fix: bump the other-dependencies group with 7 updates

[dependabot]

Bumps the other-dependencies group with 7 updates:

Package	From	To
io.pivotal.spring.cloud:spring-cloud-services-dependencies	4.1.0	4.1.1
io.github.gradle-nexus.publish-plugin	1.3.0	2.0.0
org.jetbrains.kotlin.jvm	1.9.22	1.9.23
org.jetbrains.kotlin.plugin.serialization	1.9.22	1.9.23
org.postgresql:postgresql	42.7.1	42.7.3
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	2.16.1	2.17.0
org.slf4j:slf4j-api	2.0.11	2.0.12

Updates io.pivotal.spring.cloud:spring-cloud-services-dependencies from 4.1.0 to 4.1.1

Commits

• 39bb22f Release v4.1.1
• c4ec3ce Invoked gradle initscript to upgrade project dependencies via OpenRew… (#408)
• fcdba9f Upgrade java-cfenv (#406)
• a6a5c25 Updates to gradle 8.5 (#401)
• 14a69e5 Bump org.jfrog.buildinfo:build-info-extractor-gradle (#398)
• f9c734a Uses a ConfigDataLocationResolver to configure authorization interceptor (#399)
• 512c459 Cleanup some unused test resources (#397)
• 5d86d70 Removes spring.provides files (#396)
• b10e8c5 Updates copy-right dates (#395)
• 72c8b08 Adds more tests for ConfigResourceClient (#394)
• Additional commits viewable in compare view

Updates io.github.gradle-nexus.publish-plugin from 1.3.0 to 2.0.0

Updates org.jetbrains.kotlin.jvm from 1.9.22 to 1.9.23

Release notes

Sourced from org.jetbrains.kotlin.jvm's releases.

Kotlin 1.9.23

1.9.23

Apple Ecosystem

• KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

• KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

• KT-53478 Could not load module
• KT-66044 JDK's new API is used over Kotlin's SDK functions
• KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
• KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
• KT-65634 K/N: data race during monolithic cache creation
• KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
• KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

• KT-65792 Add JSON build report
• KT-65091 Update compiler metrics in build reports
• KT-62490 KGP dropping resource directories

Tools. Gradle. JS

• KT-64119 K/JS: Migrate package manager from Yarn onto NPM
• KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

• KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

• KT-64573 Default value for produceUnpackedKlib was not provided

Changelog

Sourced from org.jetbrains.kotlin.jvm's changelog.

1.9.23

Apple Ecosystem

• KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

• KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

• KT-53478 Could not load module
• KT-66044 JDK's new API is used over Kotlin's SDK functions
• KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
• KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
• KT-65634 K/N: data race during monolithic cache creation
• KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
• KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

• KT-65792 Add JSON build report
• KT-65091 Update compiler metrics in build reports
• KT-62490 KGP dropping resource directories

Tools. Gradle. JS

• KT-64119 K/JS: Migrate package manager from Yarn onto NPM
• KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

• KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

• KT-64573 Default value for produceUnpackedKlib was not provided

Commits

• 4c571ac Edit changelog for 1.9.23
• 1ca6f32 Revert "[Wasm] Implement IrLinkageError end enable partial linker"
• 3b90682 Add changelog for 1.9.23
• f327391 Add validation for empty kotlin.build.report.json.directory property
• 2f19d2e Add JSON output type for build reports
• 666a2f2 [Wasm] Implement IrLinkageError end enable partial linker
• 4dc6689 [Native] Support Xcode 15.3 — add back the TargetConditional.h macros
• d3b2c6f K1: change depr. level of List.getFirst to HIDDEN but don't force it on overr...
• c041815 K1/K2: add tests for KT-65441 current behavior
• c262b97 K1: introduce BUILDER_INFERENCE_STUB_PARAMETER_TYPE to prevent compiler crashes
• Additional commits viewable in compare view

Updates org.jetbrains.kotlin.plugin.serialization from 1.9.22 to 1.9.23

Release notes

Sourced from org.jetbrains.kotlin.plugin.serialization's releases.

Kotlin 1.9.23

1.9.23

Apple Ecosystem

• KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

• KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

• KT-53478 Could not load module
• KT-66044 JDK's new API is used over Kotlin's SDK functions
• KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
• KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
• KT-65634 K/N: data race during monolithic cache creation
• KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
• KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

• KT-65792 Add JSON build report
• KT-65091 Update compiler metrics in build reports
• KT-62490 KGP dropping resource directories

Tools. Gradle. JS

• KT-64119 K/JS: Migrate package manager from Yarn onto NPM
• KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

• KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

• KT-64573 Default value for produceUnpackedKlib was not provided

Changelog

Sourced from org.jetbrains.kotlin.plugin.serialization's changelog.

