Bump the backend group with 9 updates

[dependabot]

Bumps the backend group with 9 updates:

Package	From	To
org.springframework.boot:spring-boot-dependencies	3.2.1	3.2.2
io.mockk:mockk	1.13.8	1.13.9
com.diffplug.spotless	6.23.3	6.25.0
com.github.ben-manes.versions	0.50.0	0.51.0
org.gradle.toolchains.foojay-resolver-convention	0.7.0	0.8.0
no.nav.tilleggsstonader.kontrakter:tilleggsstonader-kontrakter	2023.12.18-10.13.7d6848ac9d82	2024.02.01-17.07.0978e5f61923
no.nav.security:token-client-core	3.2.0	4.1.3
no.nav.security:token-client-spring	3.2.0	4.1.3
no.nav.security:token-validation-spring	3.2.0	4.1.3

Updates org.springframework.boot:spring-boot-dependencies from 3.2.1 to 3.2.2

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.2.2

🐞 Bug Fixes

• SslBundle implementations do not provide useful toString() results #39167
• JarEntry.getComment() returns incorrect result from NestedJarFile instances #39166
• Mixing PEM and JKS certificate material in server.ssl properties does not work #39158
• Having AspectJ and Micrometer on the classpath is not a strong enough signal to enable support for Micrometer observation annotations #39128
• Actuator endpoints with no operations that use selectors are not accessible when mapped to / #39122
• Spring Boot 3.2 app that uses WebFlux, Security, and Actuator may fail to start due to a missing authentication manager #39096
• management.observations.http.server.requests.name no longer has any effect #39083
• spring.rabbitmq.listener.stream.auto-startup property has no effect #39078
• Error mark in the log message for PatternParseException is in the wrong place #39075
• Configuring server.jetty.max-connections has no effect #39052
• @ConfigurationPropertiesBinding converters that rely on initial CharSequence to String conversion no longer work #39051
• Manifest attributes cannot be resolved with the new loader implementation #38996
• Throwable from logging system initialization may result in the application silently failing to start #38963
• When using Jetty, idle timeout for IO operations and delayed dispatch cannot be set to less than 30000ms #38960
• spring-boot-maven-plugin repackage uber jar execution fails when jar is put on WSL network drive #38956
• Oracle OJDBC BOM version is flagged not for production use #38943
• Connection leak when using jOOQ and spring.jooq.sql-dialect has not been set #38924
• AutoConfigurationSorter does not always respect @AutoConfigureOrder(Ordered.LOWEST_PRECEDENCE) #38916
• Containers are not started when using @ImportTestcontainers #38913
• Even when spring.security.user.name or spring.security.user.password has been configured, user details auto-configuration still backs off when resource server is on the classpath #38864
• MockRestServiceServerAutoConfiguration with RestTemplate and RestClient together throws incorrect exception #38820

📔 Documentation

• Improve "Sanitize Sensitive Values" section in reference documentation #39199
• Fix link to Log4j2's JDK logging adapter documentation #39171
• Update CRaC support status link #39170
• Remove entry for OCI starter as it is no longer maintained #39165
• Update links to Micrometer docs in metrics section of reference docs #39149
• Use the term "tags" in documentation consistently #39125
• Correct the documentation on injecting dependencies into FailureAnalyzer implementations #39100
• Polish reference documentation #38942
• Document virtual threads limitations #38883

🔨 Dependency Upgrades

• Upgrade to MySQL 8.3.0 #39081
• Upgrade to Byte Buddy 1.14.11 #39184
• Upgrade to Groovy 4.0.17 #39185
• Upgrade to jOOQ 3.18.9 #39186
• Upgrade to Kotlin 1.9.22 #39187
• Upgrade to Lettuce 6.3.1.RELEASE #39188
• Upgrade to MariaDB 3.3.2 #38901
• Upgrade to Micrometer 1.12.2 #38978
• Upgrade to Micrometer Tracing 1.2.2 #38979
• Upgrade to Neo4j Java Driver 5.15.0 #39136
• Upgrade to Netty 4.1.105.Final #39189

