 -> 0.7.3
io.netty:netty-handler (source)	dependencies	patch	4.1.116.Final -> 4.1.117.Final
com.squareup.okio:okio	dependencies	minor	3.9.1 -> 3.10.2
io.netty:netty-handler-proxy (source)	dependencies	patch	4.1.116.Final -> 4.1.117.Final
io.netty:netty-codec-socks (source)	dependencies	patch	4.1.116.Final -> 4.1.117.Final
io.projectreactor.netty:reactor-netty-core	dependencies	patch	1.2.1 -> 1.2.2
com.newrelic.agent.java:newrelic-api	dependencies	minor	8.17.0 -> 8.18.0
io.opentelemetry:opentelemetry-api	dependencies	minor	1.45.0 -> 1.46.0
org.apache.httpcomponents.client5:httpclient5	dependencies	patch	5.4.1 -> 5.4.2
io.projectreactor.netty:reactor-netty-http	dependencies	patch	1.2.1 -> 1.2.2
org.jetbrains.kotlin.jvm	plugin	patch	2.1.0 -> 2.1.10

---

Release Notes

actions/upload-artifact (actions/upload-artifact)

v4.6.0

Compare Source

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in https://github.com/actions/upload-artifact/pull/662

Full Changelog: actions/upload-artifact@v4...v4.6.0

github/codeql-action (github/codeql-action)

v3.28.8

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #​2744

See the full CHANGELOG.md for more information.

v3.28.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.7 - 29 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.6

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #​2726

See the full CHANGELOG.md for more information.

v3.28.5

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.5 - 24 Jan 2025

• Update default CodeQL bundle version to 2.20.3. #​2717

See the full CHANGELOG.md for more information.

v3.28.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.4 - 23 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.3 - 22 Jan 2025

• Update default CodeQL bundle version to 2.20.2. #​2707
• Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #​2710
• Uploading debug artifacts for CodeQL analysis is temporarily disabled. #​2712

See the full CHANGELOG.md for more information.

v3.28.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.2 - 21 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.1 - 10 Jan 2025

• CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #​2677
• Update default CodeQL bundle version to 2.20.1. #​2678

See the full CHANGELOG.md for more information.

gradle/gradle (gradle)

v8.12.1

Compare Source

gradle/actions (gradle/actions)

v4.3.0

Compare Source

This release brings some significant improvements to cache-cleanup and dependency-submission:

• Cleanup cache entries written by newly released Gradle versions (#​436)
• Use existing Gradle wrapper distribution for cache-cleanup where possible (#​515)
• Automatically save each dependency-graph that is submitted by dependency-submission (#​519)
• Fix deprecation warnings emitted by Gradle 8.12+ when:
  • Using build-scan-publish: true or Develocity injection (#​543)
  • Using dependency-submission with an authenticated plugin repository with Gradle (#​541)
• Fix warning when using toolchain support with Gradle 7.x (#​511)

