Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the root-gradle-deps group with 13 updates #1562

Closed
wants to merge 1 commit into from
Closed

Bump the root-gradle-deps group with 13 updates #1562

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 30, 2024
edited
Loading

Bumps the root-gradle-deps group with 13 updates:

Package From To
com.github.ben-manes.versions 0.50.0 0.51.0
com.amazonaws:aws-java-sdk-bom 1.12.626 1.12.647
org.mockito:mockito-core 5.8.0 5.10.0
org.assertj:assertj-core 3.24.2 3.25.2
com.diffplug.spotless 6.23.3 6.25.0
io.grpc:grpc-api 1.60.1 1.61.0
io.grpc:grpc-netty-shaded 1.60.1 1.61.0
io.opentracing.brave:brave-opentracing 1.0.0 1.0.1
io.zipkin.zipkin2:zipkin 2.25.2 3.0.5
io.zipkin.reporter2:zipkin-sender-okhttp3 2.17.1 3.2.1
io.zipkin.brave:brave 5.17.0 6.0.0
software.amazon.awssdk:s3 2.22.6 2.23.13
org.slf4j:slf4j-simple 2.0.9 2.0.11

Updates com.github.ben-manes.versions from 0.50.0 to 0.51.0

Updates com.amazonaws:aws-java-sdk-bom from 1.12.626 to 1.12.647

Changelog

Sourced from com.amazonaws:aws-java-sdk-bom's changelog.

1.12.647 2024-01-29

Amazon Comprehend

  • Features

    • Comprehend PII analysis now supports Spanish input documents.

Amazon Elastic Compute Cloud

  • Features

    • EC2 Fleet customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type.

Amazon Import/Export Snowball

  • Features

    • Modified description of createaddress to include direction to add path when providing a JSON file.

Amazon Relational Database Service

  • Features

    • Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods. This provides enhanced error handling, ensuring a more robust experience.

AmazonMWAA

  • Features

    • This release adds MAINTENANCE environment status for Amazon MWAA environments.

Auto Scaling

  • Features

    • EC2 Auto Scaling customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type.

1.12.646 2024-01-26

Amazon Connect Service

  • Features

    • Update list and string length limits for predefined attributes.

Amazon SageMaker Service

  • Features

    • Amazon SageMaker Automatic Model Tuning now provides an API to programmatically delete tuning jobs.

Inspector2

  • Features

    • This release adds ECR container image scanning based on their lastRecordedPullTime.

1.12.645 2024-01-25

AWS Certificate Manager Private Certificate Authority

  • Features

    • AWS Private CA now supports an option to omit the CDP extension from issued certificates, when CRL revocation is enabled.

Amazon Lightsail

  • Features

    • This release adds support for IPv6-only instance plans.

1.12.644 2024-01-24

AWS Outposts

  • Features

... (truncated)

Commits
  • 146df82 AWS SDK for Java 1.12.647
  • ac81a60 Update GitHub version number to 1.12.647-SNAPSHOT
  • fb55cc1 AWS SDK for Java 1.12.646
  • f53043c Update GitHub version number to 1.12.646-SNAPSHOT
  • 3e3c9f4 AWS SDK for Java 1.12.645
  • 29d9b91 Update GitHub version number to 1.12.645-SNAPSHOT
  • dbd754b AWS SDK for Java 1.12.644
  • 831caf9 Update GitHub version number to 1.12.644-SNAPSHOT
  • c2503f7 AWS SDK for Java 1.12.643
  • 19d55da Update GitHub version number to 1.12.643-SNAPSHOT
  • Additional commits viewable in compare view

Updates org.mockito:mockito-core from 5.8.0 to 5.10.0

Release notes

Sourced from org.mockito:mockito-core's releases.

