Bump the java group in /java with 9 updates

[dependabot]

Bumps the java group in /java with 9 updates:

Package	From	To
org.assertj:assertj-core	3.25.1	3.25.3
org.apache.maven.plugins:maven-surefire-plugin	3.2.3	3.2.5
org.apache.maven.plugins:maven-gpg-plugin	3.1.0	3.2.0
com.google.protobuf:protobuf-java	3.25.1	3.25.3
com.google.protobuf:protobuf-java-util	3.25.1	3.25.3
com.google.protobuf:protobuf-java-util	3.25.1	3.25.3
org.apache.maven.plugins:maven-shade-plugin	3.5.1	3.5.2
io.grpc:grpc-bom	1.60.1	1.62.2
com.google.api.grpc:proto-google-common-protos	2.30.0	2.36.0
org.codehaus.mojo:exec-maven-plugin	3.1.1	3.2.0

Updates org.assertj:assertj-core from 3.25.1 to 3.25.3

Release notes

Sourced from org.assertj:assertj-core's releases.

v.3.25.3

🐛 Bug Fixes

• Lock maven-clean-plugin version for all modules

Core

• Fix a performance regression in the recursive comparison related to FieldLocation #3350
• Don't fail when the recursive comparison checks compared fields in collection elements #3349 (proper fix: #3354)

🔨 Dependency Upgrades

• Upgrade to Flatten Maven Plugin 1.6.0 #3335
• Upgrade to Groovy 4.0.18 #3347
• Upgrade to Hibernate Core 6.4.2.Final #3338
• Upgrade to Maven Surefire Report Plugin 3.2.5 #3330
• Upgrade to PITest Maven 1.15.6 #3348
• Upgrade to SpotBugs Maven Plugin 4.8.3.0 #3336
• Upgrade to advanced-security/maven-dependency-submission-action to 4 #3346

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​ash211

v3.25.2

🐛 Bug Fixes

• Fix unresolvable Javadoc stylesheet URLs, simplify configuration #3324

Core

• Fix missing configuration for MatcherAssert soft assertions
• Make deprecation notice visible in AbstractAssert#asList #3327
• Recursive comparison uses equals on root object when useOverriddenEquals is enabled #3320
• satisfiesExactlyInAnyOrder fails if actual overrides equals #3339
• Avoid calling actual.hashCode() and expected.hashCode() in DualValue #3340
• Recursive comparison checks for existence of fields in types that parameterize nested unordered iterables #3332

🔨 Dependency Upgrades

• Upgrade to EqualsVerifier 3.15.6 #3329
• Upgrade to Maven Surefire Plugin 3.2.5 #3328
• Upgrade to Spotless Maven Plugin 2.43.0 #3345

❤️ Contributors

Thanks to all the contributors who worked on this release:

... (truncated)

Commits

• cd72df8 [maven-release-plugin] prepare release assertj-build-3.25.3
• c9b3177 fix: missing license
• ae62aca Ignore containers when checking compared fields existence in the recursive co...
• bad16ef chore(deps-dev): bump org.hibernate.orm:hibernate-core from 6.4.2.Final to 6....
• c794057 Fix a performance regression in the recursive comparison related to FieldLoca...
• 9ecb7f4 Lock maven-clean-plugin version for all modules
• d42d40c chore(deps): bump org.pitest:pitest-maven from 1.15.3 to 1.15.6 (#3348)
• 5b32492 chore(deps): bump org.apache.maven.plugins:maven-surefire-report-plugin from ...
• e27cc02 chore(deps): bump org.codehaus.mojo:flatten-maven-plugin from 1.5.0 to 1.6.0 ...
• 9771091 chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.2.0 to 4...
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.2.5