What's Changed

• Update known wrapper checksums by @​github-actions in https://github.com/gradle/actions/pull/493
• Fix typo in cache-reporting.ts by @​SimonMarquis in https://github.com/gradle/actions/pull/492
• Bump Gradle Wrappers by @​github-actions in https://github.com/gradle/actions/pull/499
• Bump the github-actions group across 3 directories with 7 updates by @​dependabot in https://github.com/gradle/actions/pull/510
• Bump the npm-dependencies group across 1 directory with 6 updates by @​dependabot in https://github.com/gradle/actions/pull/512
• Clean-up missing imports for tests by @​bigdaz in https://github.com/gradle/actions/pull/513
• Bump the npm-dependencies group in /sources with 3 updates by @​dependabot in https://github.com/gradle/actions/pull/521
• Add npm build scans by @​bigdaz in https://github.com/gradle/actions/pull/517
• Avoid env-var interpolation in toolchains.xml by @​bigdaz in https://github.com/gradle/actions/pull/518
• Avoid saving build-results for cache cleanup by @​bigdaz in https://github.com/gradle/actions/pull/520
• Save dependency graph as workflow artifact by @​bigdaz in https://github.com/gradle/actions/pull/522
• Update to CCUDGP 2.1 by @​bigdaz in https://github.com/gradle/actions/pull/524
• Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by @​bot-githubaction in https://github.com/gradle/actions/pull/527
• Choose best Gradle version to use for cache cleanup by @​bigdaz in https://github.com/gradle/actions/pull/526
• Uppercase cache-encryption-key by @​Goooler in https://github.com/gradle/actions/pull/528
• Attempt to use gradle wrapper for cache cleanup by @​bigdaz in https://github.com/gradle/actions/pull/525
• Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by @​bigdaz in https://github.com/gradle/actions/pull/529
• Update known wrapper checksums by @​github-actions in https://github.com/gradle/actions/pull/509
• Bump Gradle Wrappers by @​github-actions in https://github.com/gradle/actions/pull/535
• Bump the github-actions group across 2 directories with 2 updates by @​dependabot in https://github.com/gradle/actions/pull/538
• Update undici to resolve vulnerability by @​bigdaz in https://github.com/gradle/actions/pull/536
• Bump the npm-dependencies group across 1 directory with 2 updates by @​dependabot in https://github.com/gradle/actions/pull/539
• Update docs for dependency review by @​bigdaz in https://github.com/gradle/actions/pull/540
• Fix space assignment deprecations in init-scripts by @​bigdaz in https://github.com/gradle/actions/pull/542

New Contributors

• @​SimonMarquis made their first contribution in https://github.com/gradle/actions/pull/492

Full Changelog: gradle/actions@v4.2.2...v4.3.0

lint-staged/lint-staged (lint-staged)

v15.4.3

Compare Source

Patch Changes

• #​1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

v15.4.2

Compare Source

Patch Changes

• #​1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

v15.4.1

Compare Source

Patch Changes

• #​1504 1c7a45e Thanks @​iiroj! - Default TypeScript config filenames match JS equivalents.

• #​1504 9cc18c9 Thanks @​iiroj! - Add missing conditional exports syntax for TypeScript types.

v15.4.0

Compare Source

Minor Changes

• #​1500 a8ec1dd Thanks @​iiroj! - Lint-staged now provides TypeScript types for the configuration and main Node.js API. You can use the JSDoc syntax in your JS configuration files:

  /**
   * @​filename: lint-staged.config.js
   * @​type {import('lint-staged').Configuration}
   */
  export default {
    '*': 'prettier --write',
  }

  It's also possible to use the .ts file extension for the configuration if your Node.js version supports it. The --experimental-strip-types flag was introduced in Node.js v22.6.0 and unflagged in v23.6.0, enabling Node.js to execute TypeScript files without additional configuration.

  export NODE_OPTIONS="--experimental-strip-types"
  
  npx lint-staged --config lint-staged.config.ts

Patch Changes

• #​1501 9b79364 Thanks @​iiroj! - Handle possible failures when logging user shell for debug info.

stefanzweifel/git-auto-commit-action (stefanzweifel/git-auto-commit-action)

v5.1.0

Compare Source

Changed

• Include github.actor_id in default commit_author (#​354) @​parkerbxyz

Fixed

• docs(README): fix broken protected branch docs link (#​346) @​scarf005
• Update README.md (#​343) @​Kludex

Dependency Updates

• Bump bats from 1.11.0 to 1.11.1 (#​353) @​dependabot
• Bump github/super-linter from 6 to 7 (#​342) @​dependabot
• Bump github/super-linter from 5 to 6 (#​335) @​dependabot

jakartaee/validation (jakarta.validation:jakarta.validation-api)

v3.1.1

Compare Source

What's Changed

• Add Jakarta Validation 3.1 XSDs by @​marko-bekhta in https://github.com/jakartaee/validation/pull/221

New Contributors

• @​marko-bekhta made their first contribution in https://github.com/jakartaee/validation/pull/221

Full Changelog: jakartaee/validation@3.1.0...3.1.1

square/okio (com.squareup.okio:okio)

v3.10.2

Compare Source

2025-01-08

• Fix: okio-nodefilesystem artifact is no longer empty.

