build(deps): bump dropwizard.version from 2.0.21 to 4.0.0

[dependabot[bot]]

Bumps dropwizard.version from 2.0.21 to 4.0.0. Updates dropwizard-bom from 2.0.21 to 4.0.0

Release notes

Sourced from dropwizard-bom's releases.

v4.0.0

Dropwizard 4.0.0

It's finally here, the next major release of Dropwizard! This one has been developed and released in tandem with Dropwizard 3.0.0.

If you're wondering what the differences are: Not much!

3️⃣ Dropwizard 3.0.0 is still based on and is using dependencies for Java EE and the javax.* package namespace. The effort to migrate from Dropwizard 2.x to Dropwizard 3.0.0 should be minimal for many projects.

4️⃣ Dropwizard 4.0.0 is based on and is using dependencies for Jakarta EE and the jakarta.* package namespace. The effort to migrate from Dropwizard 2.x to Dropwizard 4.0.0 might be bigger due to more package changes and more breaking changes in our dependencies.

📣 In any case, let us know how the migration went and if you were missing anything important in the upgrade notes in our GitHub Discussions!

⚠️ Breaking changes

For a full list of relevant changes please refer to the Upgrade Notes for Dropwizard 4.0.x.

Java 11 baseline

Dropwizard 4.0.0 and later require Java 11 as a baseline. Later versions of Java are also working.

Dropwizard Package Structure and JPMS

In order to properly support the Java Platform Module System (JPMS), the Java packages in modules must not overlap, or put differently, the packages may not be split into multiple modules.

Dropwizard 4.0.0 won’t enable full support for the JPMS. Instead, as a transition step, automatic modules are introduced.

Affected packages:

Maven module	Old package	New package
dropwizard-core	io.dropwizard	io.drowizard.core
dropwizard-logging	io.dropwizard.logging	io.dropwizard.logging.common
dropwizard-metrics	io.dropwizard.metrics	io.dropwizard.metrics.common
dropwizard-views	io.dropwizard.views	io.dropwizard.views.common

Transition to Jakarta EE

Previously released Dropwizard versions used Java/Jakarta EE dependencies under the javax namespace. Dropwizard 4.0.x transitioned to Jakarta EE 9 components and therefore utilize the new jakarta namespace for many components.

This means that most of the imports of existing applications using Dropwizard 2.x or 3.x will have to be changed from the javax to the jakarta namespace. However, other components still use the javax namespace, so a simple search and replace could break other imports.

Jakarta EE 9 compatibility

As stated above, Dropwizard 4.0.x will transition to Jakarta EE 9 components. This means, Dropwizard will now try to be consistent with one specific EE version.

Therefore Dropwizard 4.0.x will stay on components of Jakarta EE 9 and the transition to components of Jakarta EE 10 will be postponed to an other release series.

Since the EE version bump will probably introduce breaking changes, the Jakarta EE 10 components will be most likely integrated in Dropwizard 5.0.x and not in a 4.1.x release.

... (truncated)

Commits

• 69e115a [maven-release-plugin] prepare release v4.0.0
• c9f707e Fix trigger-release workflow and use SSH key to commit changes
• 28e2940 Update dependency net.bytebuddy:byte-buddy to v1.14.3
• 3c282eb Update github/codeql-action digest to 04df126 (#6915)
• 8629f88 Update actions/setup-java digest to 5ffc13f (#6914)
• e3b7da7 Set application state healthy if there are no unhealthy critical checks (#6908)
• 0d6b1ff Update actions/checkout action to v3.5.0 (#6902)
• 01906f8 Update dependency org.apache.maven.shared:maven-filtering to v3.3.1
• 47c4ba1 Update dependency org.apache.maven.plugins:maven-resources-plugin to v3.3.1
• 1259dcd Update dependency org.apache.maven.plugins:maven-resources-plugin to v3.3.1
• Additional commits viewable in compare view

Updates dropwizard-dependencies from 2.0.21 to 4.0.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[pp-tim]

@dependabot rebase

[pp-tim]

@dependabot rebase

[dependabot[bot]]

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot[bot]]

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[pp-tim]

@dependabot rebase

[pp-tim]

@dependabot rebase

[dependabot[bot]]

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot[bot]]

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot[bot]]

Superseded by #222.