Bump metrics-core from 3.2.3 to 4.2.1

[dependabot-preview[bot]]

Bumps metrics-core from 3.2.3 to 4.2.1.

Release notes

Sourced from metrics-core's releases.

v4.2.1

Bug fixes

• JMXReporter may create invalid ObjectNames (#2031)

Dependency updates

• Upgrade to Jackson 2.12.3
• Update jetty9.version to v9.4.42.v20210604 (#1946, #2001)
• Update dependency org.eclipse.jetty:jetty-bom to v10.0.5 (#1950, #2002, #2013)
• Update dependency org.eclipse.jetty:jetty-bom to v11.0.5 (#1951, #2004, #2014)
• Bump jdbi3-core from 3.20.0 to 3.20.1 (#2005)
• Bump assertj-core from 3.20.0 to 3.20.1 (#2026, #2032)
• Bump ehcache from 3.9.3 to 3.9.4 (#1949)
• Bump jcstress-core from 0.11 to 0.12 (#2000)
• Bump mockito-core from 3.11.0 to 3.11.1 (#1987, #2015)
• Update dependency org.checkerframework:checker-qual to v3.14.0 (#1985)
• Update dependency org.openjdk.jcstress:jcstress-core to v0.13 (#1996, #2027)
• Update jmh.version to v1.32 (#1959)
• Update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.3.0 (#1955)
• Bump actions/stale from 3.0.18 to 3.0.19 (#1947)
• Update actions/cache action to v2.1.6 (#1962)

Assorted

• Explicitly declare all dependencies of sub-modules (#1968)

v4.2.0

Highlights

• Add settable gauges via SettableGauge (#1607, #1812)
• Implement LockFreeExponentiallyDecayingReservoir (#1656, #1638)
• Add ThreadPoolExecutor and ForkJoinPool metrics to InstrumentedExecutorService (#1535, #1928)
• Avoid queuing up report tasks in ScheduledReporter (#1590, #1524)

New and updated modules

• Add support for Eclipse Jersey 3.x (#1720, #1744, #1893)
• Add support for Jetty 10.x and 11.x (#1724, #1763, #1764, #1836, #1837)
• Add support for Jakarta EE jakarta.servlet namespace (#1730)
• Add support for Caffeine 3.x (#1759, #1818, #1907)
• Upgrade to Jackson 2.12.x (#1593, #1715, #1737, #1782, #1867)
• Upgrade to Jdbi 3.20.0 (#1855, #1883)

Pre-releases

Please refer to the release notes of the Dropwizard 4.2.0 pre-release versions for more detailed change logs:

• https://github.com/dropwizard/metrics/releases/tag/v4.2.0-beta.1
• https://github.com/dropwizard/metrics/releases/tag/v4.2.0-beta.2

... (truncated)

Commits

• 5e79bda [maven-release-plugin] prepare release v4.2.1
• 9120c15 Bump assertj-core from 3.20.0 to 3.20.1 (#2032)
• 0fb0b3e Merge branch 'release/4.1.x' into release/4.2.x
• a993f39 JMXReporter may create invalid ObjectNames (#2031)
• 3ac20d3 JMXReporter may create invalid ObjectNames (#2031)
• af26397 Update dependency org.openjdk.jcstress:jcstress-core to v0.13 (#2027)
• 383ba04 Update dependency org.assertj:assertj-core to v3.20.0 (#2026)
• df27b03 Update dependency org.openjdk.jcstress:jcstress-core to v0.13 (#2025)
• f5600d1 Update dependency org.assertj:assertj-core to v3.20.0 (#2024)
• 1689551 Bump jetty-bom from 11.0.4 to 11.0.5 (#2014)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

Superseded by #301.