navikt / gandalf

Facelift for https://github.com/navikt/security-token-service
MIT License
0 stars 0 forks source link

build(deps): bump io.micrometer:micrometer-registry-prometheus from 1.12.5 to 1.13.3 #272

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 2 months ago

Bumps io.micrometer:micrometer-registry-prometheus from 1.12.5 to 1.13.3.

Release notes

Sourced from io.micrometer:micrometer-registry-prometheus's releases.

1.13.3

:lady_beetle: Bug Fixes

  • Add default factoryType tag in CommonsObjectPool2Metrics #5316
  • Buffered statsd lines are not published on close #2141
  • Disable kotlinSourcesJar since it conflicts with sourcesJar #5151

:notebook_with_decorative_cover: Documentation

  • Make more explicit that recording a metric is safe to call #5365

:hammer: Dependency Upgrades

  • Bump com.fasterxml.jackson.core:jackson-databind from 2.17.1 to 2.17.2 #5364
  • Bump com.gradle.develocity from 3.17.5 to 3.17.6 #5357
  • Bump com.netflix.spectator:spectator-reg-atlas from 1.7.14 to 1.7.17 #5356
  • Bump com.signalfx.public:signalfx-java from 1.0.43 to 1.0.44 #5362
  • Bump io.netty:netty-bom from 4.1.111.Final to 4.1.112.Final #5360
  • Bump io.projectreactor:reactor-bom from 2022.0.20 to 2022.0.21 #5358
  • Bump jersey3 from 3.0.11 to 3.0.12 #5378
  • Bump jetty9 from 9.4.54.v20240208 to 9.4.55.v20240627 #5361
  • Bump org.jetbrains.kotlin.jvm from 1.9.23 to 1.9.24 #5294

:memo: Tasks

  • Make PrometheusMeterRegistryTest less flaky #5302
  • Migrate to io.spring.develocity.conventions:0.0.19 #5312
  • Apply test-retry settings to all tests #5303

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​izeye, @​HYEONSEOK1, @​BJMg, and @​cbrachem

1.13.2

:lady_beetle: Bug Fixes

  • Avoid calling naming convention on scrape #5288
  • Fix histogram consistency in PrometheusMeterRegistry #5193
  • Fix log to include stack trace in OtlpMeterRegistry.publish() #5141

:hammer: Dependency Upgrades

  • Bump software.amazon.awssdk:cloudwatch from 2.25.69 to 2.25.70 #5277
  • Bump com.netflix.spectator:spectator-reg-atlas from 1.7.13 to 1.7.14 #5276
  • Bump com.signalfx.public:signalfx-java from 1.0.42 to 1.0.43 #5272

:heart: Contributors

... (truncated)

Commits
  • 98c1042 Bump com.fasterxml.jackson.core:jackson-databind from 2.17.1 to 2.17.2 (#5364)
  • 85b2df5 Merge branch '1.12.x' into 1.13.x
  • a012711 Merge branch '1.9.x' into 1.12.x
  • 34f06a3 Bump jersey3 from 3.0.4 to 3.0.12
  • 39783aa Merge branch '1.12.x' into 1.13.x
  • 1781a32 Bump io.projectreactor:reactor-bom from 2022.0.20 to 2022.0.21 (#5340)
  • 0f86200 Bump org.awaitility:awaitility from 4.2.1 to 4.2.2 (#5372)
  • 6032f65 Bump com.netflix.spectator:spectator-reg-atlas from 1.7.14 to 1.7.18 (#5373)
  • f1f513e Bump org.mongodb:mongodb-driver-sync from 4.11.2 to 4.11.3 (#5375)
  • 214a682 Bump maven-resolver from 1.9.20 to 1.9.22 (#5374)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
ybelMekk commented 1 month ago

can consider in a later stage, but for now it ok

dependabot[bot] commented 1 month ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.