... (truncated)

Commits

• 80c1e66 Release v3.2.2
• f2362d3 Merge branch '3.1.x' into 3.2.x
• 663a0e6 Add missing harbor vars
• 1a42776 Merge branch '3.1.x' into 3.2.x
• 580865b Next development version (v3.1.9-SNAPSHOT)
• 3fad814 Merge branch '3.1.x' into 3.2.x
• 7f9bd1c Switch harbor push location
• 5a90037 Merge branch '3.1.x' into 3.2.x
• 9e2a312 Update CI to use harbor
• 961da4e Make user details only back off without custom username or password
• Additional commits viewable in compare view

Updates io.mockk:mockk from 1.13.8 to 1.13.9

Release notes

Sourced from io.mockk:mockk's releases.

1.13.9

What's Changed

• Remove AllOpen plugin from Android libraries by @​SimonMarquis in mockk/mockk#1164
• Enforce reproducible builds by @​SimonMarquis in mockk/mockk#1162
• Fix unit tests errors by using slf4jOrJulLogging() by @​SimonMarquis in mockk/mockk#1166
• Remove KAPT from Android libraries by @​SimonMarquis in mockk/mockk#1163
• JVM 1.8 source compatibility by @​jeffdgr8 in mockk/mockk#1161
• Specify unique android.namespace to resolve warnings by @​kubode in mockk/mockk#1181
• Add scoped mock documentation by @​kshired in mockk/mockk#1175
• Upgrade Gradle to 8.4 by @​geekiyer in mockk/mockk#1184
• Fixes infinite recursion when stubbing a fun that returns value class by @​OitoH in mockk/mockk#1176
• Prevent kover setup failure without Android SDK by @​milgner in mockk/mockk#1193
• Support value classes for non-primitive types by @​milgner in mockk/mockk#1192
• Fix StackOverflowError calling method on spy of class with generic base class by @​flapenna in mockk/mockk#1195

New Contributors

• @​jeffdgr8 made their first contribution in mockk/mockk#1161
• @​kshired made their first contribution in mockk/mockk#1175
• @​OitoH made their first contribution in mockk/mockk#1176
• @​flapenna made their first contribution in mockk/mockk#1195

Full Changelog: mockk/mockk@1.13.8...1.13.9

Commits

• 1a89b1c Version bump
• a162b8b Merge pull request #1195 from flapenna/fix-generic-base-class-spy-stackoverflow
• 58cde89 fix: checkOverride for generic base class
• 5fb2636 Merge pull request #1192 from re-gmbh/master
• 1626ac7 Merge pull request #1193 from re-gmbh/fix/build-without-android-sdk
• 552ce9d build: prevent kover setup failure without Android SDK
• f4c51fe feat: support value classes for non-primitive types
• f879502 Merge pull request #1176 from OitoH/issue#977
• fa0fb5a Merge pull request #1184 from geekiyer/Upgrade-Gradle-to-8.4
• 94f8c6f Upgrade Gradle to 8.4
• Additional commits viewable in compare view

Updates com.diffplug.spotless from 6.23.3 to 6.25.0

Updates com.github.ben-manes.versions from 0.50.0 to 0.51.0

Updates org.gradle.toolchains.foojay-resolver-convention from 0.7.0 to 0.8.0

Updates no.nav.tilleggsstonader.kontrakter:tilleggsstonader-kontrakter from 2023.12.18-10.13.7d6848ac9d82 to 2024.02.01-17.07.0978e5f61923

Updates no.nav.security:token-client-core from 3.2.0 to 4.1.3

Release notes

Sourced from no.nav.security:token-client-core's releases.