v5.10.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.10.0

v5.9.0

What's Changed

New Contributors

Full Changelog: mockito/mockito@v5.8.0...v5.9.0

Commits
  • 7e1bae8 Bump org.shipkit:shipkit-auto-version from 1.2.2 to 2.0.2 (#3248)
  • cf89d49 Bump org.assertj:assertj-core from 3.25.1 to 3.25.2 (#3247)
  • cc2ca36 Bump org.shipkit:shipkit-changelog from 1.2.0 to 2.0.1 (#3245)
  • ed01de6 Bump com.diffplug.spotless from 6.24.0 to 6.25.0 (#3244)
  • ef3dc8f Improve typing for PluginLoader#loadPlugin(..) (#3242)
  • 33dc48c Bump com.github.ben-manes.versions from 0.50.0 to 0.51.0 (#3241)
  • 9173522 Add support for static mocks on DoNotMockEnforcer (#3220)
  • a021436 Bump com.diffplug.spotless from 6.23.3 to 6.24.0 (#3236)
  • e4fa639 Align Javadoc configuration to Java 21 standards (#3230)
  • 71e2fdb Bump org.gradle.toolchains.foojay-resolver-convention (#3234)
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.24.2 to 3.25.2

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.25.2

🐛 Bug Fixes

  • Fix unresolvable Javadoc stylesheet URLs, simplify configuration #3324

Core

  • Fix missing configuration for MatcherAssert soft assertions
  • Make deprecation notice visible in AbstractAssert#asList #3327
  • Recursive comparison uses equals on root object when useOverriddenEquals is enabled #3320
  • satisfiesExactlyInAnyOrder fails if actual overrides equals #3339
  • Avoid calling actual.hashCode() and expected.hashCode() in DualValue #3340
  • Recursive comparison checks for existence of fields in types that parameterize nested unordered iterables #3332

🔨 Dependency Upgrades

  • Upgrade to EqualsVerifier 3.15.6 #3329
  • Upgrade to Maven Surefire Plugin 3.2.5 #3328
  • Upgrade to Spotless Maven Plugin 2.43.0 #3345

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​manusa @​davidboden

v3.25.1

🧩 Binary Compatibility

The release is:

  • Binary compatible with the previous minor version.
  • Binary incompatible with the previous patch version.

🐛 Bug Fixes

Core

  • Revert "Provide value when assertThatThrownBy/thenThrownBy fail" #3318
  • Revert "fix: containsExactly does not work properly with maps not using equals to compare keys" #3321

v3.25.0

🚫 Deprecated

Core

  • Deprecate the following date/time related assertions in favor of isCloseTo:
    • isEqualToIgnoringHours
    • isEqualToIgnoringMinutes
    • isEqualToIgnoringSeconds
    • isEqualToIgnoringMillis

... (truncated)

Commits
  • 96ef63e [maven-release-plugin] prepare release assertj-build-3.25.2
  • abdb210 chore(deps): bump com.diffplug.spotless:spotless-maven-plugin from 2.41.1 to ...
  • 3132090 Recursive comparison: only check the compared fields existence at the root le...
  • e9ebcc2 DualValue hash code is not computed properly because it calls actual.hashCode...
  • d51cfd9 Remove elements by reference in assertSatisfiesExactlyInAnyOrder
  • 7f786bd The recursive comparison should never use equals on root objects since it def...
  • e0f4542 chore(deps-dev): bump nl.jqno.equalsverifier:equalsverifier from 3.15.5 to 3....
  • 19b9b3d chore(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 t...
  • 470c1ec doc: deprecation notice visible in AbstractAssert#asList (#3327)
  • 0521edf Fix missing configuration for MatcherAssert soft assertions
  • Additional commits viewable in compare view

Updates com.diffplug.spotless from 6.23.3 to 6.25.0

Updates io.grpc:grpc-api from 1.60.1 to 1.61.0

Release notes

Sourced from io.grpc:grpc-api's releases.

v1.61.0

API Changes

  • Remove unused experimental API ManagedChannelBuilder.enableFullStreamDecompression (#10744)
  • api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

  • binder: Experimental support for asynchronous security policies (#10566)

Improvements

  • core: reduce CompositeReadableBuffer allocation (#3279)
  • core: Improve error message clarity when a channel leak is detected (201893f5e)
  • util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin.
  • xds: Implement ADS stream flow control mechanism (#10674). This limits the maximum memory consumed if the control plane sends updates more rapidly than they can be processed.