JIRA link

Release Notes - Maven Surefire - Version 3.2.5

---

What's Changed

• Bump org.htmlunit:htmlunit from 3.8.0 to 3.9.0 by @​dependabot in apache/maven-surefire#695
• Bump org.fusesource.jansi:jansi from 2.4.0 to 2.4.1 by @​dependabot in apache/maven-surefire#684
• Bump doxiaVersion from 1.11.1 to 1.12.0 by @​dependabot in apache/maven-surefire#609
• [SUREFIRE-2221] Document minimum supported Java version for Toolchains by @​sbernard31 in apache/maven-surefire#701
• [SUREFIRE-2224] StatelessXmlReporter#getTestProblems() does not properly reflect report schema structure by @​michael-o in apache/maven-surefire#702
• [SUREFIRE-2223] Surefire evaluates parameter jvm before skip by @​michael-o in apache/maven-surefire#703
• Use uppercase convention for enum member names by @​michael-o in apache/maven-surefire#704
• [SUREFIRE-2225] Surefire ITs fail when project directory contains space by @​michael-o in apache/maven-surefire#705
• Run CI tests also with Java 21 by @​slachiewicz in apache/maven-surefire#707
• Bump org.apache.maven.wagon:wagon-http-lightweight from 3.5.1 to 3.5.3 by @​dependabot in apache/maven-surefire#699
• Bump org.htmlunit:htmlunit from 3.8.0 to 3.9.0 in /maven-failsafe-plugin/src/it/jetty-war-test-failing by @​dependabot in apache/maven-surefire#694
• Bump org.htmlunit:htmlunit from 3.8.0 to 3.9.0 in /maven-failsafe-plugin/src/it/jetty-war-test-passing by @​dependabot in apache/maven-surefire#693
• Bump commons-io:commons-io from 2.15.0 to 2.15.1 by @​dependabot in apache/maven-surefire#712
• Bump net.java.dev.javacc:javacc from 7.0.12 to 7.0.13 by @​dependabot in apache/maven-surefire#711
• Bump org.apache.maven.plugins:maven-docck-plugin from 1.1 to 1.2 by @​dependabot in apache/maven-surefire#713
• [SUREFIRE-2231] JaCoCo 0.8.11 fails with old TestNG releases on Java 17+ by @​michael-o in apache/maven-surefire#710
• Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 by @​dependabot in apache/maven-surefire#714
• Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 by @​dependabot in apache/maven-surefire#715

... (truncated)

Commits

• 4b3a271 [maven-release-plugin] prepare release surefire-3.2.5
• eb3f1d9 Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0
• 430c406 Bump org.assertj:assertj-core from 3.24.2 to 3.25.1
• 2d92f2d [SUREFIRE-2231] JaCoCo 0.8.11 fails with old TestNG releases on Java 17+
• 3290740 Bump org.apache.maven.plugins:maven-docck-plugin from 1.1 to 1.2
• 25a9776 Bump net.java.dev.javacc:javacc from 7.0.12 to 7.0.13
• 7752f7e Bump commons-io:commons-io from 2.15.0 to 2.15.1
• 8874add Revert "Bump jacocoVersion from 0.8.8 to 0.8.11"
• c0f7755 Fix formatting
• e5f4545 Bump jacocoVersion from 0.8.8 to 0.8.11
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.0

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.0

Release Notes - Maven GPG Plugin - Version 3.2.0

... (truncated)

Commits

• 4b23da8 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.0
• 56645dd Fix tag template
• 036dfe0 [MGPG-105] [MGPG-108] Make plugin backward compat and update site and doco (#77)
• 0771b61 [MGPG-110] SignAndDeployFileMojo validation is off (#78)
• 23b64f2 [MGPG-99] Make sure newline is added to input stream (#76)
• 9a73f90 [MGPG-105] Make possible backward compatibility (#74)
• 6a94f3a Bump apache/maven-gh-actions-shared from 3 to 4 (#75)
• 6f50819 [MGPG-106] Introduce new signer: BC (#72)
• ea35e2c [MGPG-105] Stop propagating bad practices (#71)
• 6081ad4 [MGPG-107] Settle on JUnit 5 (#70)
• Additional commits viewable in compare view

