[release-v1.21][maven]: Bump the patch group across 1 directory with 16 updates by dependabot[bot] · Pull Request #2303 · openshift-knative/eventing-kafka-broker

dependabot · 2026-04-15T01:57:05Z

Bumps the patch group with 16 updates in the /data-plane directory:

Package	From	To
io.quarkus:quarkus-bom	`3.28.0`	`3.28.5`
io.vertx:vertx-opentelemetry	`4.5.16`	`4.5.26`
io.vertx:vertx-junit5	`4.5.16`	`4.5.26`
ch.qos.logback:logback-core	`1.5.18`	`1.5.32`
ch.qos.logback:logback-classic	`1.5.18`	`1.5.32`
io.cloudevents:cloudevents-http-vertx	`4.0.1`	`4.0.2`
io.cloudevents:cloudevents-kafka	`4.0.1`	`4.0.2`
io.cloudevents:cloudevents-json-jackson	`4.0.1`	`4.0.2`
io.cloudevents:cloudevents-sql	`4.0.1`	`4.0.2`
software.amazon.msk:aws-msk-iam-auth	`2.3.2`	`2.3.5`
org.assertj:assertj-core	`3.27.3`	`3.27.7`
org.scala-lang:scala-reflect	`2.13.14`	`2.13.18`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.3`	`3.5.5`
org.apache.maven.plugins:maven-enforcer-plugin	`3.6.1`	`3.6.2`
org.jacoco:jacoco-maven-plugin	`0.8.12`	`0.8.14`
org.apache.maven.plugins:maven-shade-plugin	`3.6.0`	`3.6.2`

Updates io.quarkus:quarkus-bom from 3.28.0 to 3.28.5

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.28.5

Complete changelog

#49504 - continuous-testing=disabled causes NPE and does not disable continuous testing mode

#50568 - SmallRye Process: stderr warning: docker; testing in container

#50571 - WorkspaceLoader fails if a Maven module tag references a pom file instead of a directory

#50576 - Fix bootstrap when module is pointing to POM file directly

#50578 - Reproducible order of enties in app/<project-name>.jar

#50596 - Contribute files to the app jar in a deterministic order

#50597 - container-image-docker-common: swallow stderr on success

#50608 - Bump Microsoft SQL Server JDBC driver to 13.2.1

#50646 - Improve handling of quarkus.test.continuous-testing=false

#50653 - Opens java.lang as it's required for Java 24+

3.28.4

Complete changelog

#49225 - OIDC redirect fails to properly append OAuth parameters when original URL contains query parameters

#50321 - @RequestParam required true

#50400 - Modify @RequestParam presence handling

#50427 - DEV UI workspace shows a log file on Windows rather than Java file and hierarchy visualisation is broken

#50476 - Rename leftovers of GlobalDevServicesConfig

#50490 - Fix DEV UI workspace directory worktree and item selection on Windows

#50491 - Correctly restore query params when OIDC does not drop redirect params

#50503 - Add a clarification about OAuth2 protected resource metadata route address

#50515 - Move Hibernate ORM/Reactive configuration reference to the bottom of the guides

#50517 - Assistant: Remove unused exception method

#50520 - Minor update to rest-client.adoc

#50528 - Project creation with extension not from platform fails with 3.28.3

#50531 - Update logging configuration property from .enable to .enabled in application properties

#50541 - Bump the hibernate group with 8 updates

#50554 - Ignore quarkus-core in non-platform extension catalogs

#50556 - Quarkus augmentation weakens file permissions

#50557 - Avoid using COPY_ATTRIBUTES when copying the jars of fast jar

#50560 - UnsupportedOperationException with HTTP Response Code 204

#50569 - Don't fail in Quarkus REST Servlet when trying to remove an HTTP header

3.28.3

Complete changelog

#29817 - quarkus cli fail hard on bad settings.xml

#49733 - quarkus.thread-pool.shutdown-interrupt is not respected

#50126 - HQL Console improvements

#50306 - Unrecognized configuration key "quarkus.gradle-worker.no-process"

#50317 - VertxOutputStream: Cannot reserve 65536 bytes of direct buffer memory (allocated: 760195093, limit: 760217600)

#50318 - Avoid importing BOMs managing extensions managed by BOMs with higher preferences

#50335 - Change quarkus.gradle-worker.* to gradle.quarkus.gradle-worker.*

... (truncated)