4.1.3

What's Changed

• No changes

4.1.2

What's Changed

⬆️ Dependency upgrades

• build(deps): bump advanced-security/maven-dependency-submission-action from 3 to 4 (#842) @​dependabot

4.1.1

What's Changed

• nullability and sealing (#840) @​jan-olaveide
• fix(token-validation-ktor): support optional claims in IssuerConfig constructor (#839) @​tronghn
• not nullable post against endpoint (#838) @​jan-olaveide

⬆️ Dependency upgrades

• build(deps): bump actions/cache from 3 to 4 (#837) @​dependabot
• build(deps): bump no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.1 (#836) @​dependabot

4.1.0

What's Changed

• fjernet støtte for tokens in cookies (#835) @​jan-olaveide

4.0.5

What's Changed

• No changes

4.0.4

What's Changed

• use builder, so that we do not lose instrumentation (#834) @​jan-olaveide

⬆️ Dependency upgrades

• build(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5 (#833) @​dependabot
• build(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.9 to 11.9.1 (#832) @​dependabot
• build(deps-dev): bump org.junit.jupiter:junit-jupiter-engine from 5.9.1 to 5.10.1 (#831) @​dependabot
• build(deps): bump org.jetbrains.dokka:dokka-maven-plugin from 1.9.0 to 1.9.10 (#830) @​dependabot

4.0.3

What's Changed

• No changes

4.0.2

What's Changed

⬆️ Dependency upgrades

• build(deps-dev): bump com.fasterxml.jackson.core:jackson-databind from 2.16.0 to 2.16.1 (#829) @​dependabot
• build(deps-dev): bump com.fasterxml.jackson.module:jackson-module-kotlin from 2.16.0 to 2.16.1 (#828) @​dependabot

... (truncated)

Commits

• 01c42ee disable mysterious tests
• 1f41776 build(deps): bump ktor.version from 2.3.7 to 2.3.8 (#843)
• b7345ac build(deps): bump advanced-security/maven-dependency-submission-action (#842)
• ed8d033 build(deps): bump spring-boot.version from 3.2.1 to 3.2.2 (#841)
• e20f7d1 nullability and sealing (#840)
• 093a28e fix(token-validation-ktor): support optional claims in IssuerConfig construct...
• cb33892 not nullable post againt endpoint (#838)
• 870dfd8 build(deps): bump actions/cache from 3 to 4 (#837)
• f0a4366 build(deps): bump no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.1 (#836)
• eeb6fb9 force
• Additional commits viewable in compare view

Updates no.nav.security:token-client-spring from 3.2.0 to 4.1.3

Release notes

Sourced from no.nav.security:token-client-spring's releases.

4.1.3

What's Changed

• No changes

4.1.2

What's Changed

⬆️ Dependency upgrades

• build(deps): bump advanced-security/maven-dependency-submission-action from 3 to 4 (#842) @​dependabot

4.1.1

What's Changed

• nullability and sealing (#840) @​jan-olaveide
• fix(token-validation-ktor): support optional claims in IssuerConfig constructor (#839) @​tronghn
• not nullable post against endpoint (#838) @​jan-olaveide

⬆️ Dependency upgrades

• build(deps): bump actions/cache from 3 to 4 (#837) @​dependabot
• build(deps): bump no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.1 (#836) @​dependabot

4.1.0

What's Changed

• fjernet støtte for tokens in cookies (#835) @​jan-olaveide

4.0.5

What's Changed

• No changes

4.0.4

What's Changed

• use builder, so that we do not lose instrumentation (#834) @​jan-olaveide

⬆️ Dependency upgrades

• build(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5 (#833) @​dependabot
• build(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.9 to 11.9.1 (#832) @​dependabot
• build(deps-dev): bump org.junit.jupiter:junit-jupiter-engine from 5.9.1 to 5.10.1 (#831) @​dependabot
• build(deps): bump org.jetbrains.dokka:dokka-maven-plugin from 1.9.0 to 1.9.10 (#830) @​dependabot

