chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
docker.io/curlimages/curl		minor	8.7.1 -> 8.8.0
docker.io/hapiproject/hapi		minor	v7.0.3 -> v7.2.0
docker.io/library/gradle	stage	minor	8.7.0-jdk21 -> 8.8.0-jdk21
docker.io/library/postgres		minor	16.2 -> 16.3
ghcr.io/miracum/fhir-pseudonymizer		patch	v2.21.9 -> v2.21.10
gradle (source)		minor	8.7 -> 8.8
tchiotludo/akhq		minor	0.24.0 -> 0.25.0
io.micrometer:micrometer-core	dependencies	minor	1.12.5 -> 1.13.1
io.micrometer:micrometer-registry-prometheus	dependencies	minor	1.12.5 -> 1.13.1
org.miracum:kafka-fhir-serializer	dependencies	patch	1.0.5 -> 1.0.6
ca.uhn.hapi.fhir:hapi-fhir-client-okhttp (source)	dependencies	minor	7.0.2 -> 7.2.1
ca.uhn.hapi.fhir:hapi-fhir-structures-r4 (source)	dependencies	minor	7.0.2 -> 7.2.1
ca.uhn.hapi.fhir:hapi-fhir-client (source)	dependencies	minor	7.0.2 -> 7.2.1
ca.uhn.hapi.fhir:hapi-fhir-base (source)	dependencies	minor	7.0.2 -> 7.2.1
org.springframework.cloud:spring-cloud-dependencies (source)	dependencies	patch	2023.0.1 -> 2023.0.2
io.spring.dependency-management	plugin	patch	1.1.4 -> 1.1.5
org.springframework.boot	plugin	minor	3.2.5 -> 3.3.1

---

Release Notes

curl/curl-container (docker.io/curlimages/curl)

v8.8.0

Compare Source

Changed

• bump to curl 8.8.0

miracum/fhir-pseudonymizer (ghcr.io/miracum/fhir-pseudonymizer)

v2.21.10

Compare Source

Miscellaneous Chores

• deps: update all non-major dependencies (#​171) (1a7ba1e)
• deps: update github-actions (#​172) (d557d85)

gradle/gradle (gradle)

v8.8: 8.8

Compare Source

The Gradle team is excited to announce Gradle 8.8.

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle:
Björn Kautler,
Denes Daniel,
Fabian Windheuser,
Hélio Fernandes Sebastião,
Jay Wei,
jhrom,
jwp345,
Jörgen Andersson,
Kirill Gavrilov,
MajesticMagikarpKing,
Maksim Lazeba,
Philip Wedemann,
Robert Elliot,
Róbert Papp,
Stefan M.,
Tibor Vyletel,
Tony Robalik,
Valentin Kulesh,
Yanming Zhou,
김용후

Upgrade instructions

Switch your build to use Gradle 8.8 by updating your wrapper:

./gradlew wrapper --gradle-version=8.8

See the Gradle 8.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

tchiotludo/akhq (tchiotludo/akhq)

v0.25.0

Compare Source

⚠️ This release bring breaking changes since the whole ACL system was rewritten to support multiple clusters RBAC ⚠️

Features

• acls: introduce new ACL rewrite (#​1472) #​1472 (Alexis SOUQUIERE)
• topicdata: list topics even if a broker is unable to serve log information (#​1502) (Kevin Duss)
• core: allow to configure (de)serialiser on consumers/producers (#​1432) (Guillaume Dufrêne)
• schema: improve schema loading on produce screen (#​1467) (Alexis SOUQUIERE)
• webserver: html-head don't work any more (#​1489) (jheinitz)
• topicdata: search for key/value schema subject (#​1430) #​1430 (Markus)
• helm: added ingress pathType (#​1564) #​1564 (Moritz Rathberger)
• docs: update groups.md with warning about recent group changes. (#​1582) #​1582 (Kajetan Krykwiński)
• docs: adding content-type warning on external claim provider response (#​1599) #​1599 (Alexis SOUQUIERE)
• auth: customizable github SSO url (#​1606) (#​1613) #​1613 (dred22)
• topic: increase topic partition (#​1601) #​1601 (neeraj-singh47)
• topic: allow to delete topic config (#​1602) #​1602 (Timon Back)
• ui: fix and improve error management (#​1620) #​1620 (Alexis SOUQUIERE)
• topicdata: adding end timestamp filter (#​1629) #​1629 (Alexis SOUQUIERE)
• auth: adding JWT payload compression (#​1630) #​1630 (Alexis SOUQUIERE)
• topicdata: adding download all messages feature (#​1628) #​1628 (Alexis SOUQUIERE)
• schema: add support for GLUE schema registry (only deserialization) (#​1650) #​1650 (arindampatra33)
• schema: enhance support for Glue Schema Registry (#​1673) #​1673 (arindampatra33)
• ui: upgrade to React 18 (#​1678) #​1678 (Alexis SOUQUIERE)
• auth: adding READ_CONFIG in default reader role (#​1694) #​1694 (Alexis SOUQUIERE)
• topicdata: adding Jackson view on Record to limit field in download (#​1692) #​1692 (Alexis SOUQUIERE)
• acls: audit logs (#​1675) #​1675 (Emmanuel)
• acls: use no op security service when security is off #​1705 (#​1706) #​1706 (Emmanuel)
• cicd: add dependabot automatic check (Ludovic DEHON)
• ui: handle env file for dev (Ludovic DEHON)
• helm: add LoadBalancerIP (Ludovic DEHON)
• docs: remove upstash sponsor (Ludovic DEHON)
• auth: add default value for github api and update doc (#​1779) #​1779 (Alexis SOUQUIERE)
• docs: describe how to enable json logging (#​1772) #​1772 (theBNT)