1.9.23

Apple Ecosystem

• KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

• KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

• KT-53478 Could not load module
• KT-66044 JDK's new API is used over Kotlin's SDK functions
• KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
• KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
• KT-65634 K/N: data race during monolithic cache creation
• KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
• KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

• KT-65792 Add JSON build report
• KT-65091 Update compiler metrics in build reports
• KT-62490 KGP dropping resource directories

Tools. Gradle. JS

• KT-64119 K/JS: Migrate package manager from Yarn onto NPM
• KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

• KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

• KT-64573 Default value for produceUnpackedKlib was not provided

Commits

• 4c571ac Edit changelog for 1.9.23
• 1ca6f32 Revert "[Wasm] Implement IrLinkageError end enable partial linker"
• 3b90682 Add changelog for 1.9.23
• f327391 Add validation for empty kotlin.build.report.json.directory property
• 2f19d2e Add JSON output type for build reports
• 666a2f2 [Wasm] Implement IrLinkageError end enable partial linker
• 4dc6689 [Native] Support Xcode 15.3 — add back the TargetConditional.h macros
• d3b2c6f K1: change depr. level of List.getFirst to HIDDEN but don't force it on overr...
• c041815 K1/K2: add tests for KT-65441 current behavior
• c262b97 K1: introduce BUILDER_INFERENCE_STUB_PARAMETER_TYPE to prevent compiler crashes
• Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.7.1 to 42.7.3

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.3

Changes

• bump version to 42.7.4 @​davecramer (#3164)
• fix Issue boolean types not handled in SimpleQuery mode @​davecramer (#3146)
• The Gradle config enforces 17+ @​OrangeDog (#3147)
• Fix 2 changelog entry titles @​crunchyjohn (#3142)
• chore: ensure CI jobs include tests for all the values of preferQueryMode, ssl, xa, gss @​vlsi (#3137)
• update jdbc website security page with latest security advisory @​davecramer (#3135)

v42.7.2

Security

CVE-2024-1597 and Security Advisory addressed. The vulnerability occurs only in non-default preferQueryMode=simple mode and only if a negative place holder -? is used. See the security advisory for details

What's Changed

• perf: avoid autoboxing bind indexes by @​bokken in pgjdbc/pgjdbc#1244
• add: Add PasswordUtil for encrypting passwords client side by @​sehrope in pgjdbc/pgjdbc#3082
• refactor: document that encodePassword will zero out the password array, and remove driver's default encodePassword by @​vlsi in pgjdbc/pgjdbc#3084
• change: Use simple query for isValid. Using Extended query sends two messages by @​davecramer in pgjdbc/pgjdbc#3101

Full Changelog: pgjdbc/pgjdbc@REL42.7.1...REL42.7.2

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.3] (2024-04-14 14:51:00 -0400)

Changed

• chore: gradle config enforces 17+ [PR #3147](pgjdbc/pgjdbc#3147)

Fixed

• fix: boolean types not handled in SimpleQuery mode [PR #3146](pgjdbc/pgjdbc#3146)
  • make sure we handle boolean types in simple query mode
  • support uuid as well
  • handle all well known types in text mode and change else if to switch
• fix: released new versions of 42.2.29, 42.3.10, 42.4.5, 42.5.6, 42.6.2 to deal with NoSuchMethodError on ByteBuffer#position when running on Java 8

[42.7.2] (2024-02-21 08:23:00 -0500)

Security

• security: SQL Injection via line comment generation, it is possible in SimpleQuery mode to generate a line comment by having a placeholder for a numeric with a - such as -?. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment. This has been fixed in this version fixes CVE-2024-1597. Reported by Paul Gerste. See the security advisory for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds.

Changed

• fix: Use simple query for isValid. Using Extended query sends two messages checkConnectionQuery was never ever set or used, removed [PR #3101](pgjdbc/pgjdbc#3101)
• perf: Avoid autoboxing bind indexes by @​bokken in [PR #1244](pgjdbc/pgjdbc#1244)
• refactor: Document that encodePassword will zero out the password array, and remove driver's default encodePassword by @​vlsi in [PR #3084](pgjdbc/pgjdbc#3084)

Added

• feat: Add PasswordUtil for encrypting passwords client side [PR #3082](pgjdbc/pgjdbc#3082)

Commits

• 818953a fix Issue # 3145 boolean types not handled in SimpleQuery mode (#3146)
• 0e8ab63 The Gradle config enforces 17+ (#3147)
• b591b9f Fix 2 changelog entry titles (#3142)
• 81844e6 chore: ensure CI jobs include tests for all the values of preferQueryMode
• 2fada9e update security page (#3135)
• 388f027 fix: typo password_encrypton -> password_encryption in the error message
• 9cde4f5 Update site for release of 42.7.2 (#3133)
• df14e53 update version and last year modified
• 06abfb7 Merge pull request from GHSA-24rp-q3w6-vc56
• 93b0fcb Merge pull request from GHSA-24rp-q3w6-vc56
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.16.1 to 2.17.0

Updates org.slf4j:slf4j-api from 2.0.11 to 2.0.12

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @nickmcdowall.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[nickmcdowall]

@dependabot merge (if checks succeed)

[dependabot]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

[dependabot]

Superseded by #45.