Bug Fixes

  • core: Check outbound maximum message size for the compressed size in addition to the already-checked uncompressed size (#10739). Fixed the status code to be RESOURCE_EXHAUSTED instead of UNKNOWN.
  • util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
  • util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests.
  • okhttp: Ignore known conscrypt socket close issue (#10812). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

Dependencies

  • Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5.
  • Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes "leaked" into the compile classpath. In particular, grpc-core (io.grpc.internal) will be less frequently included transitively at compile time.
  • Upgrade dependencies (c985797d9)
    • Protobuf to 3.25.1
    • auto-value-annotations to 1.10.4
    • error_prone_annotations to 2.23.0
    • proto-google-common-protos to 2.29.0
    • google-cloud-logging to 3.15.14
    • guava to 32.1.3-android
    • okio to 3.4.0

Acknowledgements

Commits
  • f06abeb Bump version to 1.61.0
  • 7700510 Update README protoc references to 3.25.1
  • c639b81 Update README etc to reference 1.61.0
  • 5606081 fix flaky xds test due to verification race (#10798) (#10808)
  • 2531563 okhttp: Ignore known conscrypt socket close issue (#10811) (#10812)
  • 5b082ca Do not cache failed futures for async security policies indefinitely. (#10743)
  • 062f7a2 README.md: Correct gradle protobuf reference from 3.22.3 to 3.24.0 (#10772)
  • 597101c xds: fix flow control message not delivered when previous message type is unk...
  • 0f21574 core: reduce CompositeReadableBuffer allocation (#3279)
  • 846e008 xds: Revert xds flow control change. (#10784)
  • Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.60.1 to 1.61.0

Release notes

Sourced from io.grpc:grpc-netty-shaded's releases.

v1.61.0

API Changes

  • Remove unused experimental API ManagedChannelBuilder.enableFullStreamDecompression (#10744)
  • api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

  • binder: Experimental support for asynchronous security policies (#10566)

Improvements

  • core: reduce CompositeReadableBuffer allocation (#3279)
  • core: Improve error message clarity when a channel leak is detected (201893f5e)
  • util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin.
  • xds: Implement ADS stream flow control mechanism (#10674). This limits the maximum memory consumed if the control plane sends updates more rapidly than they can be processed.

Bug Fixes

  • core: Check outbound maximum message size for the compressed size in addition to the already-checked uncompressed size (#10739). Fixed the status code to be RESOURCE_EXHAUSTED instead of UNKNOWN.
  • util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
  • util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests.
  • okhttp: Ignore known conscrypt socket close issue (#10812). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

Dependencies

  • Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5.
  • Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes "leaked" into the compile classpath. In particular, grpc-core (io.grpc.internal) will be less frequently included transitively at compile time.
  • Upgrade dependencies (c985797d9)
    • Protobuf to 3.25.1
    • auto-value-annotations to 1.10.4
    • error_prone_annotations to 2.23.0
    • proto-google-common-protos to 2.29.0
    • google-cloud-logging to 3.15.14
    • guava to 32.1.3-android
    • okio to 3.4.0

Acknowledgements

Commits
  • f06abeb Bump version to 1.61.0
  • 7700510 Update README protoc references to 3.25.1
  • c639b81 Update README etc to reference 1.61.0
  • 5606081 fix flaky xds test due to verification race (#10798) (#10808)
  • 2531563 okhttp: Ignore known conscrypt socket close issue (#10811) (#10812)
  • 5b082ca Do not cache failed futures for async security policies indefinitely. (#10743)
  • 062f7a2 README.md: Correct gradle protobuf reference from 3.22.3 to 3.24.0 (#10772)
  • 597101c xds: fix flow control message not delivered when previous message type is unk...
  • 0f21574 core: reduce CompositeReadableBuffer allocation (#3279)
  • 846e008 xds: Revert xds flow control change. (#10784)
  • Additional commits viewable in compare view

Updates io.opentracing.brave:brave-opentracing from 1.0.0 to 1.0.1

Commits

Updates io.zipkin.zipkin2:zipkin from 2.25.2 to 3.0.5

Release notes

Sourced from io.zipkin.zipkin2:zipkin's releases.