4.0.3

What's Changed

• No changes

4.0.2

What's Changed

⬆️ Dependency upgrades

• build(deps-dev): bump com.fasterxml.jackson.core:jackson-databind from 2.16.0 to 2.16.1 (#829) @​dependabot
• build(deps-dev): bump com.fasterxml.jackson.module:jackson-module-kotlin from 2.16.0 to 2.16.1 (#828) @​dependabot

... (truncated)

Commits

• 01c42ee disable mysterious tests
• 1f41776 build(deps): bump ktor.version from 2.3.7 to 2.3.8 (#843)
• b7345ac build(deps): bump advanced-security/maven-dependency-submission-action (#842)
• ed8d033 build(deps): bump spring-boot.version from 3.2.1 to 3.2.2 (#841)
• e20f7d1 nullability and sealing (#840)
• 093a28e fix(token-validation-ktor): support optional claims in IssuerConfig construct...
• cb33892 not nullable post againt endpoint (#838)
• 870dfd8 build(deps): bump actions/cache from 3 to 4 (#837)
• f0a4366 build(deps): bump no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.1 (#836)
• eeb6fb9 force
• Additional commits viewable in compare view

Updates no.nav.security:token-validation-spring from 3.2.0 to 4.1.3

Release notes

Sourced from no.nav.security:token-validation-spring's releases.

4.1.3

What's Changed

• No changes

4.1.2

What's Changed

⬆️ Dependency upgrades

• build(deps): bump advanced-security/maven-dependency-submission-action from 3 to 4 (#842) @​dependabot

4.1.1

What's Changed

• nullability and sealing (#840) @​jan-olaveide
• fix(token-validation-ktor): support optional claims in IssuerConfig constructor (#839) @​tronghn
• not nullable post against endpoint (#838) @​jan-olaveide

⬆️ Dependency upgrades

• build(deps): bump actions/cache from 3 to 4 (#837) @​dependabot
• build(deps): bump no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.1 (#836) @​dependabot

4.1.0

What's Changed

• fjernet støtte for tokens in cookies (#835) @​jan-olaveide

4.0.5

What's Changed

• No changes

4.0.4

What's Changed

• use builder, so that we do not lose instrumentation (#834) @​jan-olaveide

⬆️ Dependency upgrades

• build(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5 (#833) @​dependabot
• build(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.9 to 11.9.1 (#832) @​dependabot
• build(deps-dev): bump org.junit.jupiter:junit-jupiter-engine from 5.9.1 to 5.10.1 (#831) @​dependabot
• build(deps): bump org.jetbrains.dokka:dokka-maven-plugin from 1.9.0 to 1.9.10 (#830) @​dependabot

4.0.3

What's Changed

• No changes

4.0.2

What's Changed

⬆️ Dependency upgrades

• build(deps-dev): bump com.fasterxml.jackson.core:jackson-databind from 2.16.0 to 2.16.1 (#829) @​dependabot
• build(deps-dev): bump com.fasterxml.jackson.module:jackson-module-kotlin from 2.16.0 to 2.16.1 (#828) @​dependabot

... (truncated)

Commits

• 01c42ee disable mysterious tests
• 1f41776 build(deps): bump ktor.version from 2.3.7 to 2.3.8 (#843)
• b7345ac build(deps): bump advanced-security/maven-dependency-submission-action (#842)
• ed8d033 build(deps): bump spring-boot.version from 3.2.1 to 3.2.2 (#841)
• e20f7d1 nullability and sealing (#840)
• 093a28e fix(token-validation-ktor): support optional claims in IssuerConfig construct...
• cb33892 not nullable post againt endpoint (#838)
• 870dfd8 build(deps): bump actions/cache from 3 to 4 (#837)
• f0a4366 build(deps): bump no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.1 (#836)
• eeb6fb9 force
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #45.