commercetools-sdk-java-v2 chore(deps): update all dependencies

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	patch	`v4.1.6` -> `v4.1.7`
actions/upload-artifact	action	minor	`v4.3.3` -> `v4.4.0`
codecov/codecov-action	action	minor	`v4.4.1` -> `v4.5.0`
github/codeql-action	action	minor	`v3.25.8` -> `v3.26.6`
gradle (source)		minor	`8.8` -> `8.10.1`
gradle/actions	action	minor	`v3.3.2` -> `v3.5.0`
gradle/wrapper-validation-action	action	minor	`v3.3.2` -> `v3.5.0`
husky	dependencies	minor	`9.0.11` -> `9.1.6`
lint-staged	dependencies	patch	`15.2.5` -> `15.2.10`
ossf/scorecard-action	action	minor	`v2.3.3` -> `v2.4.0`
yarn (source)	packageManager	minor	`4.2.2` -> `4.4.1`
org.mockito:mockito-junit-jupiter	dependencies	minor	`5.12.0` -> `5.13.0`
org.assertj:assertj-core (source)	dependencies	patch	`3.26.0` -> `3.26.3`
org.skyscreamer:jsonassert	dependencies	patch	`1.5.1` -> `1.5.3`
com.google.guava:guava	dependencies	minor	`33.2.1-jre` -> `33.3.0-jre`
org.junit.jupiter:junit-jupiter (source)	dependencies	minor	`5.10.2` -> `5.11.0`
net.sourceforge.plantuml:plantuml	dependencies	patch	`1.2024.5` -> `1.2024.7`
org.awaitility:awaitility (source)	dependencies	patch	`4.2.1` -> `4.2.2`
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	dependencies	patch	`2.17.1` -> `2.17.2`
com.fasterxml.jackson.core:jackson-core	dependencies	patch	`2.17.1` -> `2.17.2`
com.fasterxml.jackson.core:jackson-databind (source)	dependencies	patch	`2.17.1` -> `2.17.2`
com.fasterxml.jackson.core:jackson-annotations (source)	dependencies	patch	`2.17.1` -> `2.17.2`
org.slf4j:slf4j-api (source, changelog)	dependencies	patch	`2.0.13` -> `2.0.16`
org.apache.commons:commons-lang3 (source)	dependencies	minor	`3.14.0` -> `3.17.0`
com.netflix.graphql.dgs.codegen:graphql-dgs-codegen-shared-core	dependencies	minor	`6.2.1` -> `6.3.0`
com.github.javaparser:javaparser-symbol-solver-core (source)	dependencies	patch	`3.26.0` -> `3.26.2`
com.datadoghq:datadog-api-client	dependencies	minor	`2.25.0` -> `2.28.0`
io.projectreactor.netty:reactor-netty-core	dependencies	patch	`1.1.19` -> `1.1.22`
com.newrelic.agent.java:newrelic-api	dependencies	minor	`8.12.0` -> `8.14.0`
io.opentelemetry:opentelemetry-api	dependencies	minor	`1.38.0` -> `1.42.1`
io.projectreactor.netty:reactor-netty-http	dependencies	patch	`1.1.19` -> `1.1.22`
com.netflix.dgs.codegen	plugin	minor	`6.2.1` -> `6.3.0`
org.jetbrains.kotlin.jvm	plugin	patch	`2.0.0` -> `2.0.20`

Release Notes

actions/checkout (actions/checkout)

`v4.1.7`

Compare Source

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
Check out other refs/* by commit by @orhantoy in https://github.com/actions/checkout/pull/1774
Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in https://github.com/actions/checkout/pull/1776

actions/upload-artifact (actions/upload-artifact)

`v4.3.4`

Compare Source

What's Changed

Update @actions/artifact version, bump dependencies by @robherley in https://github.com/actions/upload-artifact/pull/584

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.3...v4.3.4

codecov/codecov-action (codecov/codecov-action)

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.4.1...v4.5.0

github/codeql-action (github/codeql-action)

`v8.9`

Compare Source

gradle/actions (gradle/actions)

`v3.5.0`

Compare Source

This release contains a major upgrade to gradle-home-cache-cleanup as well as improvements to dependency-submission.

What's Changed

Include Gradle 8.9 in known wrapper checksums (avoiding the need to download) (#266)
Improvements to cache-cleanup
- Provision latest Gradle version to use for cache-cleanup (#33, #271)
- Avoid use of timestamp manipulation for cache-cleanup (#24, #272)
- Cleanup artifact transforms cache in Gradle home (#47)
- More logging from cache-cleanup operation (#169)
Use latest dependency graph plugin (#269)
- Avoid resolving configurations that are deprecated for resolving (https://github.com/gradle/github-dependency-graph-gradle-plugin/pull/129)
- Avoid circular task dependency when build includes itself (https://github.com/gradle/github-dependency-graph-gradle-plugin/issues/141)
Automatically upload dependency graph file on submission failure (#291)

Full Changelog: https://github.com/gradle/actions/compare/v3.4.2...v3.5.0

`v3.4.2`

Compare Source

This patch release fixes a race condition that resulted in the DEVELOCITY_ACCESS_KEY variable not being set in the environment.