Zipkin 3.0.5 cleans up CVEs and supports Eureka authentication. We also allow those testing with Cassandra to disable SSL hostname verification. While this is a point version, quite a lot of work went into this. Please thank volunteers involved on gitter or otherwise!

Dependency updates

Most notably, this updates our docker image to use JRE 21.0.2_p13, and all recent java libraries. We audited the UI and were able to fix all CVEs identified by Trivy and used at runtime, with special thanks to @​anuraaga on this. We also test with latest Elasticsearch 8.12.0, now. This was trickier than usual due to a JRE compatibility issue @​reta discovered a workaround for, and will be resolved when ES 8.12.1 is out. Rag and Andriy made themselves available and are the reason this release is all polished.

Eureka authentication

Zipkin 2.27 added Eureka discovery support, but we missed a spot. Eureka supports BASIC authentication via user info embedded in the service url. e.g. http://user:password@localhost:8761/eureka/v2. This is also handled the same way in spring-cloud-netflix. By also allowing url-embedded credentials, folks can use the same properties with zipkin as they do elsewhere.

To achieve this, and test it fully, we updated the following:

  • Our test eureka server image, ghcr.io/openzipkin/zipkin-eureka, to require authentication via EUREKA_USERNAME and EUREKA_PASSWORD
  • Our test armeria client image, ghcr.io/openzipkin/brave-example:armeria, to pass embedded credentials when looking up zipkin via EUREKA_SERVICE_URL
  • Our main code (applicable to all zipkin packaging) to use embedded credentials when registering via EUREKA_SERVICE_URL
  • Our docker-compose example to suggest how you can try the whole thing integrated.

Thanks for your patience with supporting this option, we hope you can tell that doing it right was a lot of work, and why we didn't just "wing it" earlier!

Disabling Cassandra hostname verification

Cassandra includes a setting for disabling hostname validation when using SSL, which is helpful for self-signed certificates. Thanks to @​priyavivek2307 and @​ankit-gautam23 for review, you can disable this now, by setting the env CASSANDRA_SSL_HOSTNAME_VALIDATION=false

Full Changelog: https://github.com/openzipkin/zipkin/compare/3.0.4..3.0.5

Zipkin 3.0.4 fixes a packaging bug which caused the UI to not load. Thanks @​jinyulei0710 for reporting!

Zipkin 3.0.3 updates its self-tracing to use the latest zipkin-reporter 3.2.1. It also enhances the Eureka example to include client tracing with Armeria services support.

Zipkin 3.0.2 removes a log warning from console output.

You may also be interested in the new homebrew formula. On mac or linux, you can now try zipkin via brew install zipkin

Zipkin 3.0 updates to Spring Boot 3 and floor JRE 17. The core library io.zipkin.zipkin2:zipkin now targets Java 8. This is a major version change for these reasons.

Apart from raising the server's Java target to 17, actual changes for Spring Boot 3 were a breeze. Upgrade breeze is not by accident, rather thanks to conscious thinking by the Spring Boot team. Please thank them for the good work!

On Java version changes

Recent releases of Zipkin use JRE 21 in docker images, as that's the latest LTS. The server now requires JRE 17 because that's the minimal Java target allowed by Spring Boot 3. JDK 17 no longer supports compilation below Java 8, which impacted our version range. The next notes cover impacts on the core library.

io.zipkin.zipkin2:zipkin now targets Java 8, formerly Java 6. Libraries who need to retain Java 6 or old Android versions should stay on 2.x or move to latest zipkin-reporter-brave which still supports Java 6. This should not impact many because known libraries that depend on zipkin require Java 8 or later.

Again, Zipkin Reporter 3 and Brave 6 no longer have a strict dependency on io.zipkin.zipkin2:zipkin so, still support Java 6.