Updates com.google.protobuf:protobuf-java from 3.25.1 to 3.25.3

Commits

• 4a2aef5 Updating version.json and repo version numbers to: 25.3
• 7c6ba83 Merge pull request #15814 from protocolbuffers/cp-ruby-3.3
• 25b1e81 Update Ruby GHA to test against Ruby 3.3.
• 70e459f Merge pull request #15802 from protocolbuffers/cp-25.x
• 17ec19d Bump python version to 3.9 for gcloud 460.0.0
• 9dc736d [ObjC] Use a local to avoid warnings in 32bit builds.
• 9d1bc10 [CPP] Add the privacy manifest to the C++ CocoaPod.
• cec08dc [ObjC] Add the privacy manifest to the ObjC CocoaPod.
• cf87faa Add PrivacyInfo.xcprivacy (#15557)
• 76d05d4 remove use of mach_absolute_time (#15554)
• Additional commits viewable in compare view

Updates com.google.protobuf:protobuf-java-util from 3.25.1 to 3.25.3

Updates com.google.protobuf:protobuf-java-util from 3.25.1 to 3.25.3

Updates org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2

Commits

• 95e22b4 [maven-release-plugin] prepare release maven-shade-plugin-3.5.2
• d807fea Bump org.vafer:jdependency from 2.9.0 to 2.10
• 6d60841 Bump org.apache.commons:commons-compress from 1.23.0 to 1.25.0
• 68457e5 [MSHADE-468] add system requirements history
• 631371b Add mshade-462 IT
• cb7b10d [MSHADE-462] 3.5.1 not compatible with 3.4.1: The version cannot be empty.
• bd982e7 [MSHADE-420] fix time when read from extra field
• 3692f81 [SHADE-420] create IT: 2 runs with different TZ give different jars
• a5315de [MSHADE-464] Maven 3.6.3 as minimum requirements
• e7077c6 [MSHADE-467] Improved concurrency problem fix
• Additional commits viewable in compare view

Updates io.grpc:grpc-bom from 1.60.1 to 1.62.2

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.62.2

gRPC Java 1.62.2 Release Notes

Note that this is the initial 1.62.x release

API Changes

• services: Remove io.grpc.services.BinaryLogs, which was deprecated since 2021. io.grpc.protobuf.services.BinaryLogs should be used instead (#10832).
• Allow users outside of io.grpc.xds package to create custom xDS resources (#10834) (6d96e6588)

New Features

• api:Add ClientTransportFilter. Similarly to ServerTransportFilter, this will provide an observability hook and it allows direct modification of the transport's attributes. (#10646)

Improvements

• java_grpc_library.bzl: Add support for Auto Exec Groups (cb03bd234). This is mostly a behind-the-scenes change to adjust to the newer way Bazel operates
• java_grpc_library.bzl: Support runfiles for protoc and the plugin (65a6b3bc2). Neither binary uses runfiles, but the task will be ready if they need to in the future
• xds: Add EC key support for XdsChannelCredentials/XdsServerCredentials (100d5a55f)
• binder:Change log level from WARNING to FINER for expected exception during close with error, to reduce log spamming (#10899) (7ba0718bb)

Bug Fixes

• xds: Fix a bug in WeightedRoundRobinLoadBalancer policy that could raise NullPointerException and further cause channel panic when picking a subchannel. This bug can only be triggered when connection can not be established and the channel reports TRANSIENT_FAILURE state. (#10868)

Dependencies

• The protoc plugin no longer supports macOS Big Sur (macOS 11). Binaries are now built using Monterey (macOS 12)

Acknowledgements

• @​joybestourous

v1.61.1

Bug Fixes

xds: Fix a bug in WeightedRoundRobinLoadBalancer policy that could raise NullPointerException and further cause channel panic when picking a subchannel. This bug can only be triggered when connection can not be established and the channel reports TRANSIENT_FAILURE state. (#10868)

v1.61.0

API Changes

• Remove unused experimental API ManagedChannelBuilder.enableFullStreamDecompression (#10744)
• api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

• binder: Experimental support for asynchronous security policies (#10566)

Improvements

• core: reduce CompositeReadableBuffer allocation (#3279)
• core: Improve error message clarity when a channel leak is detected (201893f5e)
• util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin.
• xds: Implement ADS stream flow control mechanism (#10674). This limits the maximum memory consumed if the control plane sends updates more rapidly than they can be processed.