Bug Fixes

• topicdata: search can failed data pagination with many results (#​1468) #​1468 (Alexis SOUQUIERE)
• topicdata: no topic data when 1 record with newest sort (#​1466) #​1466 (Alexis SOUQUIERE)
• connect: sort throw exception (#​1431) #​1431 (Albert)
• webservre: add missing / to search string in replace (#​1477) #​1477 (jheinitz)
• docs: invalid helm link (Ludovic DEHON)
• schema: invalid signature on schema controller (Ludovic DEHON)
• ui: delete message don't work anymore (Ludovic DEHON)
• ui: live tail should pretty print json (Ludovic DEHON)
• ui: header failed to display on live tail (Ludovic DEHON)
• ui: search box on topic data (#​1522) #​1522 (Alexis SOUQUIERE)
• acls: inconsistency between READ and READ_CONFIG actions for NODE resource (#​1521) #​1521 (Alexis SOUQUIERE)
• ui: inconsistency in default selected cluster (#​1523) #​1523 (Alexis SOUQUIERE)
• ui: regression on search filters when changing sort (#​1525) #​1525 (Alexis SOUQUIERE)
• ui: cancel previous request on search schema (#​1542) #​1542 (Alexis SOUQUIERE)
• ui: redirect on login page when token expires (#​1539) #​1539 (Alexis SOUQUIERE)
• core: fix permissions issues (#​1533) #​1533 (Alexis SOUQUIERE)
• topicdata: fix and enhance search (#​1538) #​1538 (Alexis SOUQUIERE)
• cicd: fix falling doc build (Ludovic DEHON)
• auth: handling logged-in user with no roles (#​1589) #​1589 (Alexis SOUQUIERE)
• schema: only load schema when user has rights on produce screen (#​1600) #​1600 (Alexis SOUQUIERE)
• topicdata: BufferUnderflowException on header deserialization (#​1588) #​1588 (Alexis SOUQUIERE)
• auth: check only cluster permissions on search for acl and schema (#​1605) #​1605 (Alexis SOUQUIERE)
• topicdata: fix copy infinite loop when record added during copy (#​1612) #​1612 (val)
• ui: Sorting messages in a topic no longer reset applied filters (#​1627) #​1627 (DPICART)
• topicdata: fix NPE for tombstone values in contains search (#​1634) #​1634 (Paolo Haider)
• webserver: fix body serialization error for config updates (#​1646) #​1646 (Alexis SOUQUIERE)
• webserver: fixing blocking call after Micronaut migration (#​1647) #​1647 (Alexis SOUQUIERE)
• auth: removed explicit context-path in redirect urls and intercept url maps (#​1652) #​1652 (Stephan Linkel)
• topicdata: Hide 'Empty Topic' button when user doesn't have DELETE permission (#​1653) #​1653 (Piotr Przybylski)
• helm: can not specify NodePort for http port 80 (#​1648) #​1648 (Jakob Maležič)
• auth: handling NPE on login (#​1655) #​1655 (Alexis SOUQUIERE)
• schema: fix subject redirection from message on large registry (#​1654) #​1654 (Alexis SOUQUIERE)
• schema: adding JsonIgnore on awsGlueKafkaDeserializer (#​1663) #​1663 (Alexis SOUQUIERE)
• topicdata: topic must be included for tail (#​1672) #​1672 (arindampatra33)
• webserver: remove regresion on index.html (Ludovic DEHON)
• site: docker-compose deprecated (#​1686) #​1686 (Nard Théo)
• topicdata: increasing Max-Poll-Records to required page size as it fixes sorting by newest (#​1691) #​1691 (Jonas Voelcker)
• build: fix startTestKafkaCluster task (#​1695) #​1695 (Shane Kennedy)
• docs: removed docs dependency onto client-folder (#​1697) #​1697 (Jonas Voelcker)
• topicdata: missing noargs for headers (Ludovic DEHON)
• build: invalid .editorconfig (Ludovic DEHON)
• cicd: missing distributions dir (Ludovic DEHON)
• ui: removing loading animation on ongoing search (#​1710) #​1710 (Jonas Voelcker)
• helm: changed kafkaSecrets default value change with examples (#​1712) #​1712 (David Vrtěl)
• ui: adding loading animation on topic data search (#​1713) #​1713 (Alexis SOUQUIERE)
• ui: using hook instead of props (#​1708) #​1708 (Jonas Voelcker)
• cicd: tag master docker releases with "latest" (#​1711) #​1711 (Shane Kennedy)
• ui: display blank data instead of null (#​1714) #​1714 (Akshaykumar Chaudhary)
• schema: fix glue schema registry caching issue (#​1750) #​1750 (arindampatra33)
• ui: extract after from lastResult as nextPage (#​1752) (#​1754) #​1754 (Jonas Voelcker)
• ui: fix compact,delete topic creation #​1755 (#​1756) #​1756 (Emmanuel)
• ui: changed lastResult from array to actual element (#​1757) #​1757 (Jonas Voelcker)
• ui: missing default right on consumer group (Ludovic DEHON)
• server: better startup and logs (Ludovic DEHON)