Notable updates

As this is a major version update, we updated all server extensions we maintain, including:

... (truncated)

Commits
  • 6c1857e [maven-release-plugin] prepare release 3.0.5
  • 56d68cc deps: fixes to easy lens CVEs (#3705)
  • f18696e deps: bumps to latest library versions, notably slf4j (#3704)
  • 183faf7 docker: updates notably to JRE 21.0.2_p13 (#3702)
  • 899170c cassandra: adds CASSANDRA_SSL_HOSTNAME_VALIDATION (#3701)
  • 41b4a37 eureka: supports credentials in EUREKA_SERVICE_URL (#3700)
  • 10e0458 docker: changes to direct auth filter in zipkin-eureka test image (#3699)
  • 5ff651f docker: require auth for Eureka on EUREKA_USERNAME (#3698)
  • 13e46f8 [maven-release-plugin] prepare for next development iteration
  • 1b89798 [maven-release-plugin] prepare release 3.0.4
  • Additional commits viewable in compare view

Updates io.zipkin.reporter2:zipkin-sender-okhttp3 from 2.17.1 to 3.2.1

Release notes

Sourced from io.zipkin.reporter2:zipkin-sender-okhttp3's releases.

Zipkin Reporter 3.2 deprecates Sender for a simpler type BytesMessageSender. This only supports synchronous invocation (as used by the async reporters in the reporting thread) and requires senders to pass an empty list vs a complicated and usually implemented check() function. The result is being able to implement a custom sender in less than 50 lines including imports like below! Thank a lot to @​anuraaga and @​reta for the review on this.

package brave.example;
import com.linecorp.armeria.client.WebClient;
import com.linecorp.armeria.common.AggregatedHttpResponse;
import com.linecorp.armeria.common.HttpData;
import com.linecorp.armeria.common.HttpMethod;
import com.linecorp.armeria.common.HttpRequest;
import com.linecorp.armeria.common.MediaType;
import java.io.IOException;
import java.util.List;
import zipkin2.reporter.BytesMessageEncoder;
import zipkin2.reporter.BytesMessageSender;
import zipkin2.reporter.ClosedSenderException;
import zipkin2.reporter.Encoding;
final class WebClientSender extends BytesMessageSender.Base {
final WebClient zipkinApiV2SpansClient;
volatile boolean closeCalled; // volatile as not called from the reporting thread.
WebClientSender(WebClient zipkinApiV2SpansClient) {
super(Encoding.JSON);
this.zipkinApiV2SpansClient = zipkinApiV2SpansClient;
}
@Override public int messageMaxBytes() {
return 500_000; // Use the most common HTTP default
}
@Override public void send(List<byte[]> encodedSpans) throws IOException {
if (closeCalled) throw new ClosedSenderException();
byte[] body = BytesMessageEncoder.JSON.encode(encodedSpans);
HttpRequest request =
HttpRequest.of(HttpMethod.POST, "", MediaType.JSON, HttpData.wrap(body));
AggregatedHttpResponse response = zipkinApiV2SpansClient.blocking().execute(request);
try (HttpData content = response.content()) {
if (!response.status().isSuccess()) {
if (content.isEmpty()) {
throw new IOException("response failed: " + response);
}
throw new IOException("response failed: " + content.toStringAscii());
}
}
}
@Override public void close() {
closeCalled = true;
}
</tr></table>

... (truncated)

Commits
  • 457009d [maven-release-plugin] prepare release 3.2.1
  • 6e992f9 Adds deprecated functions for old Sender (#246)
  • ee8c0f1 [maven-release-plugin] prepare for next development iteration
  • e772cee [maven-release-plugin] prepare release 3.2.0
  • 22b0e37 Deprecates Sender for much simpler BytesMessageSender (#244)
  • 2dbac71 docker: polishes integration tests (#243)
  • d97c014 bumps to brave 6 and warns about zipkin dep version (#242)
  • 35db29b [maven-release-plugin] prepare for next development iteration
  • 9508452 [maven-release-plugin] prepare release 3.1.1
  • 9c666c4 ci: deploys bom separately to allow re-do on partial failure (#241)
  • Additional commits viewable in compare view

Updates io.zipkin.brave:brave from 5.17.0 to 6.0.0

Release notes

Sourced from io.zipkin.brave:brave's releases.

Brave 6 removes all modules and functions deprecated in Brave 5.x. It no longer has any dependency on io.zipkin.zipkin2:zipkin. Special thanks to @​reta and @​anuraaga for a lot of review support leading to this release!