v3.10.1

Compare Source

2025-01-07

• New: FileSystem.close() may prevent future access and/or clean up associated resources depending on the backing implementation. FakeFileSystem will prevent future operations once closed.
• InputStreams created from BufferedSource.inputStream() now have a more efficient version of InputStream.transferTo() which reduces memory copies.
• okio-nodefilesystem is no longer publised as a JS project, but a Kotlin multiplatform project with only a JS target. This change should not affect consumers in any way, and is motivated by the Kotlin Gradle plugin deprecating the JS-only plugin. Please use 3.10.2 to ensure this change actually does not affect your builds.

v3.10.0

Compare Source

2025-01-06

This version is equivalent to the subsequent 3.10.1, but it did not fully publish to Maven Central due to infrastructure problems.

reactor/reactor-netty (io.projectreactor.netty:reactor-netty-core)

v1.2.2

Reactor Netty 1.2.2 is part of 2024.0.2 Release Train.

What's Changed

⚠️ Update considerations and deprecations

• Do not add Transfer-Encoding for DELETE with no body by @​violetagg in #​3549
• Ensure DisposedChannelConfig#setAutoRead does not change auto-read configuration by @​violetagg in #​3581

✨ New features and improvements

• Depend on Reactor Core v3.7.2 by @​chemicL in 3db1d87, see release notes
• Depend on Netty v4.1.116.Final by @​violetagg in #​3550
• Depend on netty-incubator-transport-native-io_uring v0.0.26.Final by @​dependabot in #​3568
• Depend on Netty QUIC Codec v0.0.70.Final by @​violetagg in #​3570
• Http2Pool: Do not proceed with the acquisition if Borrower is cancelled by @​violetagg in #​3582
• Http2Pool: Do not proceed with the resource delivery if Borrower is cancelled by @​violetagg in #​3585
• Configuration for setting maximum number of connection pools to be created by @​jchenga in #​3566

🐞 Bug fixes

• Fix ClassCastException in HttpOperations#initShortId() by @​joschi in #​3542
• Ensure the request counter is updated once when the request is received by @​violetagg in #​3543
• HttpServerRequest#receiveContent() never emits any value nor completes when HTTP/1.1 TLS Upgrade (RFC-2817) kicks in by @​reta in #​3540
• Generate log message in advance by @​raccoonback in #​3571

📖 Documentation

• Add Reactor Netty version of CORS HTTP server example by @​jchenga in #​3554
• Add HTTP2/HTTP3 configuration to the HTTP examples by @​violetagg in #​3578

New Contributors

• @​joschi made their first contribution in #​3542
• @​raccoonback made their first contribution in #​3571

Full Changelog: reactor/reactor-netty@v1.2.1...v1.2.2

newrelic/newrelic-java-agent (com.newrelic.agent.java:newrelic-api)

v8.18.0

Compare Source

Version 8.18.0

open-telemetry/opentelemetry-java (io.opentelemetry:opentelemetry-api)

v1.46.0

SDK

• Remove unused dependencies, cleanup code after stabilizing Value
  (#​6948)
• Explicitly allow null into CompletableResultCode.failExceptionally()
  (#​6963)

Traces

• Fix span setStatus
  (#​6990)

Logs

• Add getters/accessors for readable fields in ReadWriteLogRecord.
  (#​6924)

Exporters

• OTLP: Update to opentelemetry-proto 1.5
  (#​6999)
• Bugfix - OTLP: Ensure Serializer runtime exceptions are rethrown as IOException
  (#​6969)
• BREAKING - OTLP: Delete experimental OTLP authenticator concept.
  See OTLP authentication docs
  for supported solutions.
  (#​6984)

Extensions

• BREAKING - Autoconfigure: Remove support for deprecated otel.experimental.resource.disabled.keys
  (#​6931)

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 8.67%. Comparing base (7d60c43) to head (9170b86).
Report is 15 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff             @@
##               main    #795      +/-   ##
===========================================
- Coverage     10.07%   8.67%   -1.41%     
+ Complexity     1956    1500     -456     
===========================================
  Files          6895    6895              
  Lines         67239   67272      +33     
  Branches        282     288       +6     
===========================================
- Hits           6774    5834     -940     
- Misses        60290   61289     +999     
+ Partials        175     149      -26     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.