Documentation

• readme: add Archer Aviation in the Who's using AKHQ (#​1503) #​1503 (Hongbo Miao)
• add configuration path configuration (#​1566) #​1566 (Y. Luis)

Chores

• schema: typos #​1465 (Boris Momčilović)
• build: add idea-ext on build.gradle (#​1446) #​1446 (Markus)
• docker: add unless-stopped (#​1445) #​1445 (Markus)
• readme: add infosupport sponsors (Ludovic DEHON)
• docs: fix copyright (Ludovic DEHON)
• deps: update most of java deps (Ludovic DEHON)
• deps: update to kafka 3.5.1 and confluent 3.4.1 (#​1554) #​1554 (Julien Jean Paul Sirocchi)
• docs: add application configuration for dev (#​1591) #​1591 (bhargav joshi)
• docs: add manomano (#​1618) #​1618 (dida ratsimba)
• deps: upgrade Micronaut to 4.2 version (#​1615) #​1615 (screpel)
• deps: update gradle (Ludovic DEHON)
• deps: update all docs packages (Ludovic DEHON)
• deps: update most java packages (#​1661) #​1661 (Ludovic DEHON)
• site: added maif as sponsor (Ludovic DEHON)
• site: add some company using (Ludovic DEHON)
• deps: update sioan.frontend-jdk to java 17 (#​1701) #​1701 (Shane Kennedy)
• deps: bump follow-redirects from 1.15.5 to 1.15.6 in /docs #​1698 (dependabot[bot])
• deps: bump vite from 5.0.12 to 5.0.13 in /docs #​1699 (dependabot[bot])
• deps-dev: bump vite from 5.2.2 to 5.2.6 in /client #​1700 (dependabot[bot])
• deps: update all github actions deps (Ludovic DEHON)
• deps: update most java deps (Ludovic DEHON)
• deps: update most javascript deps (Ludovic DEHON)
• docs: added Michelin Company (#​1751) #​1751 (Akshaykumar Chaudhary)
• deps: bump commons-codec:commons-codec from 1.16.1 to 1.17.0 #​1763 (dependabot[bot])
• deps: bump org.gradle.test-retry from 1.5.8 to 1.5.9 #​1762 (dependabot[bot])
• deps: bump io.micronaut.application from 4.3.6 to 4.3.8 #​1760 (dependabot[bot])
• deps: bump com.gorylenko.gradle-git-properties #​1761 (dependabot[bot])
• docs: added CEVA as users (#​1773) #​1773 (jipipayo)
• version: update to v0.25.0 (Ludovic DEHON)

Commits

• 667a594: fix(ui); send bearer token on the search sse endpoint (#​1527) (Alexis SOUQUIERE) #​1527

micrometer-metrics/micrometer (io.micrometer:micrometer-core)

v1.13.1: 1.13.1

Compare Source

🔨 Dependency Upgrades

• Bump me.champeau.gradle:japicmp-gradle-plugin from 0.4.2 to 0.4.3 #​5219
• Bump spring-javaformat from 0.0.41 to 0.0.42 #​5218
• Bump dropwizard-metrics from 4.2.25 to 4.2.26 #​5215
• Bump org.apache.felix:org.apache.felix.scr from 2.2.10 to 2.2.12 #​5208
• Bump software.amazon.awssdk:cloudwatch from 2.25.64 to 2.25.69 #​5202
• Bump org.hdrhistogram:HdrHistogram from 2.2.1 to 2.2.2 #​5190
• Bump spring from 5.3.35 to 5.3.36 #​5189
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #​5188
• Bump com.netflix.spectator:spectator-reg-atlas from 1.7.12 to 1.7.13 #​5186
• Bump io.netty:netty-bom from 4.1.109.Final to 4.1.110.Final #​5185
• Bump org.apache.maven:maven-resolver-provider from 3.9.6 to 3.9.7 #​5183
• Bump com.signalfx.public:signalfx-java from 1.0.41 to 1.0.42 #​5182
• Bump io.projectreactor:reactor-bom from 2022.0.18 to 2022.0.19 #​5121
• Bump com.gradle.develocity from 3.17.3 to 3.17.4 #​5119
• Bump spring from 5.3.34 to 5.3.35 #​5118

📝 Tasks

• Update japicmp compatibleVersion to 1.12.0 for 1.13.x #​5143
• Add 1.13.x and remove 1.11.x from dependabot config #​5094

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​izeye

v1.13.0

Compare Source

v1.12.7: 1.12.7

Compare Source

🔨 Dependency Upgrades

• Bump org.apache.felix:org.apache.felix.scr from 2.2.10 to 2.2.12 #​5214
• Bump me.champeau.gradle:japicmp-gradle-plugin from 0.4.2 to 0.4.3 #​5213
• Bump spring-javaformat from 0.0.41 to 0.0.42 #​5206
• Bump dropwizard-metrics from 4.2.25 to 4.2.26 #​5204
• Bump com.amazonaws:aws-java-sdk-cloudwatch from 1.12.734 to 1.12.739 #​5198
• Bump org.apache.maven:maven-resolver-provider from 3.9.6 to 3.9.7 #​5180
• Bump io.netty:netty-bom from 4.1.109.Final to 4.1.110.Final #​5178
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #​5177
• Bump spring from 5.3.35 to 5.3.36 #​5176
• Bump com.signalfx.public:signalfx-java from 1.0.41 to 1.0.42 #​5175
• Bump com.netflix.spectator:spectator-reg-atlas from 1.7.12 to 1.7.13 #​5174
• Bump com.gradle.develocity from 3.17.3 to 3.17.4 #​5129
• Bump io.projectreactor:reactor-bom from 2022.0.18 to 2022.0.19 #​5124
• Bump spring from 5.3.34 to 5.3.35 #​5122

v1.12.6: 1.12.6

Compare Source

⚠️ Noteworthy

• Downgrade to Mockito 4 from Mockito 5 in micrometer-observation-test module https://github.com/micrometer-metrics/micrometer/issues/4968

🐞 Bug Fixes

• NullPointerException in DefaultJmsProcessObservationConvention #​4966
• OTLP Gauge datapoint timestamp should be time at sampling #​5044
• AnnotationHandler can't see methods from parent class #​4983

🔨 Dependency Upgrades

• Bump com.amazonaws:aws-java-sdk-cloudwatch from 1.12.696 to 1.12.720 #​5042 #​5086
• Bump com.dynatrace.metric.util:dynatrace-metric-utils-java from 2.2.0 to 2.2.1 #​5005
• Bump com.signalfx.public:signalfx-java from 1.0.40 to 1.0.41 #​5000
• Bump com.netflix.spectator:spectator-reg-atlas from 1.7.11 to 1.7.12 #​4994

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​izeye, @​tdinev, @​lenin-jaganathan and @​MartinUhlen

miracum/kafka-fhir-serializer (org.miracum:kafka-fhir-serializer)

v1.0.6

What's Changed

• chore(deps): update github-actions by @​renovate in https://github.com/miracum/kafka-fhir-serializer/pull/45
• chore(deps): update all non-major dependencies by @​renovate in https://github.com/miracum/kafka-fhir-serializer/pull/37
• chore(deps): update miracum/.github action to v1.6.3 by @​renovate in https://github.com/miracum/kafka-fhir-serializer/pull/46
• chore(deps): update github-actions by @​renovate in https://github.com/miracum/kafka-fhir-serializer/pull/47
• fix(deps): update all non-major dependencies by @​renovate in https://github.com/miracum/kafka-fhir-serializer/pull/48

Full Changelog: miracum/kafka-fhir-serializer@v1.0.5...v1.0.6

hapifhir/hapi-fhir (ca.uhn.hapi.fhir:hapi-fhir-client-okhttp)

v7.2.1

7.2.1

v7.2.0

7.2.0

spring-cloud/spring-cloud-release (org.springframework.cloud:spring-cloud-dependencies)

v2023.0.2

---

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	4		0	0.08s
✅ DOCKERFILE	hadolint	2		0	0.16s
✅ EDITORCONFIG	editorconfig-checker	66		0	0.44s
✅ GROOVY	npm-groovy-lint	2		0	9.08s
✅ JAVA	checkstyle	18		0	5.19s
✅ JSON	jsonlint	5		0	0.21s
✅ JSON	prettier	5		0	1.88s
✅ JSON	v8r	5		0	4.47s
✅ MARKDOWN	markdownlint	2		0	0.63s
✅ PYTHON	bandit	1		0	1.3s
✅ PYTHON	black	1		0	0.89s
✅ PYTHON	flake8	1		0	0.65s
✅ PYTHON	isort	1		0	0.34s
✅ PYTHON	mypy	1		0	6.91s
✅ PYTHON	ruff	1		0	0.04s
✅ REPOSITORY	checkov	yes		no	15.54s
✅ REPOSITORY	gitleaks	yes		no	0.96s
✅ REPOSITORY	git_diff	yes		no	0.04s
✅ REPOSITORY	grype	yes		no	14.12s
✅ REPOSITORY	kics	yes		no	4.2s
✅ REPOSITORY	secretlint	yes		no	0.97s
✅ REPOSITORY	syft	yes		no	2.74s
❌ REPOSITORY	trivy	yes		1	9.23s
✅ REPOSITORY	trivy-sbom	yes		no	6.91s
✅ REPOSITORY	trufflehog	yes		no	4.22s
✅ SQL	sql-lint	1		0	0.36s
✅ XML	xmllint	1		0	0.01s
✅ YAML	prettier	17		0	1.05s
✅ YAML	yamllint	17		0	0.51s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

• Click here to request the new flavor

MegaLinter is graciously provided by

[github-actions]

Trivy image scan report

ghcr.io/miracum/fhir-gateway:pr-159 (debian 12.5)

21 known vulnerabilities found (CRITICAL: 1 HIGH: 2 MEDIUM: 5 LOW: 13)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
libc6	CVE-2024-33599	HIGH	2.36-9+deb12u6	2.36-9+deb12u7
libc6	CVE-2024-33600	MEDIUM	2.36-9+deb12u6	2.36-9+deb12u7
libc6	CVE-2024-33601	MEDIUM	2.36-9+deb12u6	2.36-9+deb12u7
libc6	CVE-2024-33602	MEDIUM	2.36-9+deb12u6	2.36-9+deb12u7
libc6	CVE-2010-4756	LOW	2.36-9+deb12u6
libc6	CVE-2018-20796	LOW	2.36-9+deb12u6
libc6	CVE-2019-1010022	LOW	2.36-9+deb12u6
libc6	CVE-2019-1010023	LOW	2.36-9+deb12u6
libc6	CVE-2019-1010024	LOW	2.36-9+deb12u6
libc6	CVE-2019-1010025	LOW	2.36-9+deb12u6
libc6	CVE-2019-9192	LOW	2.36-9+deb12u6
libexpat1	CVE-2023-52425	HIGH	2.5.0-1
libexpat1	CVE-2023-52426	LOW	2.5.0-1
libexpat1	CVE-2024-28757	LOW	2.5.0-1
libgcc-s1	CVE-2023-4039	MEDIUM	12.2.0-14
libgcc-s1	CVE-2022-27943	LOW	12.2.0-14
libpng16-16	CVE-2021-4214	LOW	1.6.39-2
libstdc++6	CVE-2023-4039	MEDIUM	12.2.0-14
libstdc++6	CVE-2022-27943	LOW	12.2.0-14
libuuid1	CVE-2022-0563	LOW	2.38.1-5+deb12u1
zlib1g	CVE-2023-45853	CRITICAL	1:1.2.13.dfsg-1

No Misconfigurations found

[github-actions]

Code Coverage Report

Overall Project	28.96%	❌

There is no coverage information present for the Files changed

[miracum-bot]

🎉 This issue has been resolved in version 3.13.2 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