No more deprecated functions

The final release of Brave 5 with deprecated functions was 5.18.1. Removing these functions was the only way to decouple Brave from zipkin's core library (io.zipkin.zipkin2:zipkin). However, this does not change Brave's floor Java 6 support. We still integration test this via the brave-example repository.

Here's an example of a working Java 6 and Spring 2.5 application, which is 280KB smaller due to use of the lean combination of Brave 6 and Zipkin Reporter 3.x:

# brave 5.18.1
3860    target/brave-example-webmvc25-1.0-SNAPSHOT.war
# brave 6.0.0
3580    target/brave-example-webmvc25-1.0-SNAPSHOT.war

No more io.zipkin.reporter2:zipkin-reporter or io.zipkin.zipkin2:zipkin dependencies

io.zipkin.brave:brave-bom used to manage zipkin-reporter dependencies. Since Brave no longer has dependencies on zipkin, it no longer manages them.

This impact is that users will need to manage their own versions for zipkin-reporter, likely via io.zipkin.reporter2:zipkin-reporter-bom described in the zipkin-reporter README.

To fully remove a zipkin core library dependency from your traced applications, use io.zipkin.reporter2:zipkin-reporter-brave 3.x AsyncZipkinSpanHandler. This is described in the zipkin-reporter README. You can expect currently maintained frameworks to do this on your behalf.

Thanks for your patience with the major upgrade. Things like this allow easier maintenance and a longer life for Brave, particularly as zipkin-server moves ahead with later Java versions.

Full Changelog: https://github.com/openzipkin/brave/compare/5.17.1..5.18.1

Brave 5.18 prepares for Brave 6 by deprecating instrumentation for libraries not released in 1.5-3.5 years including:

  • context/rxjava2 - last released Feb 2021
    • replaced by RxJava3, but unlikely this module will be ported as it wasn't used widely.
  • instrumentation/dubbo-rpc - (alibaba) last released Dec 2021
    • replaced by Apache Dubbo instrumentation/dubbo
  • instrumentation/p6spy - last released July 2020
    • project dormant
  • instrumentation/sparkjava - last released July 2022
    • project dormant

A minor change is we changed the artifact we use to test MySQL 8 to com.mysql:mysql-connector-j (instead of mysql:mysql-connector-java), to ensure we validate against current versions. Thanks @​m1ngyuan for the help on this.

Full Changelog: https://github.com/openzipkin/brave/compare/5.17.1..5.18.1

Brave 5.17.1

Brave v5.17.1 fixes a bug where the jars that should be at Java 1.6 or 1.7 bytecode were not.

Full Changelog: https://github.com/openzipkin/brave/compare/5.17.0..5.17.1

Commits
  • 6aa32a2 [maven-release-plugin] prepare release 6.0.0
  • f57f544 kafka-streams: cleans up after deprecation removal (#1404)
  • 5a81bf3 Docs: adds note about explicit reporter dependencies (#1402)
  • cf8dbf9 Revert "Temporarily revert brave 6 change"
  • 39b76ff [maven-release-plugin] prepare for next development iteration
  • a50e658 [maven-release-plugin] prepare release 5.18.1
  • 67b6013 deps: reverts to zipkin-reporter 2.x (#1403)
  • 5c977a2 Temporarily revert brave 6 change
  • f99265d bump to 6.0.0-SNAPSHOT
  • 44e4081 Removes all deprecated types and modules for Brave v6 (#1395)
  • Additional commits viewable in compare view