What's Changed

Fix race condition with fetching short lived token by @alextu in https://github.com/gradle/actions/pull/260

Full Changelog: https://github.com/gradle/actions/compare/v3.4.1...v3.4.2

This patch release fixes a bug introduced in v3.4.0, that prevents build scan publication to Develocity. The bug results in the removal of the DEVELOCITY_ACCESS_KEY variable being removed, so that Gradle cannot authenticate with the Develocity server.

What's Changed

Don't clear access key when access token cannot be obtained by @cdsap in https://github.com/gradle/actions/pull/258
Simplify requesting short-lived Develocity access tokens by @bigdaz in https://github.com/gradle/actions/pull/259

Full Changelog: https://github.com/gradle/actions/compare/v3.4.0...v3.4.1

`v3.4.0`

Compare Source

This release improves the integration with Gradle Develocity®, as well as updating a number of key dependencies.

The new develocity-access-key input parameter allows the action to generate a short-lived access token for subsequent communication with Develocity. This reduces the risk of the full (long-lived) access key being compromised, either accidentally or by a malicious action.
New input parameters are available to configure Develocity injection. Previously Develocity injection could only be enabled by setting environment variables.
Checksums for Gradle 8.8 are now included, so that no network request is required for wrapper-validation with Gradle 8.8 wrappers.

What's Changed

Add support for short-lived tokens by @alextu in https://github.com/gradle/actions/pull/224
Update known wrapper checksums by @github-actions in https://github.com/gradle/actions/pull/240
Update to Gradle 8.8 by @bigdaz in https://github.com/gradle/actions/pull/251
Adding Develocity input actions by @cdsap in https://github.com/gradle/actions/pull/244
Fail on invalid boolean for Develocity inputs by @bigdaz in https://github.com/gradle/actions/pull/252

New Contributors

@serieznyi made their first contribution in https://github.com/gradle/actions/pull/216
@lokalpage-safe made their first contribution in https://github.com/gradle/actions/pull/205
@alextu made their first contribution in https://github.com/gradle/actions/pull/224
@bot-githubaction made their first contribution in https://github.com/gradle/actions/pull/227
@antonmos made their first contribution in https://github.com/gradle/actions/pull/234
@cdsap made their first contribution in https://github.com/gradle/actions/pull/244

Full Changelog: https://github.com/gradle/actions/compare/v3.3.2...v3.4.0

gradle/wrapper-validation-action (gradle/wrapper-validation-action)

`v3.5.0`

Compare Source

[!IMPORTANT] As of v3 this action has been deprecated by gradle/actions/wrapper-validation. Any workflow that uses gradle/wrapper-validation-action@v3 will transparently delegate to gradle/actions/wrapper-validation@v3.

Users are encouraged to update their workflows, replacing:
uses: gradle/wrapper-validation-action@v3
with
uses: gradle/actions/wrapper-validation@v3
See the wrapper-validation documentation for up-to-date documentation for gradle/actions/wrapper-validation.

For release details, see https://github.com/gradle/actions/releases/tag/v3.5.0

`v3.4.2`

Compare Source

[!IMPORTANT] As of v3 this action has been deprecated by gradle/actions/wrapper-validation. Any workflow that uses gradle/wrapper-validation-action@v3 will transparently delegate to gradle/actions/wrapper-validation@v3.

Users are encouraged to update their workflows, replacing:
uses: gradle/wrapper-validation-action@v3
with
uses: gradle/actions/wrapper-validation@v3
See the wrapper-validation documentation for up-to-date documentation for gradle/actions/wrapper-validation.

For release details, see https://github.com/gradle/actions/releases/tag/v3.4.2

`v3.4.1`

Compare Source

[!IMPORTANT] As of v3 this action has been deprecated by gradle/actions/wrapper-validation. Any workflow that uses gradle/wrapper-validation-action@v3 will transparently delegate to gradle/actions/wrapper-validation@v3.

Users are encouraged to update their workflows, replacing:
uses: gradle/wrapper-validation-action@v3
with
uses: gradle/actions/wrapper-validation@v3
See the wrapper-validation documentation for up-to-date documentation for gradle/actions/wrapper-validation.

For release details, see https://github.com/gradle/actions/releases/tag/v3.4.1

`v3.4.0`

Compare Source

[!IMPORTANT] As of v3 this action has been deprecated by gradle/actions/wrapper-validation. Any workflow that uses gradle/wrapper-validation-action@v3 will transparently delegate to gradle/actions/wrapper-validation@v3.

Users are encouraged to update their workflows, replacing:
uses: gradle/wrapper-validation-action@v3
with
uses: gradle/actions/wrapper-validation@v3
See the wrapper-validation documentation for up-to-date documentation for gradle/actions/wrapper-validation.

For release details, see https://github.com/gradle/actions/releases/tag/v3.4.0

typicode/husky (husky)

`v9.1.6`

Compare Source

`v9.1.5`

Compare Source

`v9.1.4`

Compare Source

`v9.1.3`

Compare Source

fix: better handle space in PATH

`v9.1.2`

Compare Source

`v9.1.1`

Compare Source

`v9.1.0`

Compare Source

Super saiyan ~~god~~ dog! It's over 9.0.0!

There's a bug with this release which prevents the deprecation notice to appear and requires to remove #!/usr/bin/env sh and . "$(dirname -- "$0")/_/husky.sh" (which are deprecated by the way). I'll publish a new version to fix that. Sorry about any inconvenience.

What's new

You can now run package commands directly, no need for npx or equivalents. It makes writing hooks more intuitive and is also slightly faster 🐺⚡️


### .husky/pre-commit
- npx jest
+ jest # ~0.2s faster

A new recipe has been added to the docs. Lint staged files without external dependencies (inspired by Prettier docs). Feel free to modify it.


### .husky/pre-commit
prettier $(git diff --cached --name-only --diff-filter=ACMR | sed 's| |\\ |g') --write --ignore-unknown
git update-index --again

For more advanced use cases, see lint-staged.

Fixes

bunx husky init command
Workaround for some hooks implementation on Windows 🤷

Deprecations

Remove #!/usr/bin/env sh and . "$(dirname -- "$0")/_/husky.sh" from your hooks
Move your code from ~/.huskyrc to .config/husky/init.sh

Support for these will be removed in v10, notices have been added.

Friendly reminder

If Git hooks don't fit your workflow, you can disable Husky globally. Just add export HUSKY=0 to .config/husky/init.sh.

I've seen some confusion about this on X, so just a heads-up!

Sponsoring

Husky is downloaded over 45M times per month and used by ~1.5M projects. If your company wants to sponsor, you can do so here: GitHub Sponsors.

Have a nice summer ☀️ I'm open to new opportunities/consulting so feel free to drop me a message 😉

lint-staged/lint-staged (lint-staged)

`v15.2.10`

Compare Source

Patch Changes

#1471 e3f283b Thanks @iiroj! - Update minor dependencies, including micromatch@~4.0.8.

`v15.2.9`

Compare Source

Patch Changes

#1463 b69ce2d Thanks @iiroj! - Set the maximum number of event listeners to the number of tasks. This should silence the console warning MaxListenersExceededWarning: Possible EventEmitter memory leak detected.

`v15.2.8`

Compare Source

Patch Changes

f0480f0 Thanks @iiroj! - In the previous version the native git rev-parse --show-toplevel command was taken into use for resolving the current git repo root. This version switched the --show-toplevel flag with --show-cdup, because on Git installed via MSYS2 the former was returning absolute paths that do not work with Node.js child_process. The new flag returns a path relative to the working directory, avoiding the issue.

The GitHub Actions workflow has been updated to install Git via MSYS2, to ensure better future compatibility; using the default Git binary in the GitHub Actions runner was working correctly even with MSYS2.

`v15.2.7`

Compare Source

Patch Changes

#1440 a51be80 Thanks @iiroj! - In the previous version the native git rev-parse --show-toplevel command was taken into use for resolving the current git repo root. This version drops the --path-format=absolute option to support earlier git versions since it's also the default behavior. If you are still having trouble, please try upgrading git to the latest version.

`v15.2.6`

Compare Source

Patch Changes

#1433 119adb2 Thanks @iiroj! - Use native "git rev-parse" commands to determine git repo root directory and the .git config directory, instead of using custom logic. This hopefully makes path resolution more robust on non-POSIX systems.

ossf/scorecard-action (ossf/scorecard-action)

`v2.4.0`

Compare Source

What's Changed

This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the v5.0.0 release notes. Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation.

:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1410
:bug: lower license sarif alert threshold to 9 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1411

Documentation

docs: dogfooding badge by @jkowalleck in https://github.com/ossf/scorecard-action/pull/1399

New Contributors

@jkowalleck made their first contribution in https://github.com/ossf/scorecard-action/pull/1399

Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0

yarnpkg/berry (yarn)

`v4.4.1`

Compare Source

`v4.4.0`

[Compare Sour

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Jun 10 '24 01:06 renovate[bot]

This PR is missing a Jira ticket reference in the title or description. Please add a Jira ticket reference to the title or description of this PR.

Jun 10 '24 01:06 gitstream-cm[bot]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 8.60%. Comparing base (37b96b6) to head (6ab286d). Report is 1 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff             @@
##               main    #666      +/-   ##
===========================================
- Coverage     10.03%   8.60%   -1.44%     
+ Complexity     1945    1480     -465     
===========================================
  Files          6876    6876              
  Lines         67137   67137              
  Branches        279     279              
===========================================
- Hits           6738    5775     -963     
- Misses        60225   61217     +992     
+ Partials        174     145      -29

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

Jun 10 '24 01:06 codecov[bot]

🥷 Code experts: jenschude

jenschude has most 👩‍💻 activity in the files. jenschude has most 🧠 knowledge in the files.

See details

.github/workflows/benchmark.yml

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB	1 additions & 1 deletions

Knowledge based on git-blame: jenschude: 91%

.github/workflows/ci.yml

Activity based on git-commit:

	jenschude
JUL
JUN
MAY	33 additions & 25 deletions
APR
MAR
FEB	22 additions & 9 deletions

Knowledge based on git-blame: jenschude: 92%

.github/workflows/codeql.yml

Activity based on git-commit:

	jenschude
JUL
JUN	3 additions & 3 deletions
MAY	5 additions & 0 deletions
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 98%

.github/workflows/create-pr.yml

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB	5 additions & 5 deletions

Knowledge based on git-blame: jenschude: 92%

.github/workflows/docs.yml

Activity based on git-commit:

	jenschude
JUL
JUN
MAY	2 additions & 3 deletions
APR
MAR
FEB	2 additions & 2 deletions

Knowledge based on git-blame: jenschude: 90%

.github/workflows/release-snapshot.yml

Activity based on git-commit:

	jenschude
JUL
JUN	3 additions & 0 deletions
MAY
APR
MAR
FEB	1 additions & 1 deletions

Knowledge based on git-blame: jenschude: 93%

.github/workflows/release.yml

Activity based on git-commit:

	jenschude
JUL
JUN	3 additions & 0 deletions
MAY	0 additions & 6 deletions
APR
MAR
FEB	6 additions & 5 deletions

Knowledge based on git-blame: jenschude: 92%

.github/workflows/scorecard.yml

Activity based on git-commit:

	jenschude
JUL
JUN
MAY	2 additions & 2 deletions
APR
MAR
FEB	2 additions & 2 deletions

Knowledge based on git-blame: jenschude: 94%

build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY	1 additions & 0 deletions
APR	1 additions & 1 deletions
MAR
FEB	10 additions & 5 deletions

Knowledge based on git-blame: jenschude: 85%

buildSrc/build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 84%

commercetools/commercetools-graphql-api/build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB	8 additions & 3 deletions

Knowledge based on git-blame: jenschude: 96%

commercetools/commercetools-monitoring-datadog/build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame:

commercetools/commercetools-monitoring-newrelic/build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 97%

commercetools/commercetools-monitoring-opentelemetry/build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 97%

commercetools/commercetools-reactornetty-client/build.gradle

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 78%

gradle-scripts/extensions.gradle

Activity based on git-commit:

	jenschude
JUL
JUN	3 additions & 3 deletions
MAY	1 additions & 1 deletions
APR
MAR
FEB	11 additions & 8 deletions

Knowledge based on git-blame: jenschude: 77%

gradle/wrapper/gradle-wrapper.properties

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 33%

package.json

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR
MAR
FEB

Knowledge based on git-blame: jenschude: 86%

yarn.lock

Activity based on git-commit:

	jenschude
JUL
JUN
MAY
APR	56 additions & 56 deletions
MAR
FEB

Knowledge based on git-blame: jenschude: 8%

To learn more about /:\ gitStream - Visit our Docs

Jul 12 '24 09:07 gitstream-cm[bot]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Jan 06 '25 11:01 renovate[bot]

I ran tests locally and they're passing. For renovate we disabled integration tests so that the tests are not triggered with every commit to main branch. I‘m merging this PR.

Jan 06 '25 13:01 lojzatran

commercetools-sdk-java-v2 commercetools-sdk-java-v2 copied to clipboard

chore(deps): update all dependencies

Release Notes

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

What's Changed

New Contributors

What's new

Fixes

Deprecations

Friendly reminder

Sponsoring

Patch Changes

Patch Changes

Patch Changes

Patch Changes

Patch Changes

What's Changed

Documentation

New Contributors

Configuration

Codecov Report

Edited/Blocked Notification

commercetools-sdk-java-v2
commercetools-sdk-java-v2 copied to clipboard