Bug Fixes

• core: Check outbound maximum message size for the compressed size in addition to the already-checked uncompressed size (#10739). Fixed the status code to be RESOURCE_EXHAUSTED instead of UNKNOWN.
• util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
• util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests.
• okhttp: Ignore known conscrypt socket close issue (#10812). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

... (truncated)

Commits

• 3e993a9 Bump version to 1.62.1
• 1da945b Update README etc to reference 1.62.1
• 7089f04 Change GAE interop tests to use java11 runtime (#10933)
• 597f26e Bump version to 1.62.1-SNAPSHOT
• 10eb91f Bump version to 1.62.0
• 28dffe5 Update README etc to reference 1.62.0
• 5ba8b71 util: MultiChildLoadBalance.shutdown() log to FINE (#10935)
• 1795348 Remove semi-circular dependency between core and util
• 95b847e interop-testing: Use separate event loops in RetryTest
• 7ba0718 Change log level from WARNING to FINER for expected exception (#10899)
• Additional commits viewable in compare view

Updates com.google.api.grpc:proto-google-common-protos from 2.30.0 to 2.36.0

Release notes

Sourced from com.google.api.grpc:proto-google-common-protos's releases.

v2.36.0

2.36.0 (2024-02-29)

Features

• check library_name is unique among libraries (#2490) (8123f0b)

Bug Fixes

• cleanup @​BetaApi from Resource Name Builder Methods (#2450) (6e8d098), closes #2099
• Fix watchdog to start with WAITING state (#2468) (dedc40f)
• ignore comment in BUILD (#2492) (6ca20e5)
• remove @​BetaApi from ApiFutures and ApiService (#2454) (f59e717), closes #2098

Dependencies

• grandfathering the dependencies for java-pubsublite and java-bigquery (#2504) (9ceab23)
• update dependency gradle to v7.6.4 (#2474) (607dc59)
• update dependency org.graalvm.sdk:graal-sdk to v22.3.5 (#2475) (2de487b)
• update grpc dependencies to v1.62.2 (#2506) (f438603)

Documentation

• Add contribution guidelines. (#2045) (9939b43)

v2.35.0

2.35.0 (2024-02-13)

Features

• add generate_repo.py (#2431) (47b632a)
• move synthtool templates to library_generation/owlbot (#2443) (5c95472)

Bug Fixes

• Apiary Host returns user set host if set (#2455) (5f17e62)
• Cancel the Timeout Task for HttpJson (#2360) (b177d9e)

Dependencies

• update dependency commons-codec:commons-codec to v1.16.1 (#2473) (8c6e91d)
• update google api dependencies (#2469) (ad4d4e6)
• update google auth library dependencies to v1.23.0 (#2466) (349a5d3)

... (truncated)

Changelog

Sourced from com.google.api.grpc:proto-google-common-protos's changelog.

2.36.0 (2024-02-29)

Features

• check library_name is unique among libraries (#2490) (8123f0b)

Bug Fixes

• cleanup @​BetaApi from Resource Name Builder Methods (#2450) (6e8d098), closes #2099
• Fix watchdog to start with WAITING state (#2468) (dedc40f)
• ignore comment in BUILD (#2492) (6ca20e5)
• remove @​BetaApi from ApiFutures and ApiService (#2454) (f59e717), closes #2098

Dependencies

• grandfathering the dependencies for java-pubsublite and java-bigquery (#2504) (9ceab23)
• update dependency gradle to v7.6.4 (#2474) (607dc59)
• update dependency org.graalvm.sdk:graal-sdk to v22.3.5 (#2475) (2de487b)
• update grpc dependencies to v1.62.2 (#2506) (f438603)

Documentation

• Add contribution guidelines. (#2045) (9939b43)

2.35.0 (2024-02-13)

Features

• add generate_repo.py (#2431) (47b632a)
• move synthtool templates to library_generation/owlbot (#2443) (5c95472)

Bug Fixes

• Apiary Host returns user set host if set (#2455) (5f17e62)
• Cancel the Timeout Task for HttpJson (#2360) (b177d9e)

Dependencies

• update dependency commons-codec:commons-codec to v1.16.1 (#2473) (8c6e91d)
• update google api dependencies (#2469) (ad4d4e6)
• update google auth library dependencies to v1.23.0 (#2466) (349a5d3)
• update google auth library dependencies to v1.23.0 (#2476) (6c9127c)
• update google http client dependencies to v1.44.1 (#2467) (87d1435)

... (truncated)

Commits

• c7e40ff chore(main): release 2.36.0 (#2488)
• 607dc59 deps: update dependency gradle to v7.6.4 (#2474)
• 7564320 build(deps): update dependency com.google.cloud:google-cloud-shared-config to...
• f59e717 fix: remove @​BetaApi from ApiFutures and ApiService (#2454)
• c8d145b test: do not show unnecessary BatcherImplTest logging (#2519)
• 7c09e23 chore: create release cloudbuild yaml for library_generation (#2510)
• 2de487b deps: update dependency org.graalvm.sdk:graal-sdk to v22.3.5 (#2475)
• f438603 deps: update grpc dependencies to v1.62.2 (#2506)
• 9ceab23 deps: grandfathering the dependencies for java-pubsublite and java-bigquery (...
• 7902a41 chore: add docker image for hermetic build scripts (#2493)
• Additional commits viewable in compare view

Updates org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0

Release notes

Sourced from org.codehaus.mojo:exec-maven-plugin's releases.

3.2.0

🚀 New features and improvements

• Enable to exec:java runnables and not only mains with loosely coupled injections (#408) @​rmannibucau
• Try to get rid of legacy API which can break starting with java 17 (#409) @​rmannibucau

🐛 Bug Fixes

• Fix #401 - Maven v4 compatibility (#414) @​slawekjaranowski

📦 Dependency updates

• Bump org.codehaus.mojo:mojo-parent from 78 to 80 (#419) @​dependabot
• Bump commons-io:commons-io from 1.1 to 2.7 in /src/it/projects/setup-parent (#416) @​dependabot
• Bump org.apache.commons:commons-exec from 1.3 to 1.4.0 (#405) @​dependabot
• Bump org.codehaus.mojo:mojo-parent from 77 to 78 (#406) @​dependabot
• Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 (#403) @​dependabot
• Bump org.codehaus.plexus:plexus-component-annotations from 2.1.1 to 2.2.0 (#404) @​dependabot

👻 Maintenance

• ITs improvement (#415) @​slawekjaranowski
• Fix documentation formatting, add menu items for new examples (#412) @​slawekjaranowski
• Execute mexec-137 also on unix family (#413) @​slawekjaranowski
• Remove unused test (#410) @​slawekjaranowski

🔧 Build

• Bump release-drafter/release-drafter from 5 to 6 (#417) @​dependabot

Commits

• d28f608 [maven-release-plugin] prepare release 3.2.0
• 96d307b Bump org.codehaus.mojo:mojo-parent from 78 to 80 (#419)
• 0134866 Fix #401 - Maven v4 compatibility
• 198c289 Bump commons-io:commons-io in /src/it/projects/setup-parent
• 9babd4e Bump release-drafter/release-drafter from 5 to 6
• 97f3161 Bump project version to 3.2.0-SNAPSHOT
• 594cb0f ITs improvement
• bf6a0f1 Fix documentation formatting, add menu items for new examples
• 1d90140 Execute mexec-137 also on unix family
• a7090d0 Fixes #408, enable to exec:java runnables and not only mains with loosely cou...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #1086.