Updates software.amazon.awssdk:s3 from 2.22.6 to 2.23.13

Updates org.slf4j:slf4j-simple from 2.0.9 to 2.0.11

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the root-gradle-deps group with 13 updates
fffcd1c 
Bumps the root-gradle-deps group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| com.github.ben-manes.versions | `0.50.0` | `0.51.0` |
| [com.amazonaws:aws-java-sdk-bom](https://github.com/aws/aws-sdk-java) | `1.12.626` | `1.12.647` |
| [org.mockito:mockito-core](https://github.com/mockito/mockito) | `5.8.0` | `5.10.0` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.24.2` | `3.25.2` |
| com.diffplug.spotless | `6.23.3` | `6.25.0` |
| [io.grpc:grpc-api](https://github.com/grpc/grpc-java) | `1.60.1` | `1.61.0` |
| [io.grpc:grpc-netty-shaded](https://github.com/grpc/grpc-java) | `1.60.1` | `1.61.0` |
| [io.opentracing.brave:brave-opentracing](https://github.com/openzipkin-contrib/opentracing-brave) | `1.0.0` | `1.0.1` |
| [io.zipkin.zipkin2:zipkin](https://github.com/openzipkin/zipkin) | `2.25.2` | `3.0.5` |
| [io.zipkin.reporter2:zipkin-sender-okhttp3](https://github.com/openzipkin/zipkin-reporter-java) | `2.17.1` | `3.2.1` |
| [io.zipkin.brave:brave](https://github.com/openzipkin/brave) | `5.17.0` | `6.0.0` |
| software.amazon.awssdk:s3 | `2.22.6` | `2.23.13` |
| org.slf4j:slf4j-simple | `2.0.9` | `2.0.11` |


Updates `com.github.ben-manes.versions` from 0.50.0 to 0.51.0

Updates `com.amazonaws:aws-java-sdk-bom` from 1.12.626 to 1.12.647
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](aws/aws-sdk-java@1.12.626...1.12.647)

Updates `org.mockito:mockito-core` from 5.8.0 to 5.10.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.8.0...v5.10.0)

Updates `org.assertj:assertj-core` from 3.24.2 to 3.25.2
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.24.2...assertj-build-3.25.2)

Updates `com.diffplug.spotless` from 6.23.3 to 6.25.0

Updates `io.grpc:grpc-api` from 1.60.1 to 1.61.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.60.1...v1.61.0)

Updates `io.grpc:grpc-netty-shaded` from 1.60.1 to 1.61.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.60.1...v1.61.0)

Updates `io.opentracing.brave:brave-opentracing` from 1.0.0 to 1.0.1
- [Commits](https://github.com/openzipkin-contrib/opentracing-brave/commits)

Updates `io.zipkin.zipkin2:zipkin` from 2.25.2 to 3.0.5
- [Release notes](https://github.com/openzipkin/zipkin/releases)
- [Changelog](https://github.com/openzipkin/zipkin/blob/master/RELEASE.md)
- [Commits](openzipkin/zipkin@2.25.2...3.0.5)

Updates `io.zipkin.reporter2:zipkin-sender-okhttp3` from 2.17.1 to 3.2.1
- [Release notes](https://github.com/openzipkin/zipkin-reporter-java/releases)
- [Changelog](https://github.com/openzipkin/zipkin-reporter-java/blob/master/RELEASE.md)
- [Commits](openzipkin/zipkin-reporter-java@2.17.1...3.2.1)

Updates `io.zipkin.brave:brave` from 5.17.0 to 6.0.0
- [Release notes](https://github.com/openzipkin/brave/releases)
- [Changelog](https://github.com/openzipkin/brave/blob/master/RELEASE.md)
- [Commits](openzipkin/brave@5.17.0...6.0.0)

Updates `software.amazon.awssdk:s3` from 2.22.6 to 2.23.13

Updates `org.slf4j:slf4j-simple` from 2.0.9 to 2.0.11

---
updated-dependencies:
- dependency-name: com.github.ben-manes.versions
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: com.amazonaws:aws-java-sdk-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: com.diffplug.spotless
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.grpc:grpc-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.grpc:grpc-netty-shaded
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: io.opentracing.brave:brave-opentracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
- dependency-name: io.zipkin.zipkin2:zipkin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: root-gradle-deps
- dependency-name: io.zipkin.reporter2:zipkin-sender-okhttp3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: root-gradle-deps
- dependency-name: io.zipkin.brave:brave
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: root-gradle-deps
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: root-gradle-deps
- dependency-name: org.slf4j:slf4j-simple
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: root-gradle-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner January 30, 2024 05:36
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jan 30, 2024
@dependabot dependabot bot mentioned this pull request Jan 30, 2024
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 6, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Feb 6, 2024
@dependabot dependabot bot deleted the dependabot/gradle/root-gradle-deps-91bd88cba3 branch February 6, 2024 05:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants