deps(java): bump the all group across 1 directory with 8 updates

[dependabot[bot]]

Bumps the all group with 8 updates in the / directory:

Package	From	To
io.airlift:airbase	192	194
org.jdbi:jdbi3-bom	3.46.0	3.47.0
com.fasterxml.jackson.core:jackson-annotations	2.18.0	2.18.1
com.fasterxml.jackson.core:jackson-databind	2.18.0	2.18.1
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml	2.18.0	2.18.1
com.google.errorprone:error_prone_annotations	2.34.0	2.35.1
com.google.errorprone:error_prone_core	2.34.0	2.35.1
org.apache.maven.plugins:maven-dependency-plugin	3.8.0	3.8.1

Updates io.airlift:airbase from 192 to 194

Release notes

Sourced from io.airlift:airbase's releases.

Release 194

What's Changed

Dependency updates 📦

• Bump dep.packaging.version from 276 to 277 by @​dependabot in airlift/airbase#562
• Bump com.puppycrawl.tools:checkstyle from 10.18.2 to 10.19.0 by @​dependabot in airlift/airbase#561
• Bump com.fasterxml.jackson:jackson-bom from 2.18.0 to 2.18.1 by @​dependabot in airlift/airbase#563
• Bump org.apache.maven.plugins:maven-pmd-plugin from 3.25.0 to 3.26.0 by @​dependabot in airlift/airbase#564

Full Changelog: https://github.com/airlift/airbase/compare/193...194

Release 193

What's Changed

Improvements 🎉

• Add enforcer rules by @​wendigo in airlift/airbase#554

Dependency updates 📦

• Bump dep.plugin.pmd-runtime.version from 7.6.0 to 7.7.0 by @​dependabot in airlift/airbase#556
• Bump com.google.errorprone:error_prone_annotations from 2.34.0 to 2.35.1 by @​dependabot in airlift/airbase#558
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.0 to 3.8.1 by @​dependabot in airlift/airbase#557
• Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.5.0 to 3.6.0 by @​dependabot in airlift/airbase#559
• Bump dep.logback.version from 1.5.11 to 1.5.12 by @​dependabot in airlift/airbase#560

Full Changelog: https://github.com/airlift/airbase/compare/191...193

Changelog

Sourced from io.airlift:airbase's changelog.

Airbase 160 and above

Moved to https://github.com/airlift/airbase/releases

Airbase 159

• Dependency updates:

• AssertJ 3.26.3 (from 3.26.0)
• Byte Buddy 1.14.18 (from 1.14.17)

Airbase 159

• Require Maven 3.9.8

Airbase 158

• Plugin updates:

• maven-jar-plugin to 3.4.2 (from 3.4.1)
• maven-release-plugin to 3.1.0 (from 3.0.1)
• maven-surefire-plugin to 3.3.0 (from 3.2.5)
• maven-dependency-plugin to 3.7.1 (from 3.6.1)
• maven-clean-plugin to 3.4.0 (from 3.3.2)
• maven-checkstyle-plugin to 3.4.0 (from 3.3.1)
• git-commit-id plugin to 9.0.1 (from 8.0.1)

• Dependency updates:

• junit 5.10.3 (from 5.10.2)
• jackson 2.17.2 (from 2.17.1)

Airbase 157

• Checkstyle updates:

• Require empty line before record definition

• Plugin configuration:

• Inject git commit info into reactor projects once

• Dependency updates:
  • AssertJ 3.26.0 (from 3.25.3)
  • byte-buddy 1.14.17 (from 1.14.14)
  • checkstyle 10.17.0 (from 10.16.0)
  • error_prone_annotations 2.27.1 (from 2.27.0)
  • guava 33.2.1-jre (from 33.1.0-jre)
  • jackson 2.17.1 (from 2.17.0)
  • kotlin 2.0.0 (from 1.9.23)
  • spotbugs-annotations to 4.8.5 (from 4.8.4)
  • PMD runtime 7.2.0 (from 7.1.0)
• Plugin updates:
  • maven-build-helper 3.6.0 (from 3.5.0)
  • maven-license-plugin 4.5 (from 4.3)
  • maven-modernizer-plugin 2.9.0 (from 2.7.0)
  • maven-sortpom-plugin 4.0.0 (from 3.4.1)
  • spotbugs-maven-plugin to 4.8.5.0 (from 4.8.4.0)
  • maven-enforcer-plugin 3.5.0 (from 3.4.1)
  • maven-javadoc-plugin 3.7.0 (from 3.6.3)
  • maven-shade-plugin 3.6.0 (from 3.5.3)
  • errorprone 2.28.0 (from 2.27.1)

... (truncated)

Commits

• See full diff in compare view

Updates org.jdbi:jdbi3-bom from 3.46.0 to 3.47.0

Release notes

Sourced from org.jdbi:jdbi3-bom's releases.

3.47.0

• spring aot: fix @JdbiRepository so aot generation works (#2727, thanks @​hpoettker !)
• spring/spring5: update spring dependency and tests to latest releases (dependabot #36 / CVE-2024-38820 asks for 5.3.41 but that is not released (neither is 5.3.40. Spring is a mess)).
• deprecate the spring5 module as Spring Framework 5.x is no longer under OSS support
• add new spring module that will focus on Spring Framework 6.x and beyond. This is currently the same code as spring5 but no longer needs to maintain Spring Framework 5.x backwards compatibility.

Changelog

Sourced from org.jdbi:jdbi3-bom's changelog.

3.47.0

• spring aot: fix @JdbiRepository so aot generation works (#2727, thanks @​hpoettker !)
• spring/spring5: update spring dependency and tests to latest releases (dependabot #36 / CVE-2024-38820 asks for 5.3.41 but that is not released (neither is 5.3.40. Spring is a mess)).
• deprecate the spring5 module as Spring Framework 5.x is no longer under OSS support
• add new spring module that will focus on Spring Framework 6.x and beyond. This is currently the same code as spring5 but no longer needs to maintain Spring Framework 5.x backwards compatibility.

Commits

• fa8e3d3 [maven-release-plugin] prepare release v3.47.0
• a92040d release notes 3.47.0
• ea7a902 fix typo
• 63ccde2 fix for CI testing with java 11
• 5250aa6 deprecation required version 3.47.0-SNAPSHOT
• 78b7fe6 Add 'spring' module to replace 'spring5'
• d2f5b7f gnumake needs every export on its own line
• 1bd31e1 small adoc table fix
• 13ea520 release notes #2727
• b858e84 Fix native Spring compile with @JdbiRepository
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.18.0 to 2.18.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.18.0 to 2.18.1

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-yaml from 2.18.0 to 2.18.1

Commits

• 4f3aa83 [maven-release-plugin] prepare release jackson-dataformats-text-2.18.1
• 2f722bc Prepare for 2.18.1 release
• 1619e14 Remove use of TypeFactory.defaultInstance()
• 998064b Backport #499 in 2.18(.1) as well
• 46de17e Merge branch '2.17' into 2.18
• 306d255 Backport #499 in 2.17(.3)
• cbf4ad9 Back to snapshot deps
• e4eca1c [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.google.errorprone:error_prone_annotations from 2.34.0 to 2.35.1

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: https://github.com/google/error-prone/compare/v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: https://github.com/google/error-prone/compare/v2.34.0...v2.35.0

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• See full diff in compare view

Updates com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: https://github.com/google/error-prone/compare/v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: https://github.com/google/error-prone/compare/v2.34.0...v2.35.0

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• See full diff in compare view

Updates com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: https://github.com/google/error-prone/compare/v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: https://github.com/google/error-prone/compare/v2.34.0...v2.35.0

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• See full diff in compare view

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.8.0 to 3.8.1

Commits

• 954e44a [maven-release-plugin] prepare release maven-dependency-plugin-3.8.1
• 842075d Bump org.apache.maven.reporting:maven-reporting-impl
• 7e1aadc Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0
• 188531c Fix SCM tag
• 361058e Bump jettyVersion from 9.4.55.v20240627 to 9.4.56.v20240826
• 38ab100 Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1
• cbac4a7 Bump commons-io:commons-io from 2.16.1 to 2.17.0
• b19b7e0 [MDEP-930] Make test robust against platform default character sets (#448)
• e347ef7 Delete obsolete commented code for issue that was won't fixed 10 years ago (#...
• 7b137a1 [MDEP-946] Add analyze exclusions to list of goals
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.