Commits

7343948 [RELEASE] - Bump version to 3.28.5
319b171 Merge pull request #50656 from gsmet/3.28.5-backports-1
55e3f83 Opens java.lang as it's required for Java 24+
4b3e239 Prevent continuous testing log entry when `quarkus.test.continuous-testing=di...
b403fdc Prevent NPE when quarkus.test.continuous-testing=false
3afb089 Ensure that Liquibase pre-conditions work for MongoDB
88e2ca6 Fix podman machine setup command order
55137e4 Bump Microsoft SQL Server JDBC driver to 13.2.1
21666c5 Removed extra '=' when converting single add opns jvm option (fixes #50610)
fdd2683 Contribute files to the app jar in a deterministic order
Additional commits viewable in compare view

Updates io.vertx:vertx-opentelemetry from 4.5.16 to 4.5.26

Commits

92c79bb Releasing 4.5.26
9c641d1 Set next snapshot version
863bb6a Releasing 4.5.25
7c5d292 Bump testcontainers to 2.0.3
9b0508b Bump org.assertj:assertj-core in /vertx-opentelemetry (#100)
e9bb941 Set next snapshot version
d93310f Releasing 4.5.24
1b31ce4 Set next snapshot version
fc4d51e Releasing 4.5.23
95c535b Set next snapshot version
Additional commits viewable in compare view

Updates io.vertx:vertx-junit5 from 4.5.16 to 4.5.26

Commits

3f5902b Releasing 4.5.26
bbfcec7 Set next snapshot version
e5b0600 Releasing 4.5.25
2fa9ace Bump org.assertj:assertj-core from 3.24.2 to 3.27.7 (#154)
18c8d33 ScopedObject should implement AutoCloseable (#152)
cf069f2 Set next snapshot version
dc720ef Releasing 4.5.24
3e1fbdd Set next snapshot version
92b2f75 Releasing 4.5.23
b95c14f Set next snapshot version
Additional commits viewable in compare view

Updates ch.qos.logback:logback-core from 1.5.18 to 1.5.32

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.32

2026-02-16 Release of logback version 1.5.32

• In DefaultProcessor, fixed incorrect check for dependencies contained within a parent model. Previous only the direct children were scanned. This fixes logback-access/issues/34.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e807335a67535b4eacce94e942c0bcb649665d93 associated with the tag v_1.5.32. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.31

2026-02-14 Release of logback version 1.5.31

• Fixed missing META-INF/services directory in logback-classic.jar. This issue rendered logback-classic version 1.5.30 unusable with SLF4J.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 168e42f9f9a18a3ffdf31eb2bfe80a71e33ecd8b associated with the tag v_1.5.31. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.30

2026-02-14 Release of logback version 1.5.30

• In this version, logback-classic.jar was missing the META-INF/services directory, making it unusable with SLF4J. Version 1.5.31 (released later on the same day) fixes this issue.

• Fix scanning issue when an included file becomes available at a later time. This problem was reported in issues/1021 by Sergey Nazarov.

• Standardized code for version checking across modules.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 44164f10ca3fb44ce0e68519f13564b87e3aca61 associated with the tag v_1.5.30. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.29

2026-02-09 Release of logback version 1.5.29

• In response to issues/1017, appender names and appender references are once again subject to variable substitution, reverting the change introduced in version 1.5.28.

Logback 1.5.28

2026-02-06 Release of logback version 1.5.28

• Appender names or appender references are no longer subject to variable substitution.

• Fixed issue with configurations with conditionals encompassing appenders. This was reported in issues/1016 reported by Sergey Sazonov.

• The element now admits a 'scan' attribute which can be used to override the 'scan' attribute in the element.

• Fixed NullPointerException thrown by VersionUtil.checkForVersionEquality method occurring with GraalVM Native Images. This issue was reported in issues/1014.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e7a1855ab562bb102333f754603ff89359bf3cfc associated with the tag v_1.5.28. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.27

2026-01-30 Release of logback version 1.5.27

• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.

• Fixed missing MDC data transmitted by SocketAppender reported in issues/1010 by Lars Vogel.

... (truncated)

Commits

e807335 prepare release 1.5.32
dc35d55 fix logback-access/issues/34 by checking if dependency is a sub-model of the ...
8e32278 added simple test for appender definitiob via file inclusion
834dbed start work on 1.5.32-SNAPSHOT
168e42f add test to check that Logback SLF4J provider can be activated
ed45362 prepare release 1.5.31
609dae7 fix missing META-INF directory
7739739 start work on 1.5.31-SNAPSHOT
44164f1 prepare release 1.5.30
9874f06 test for top-file as a resource, introduced new module logback-classic-misc
Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.18 to 1.5.32

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.32

2026-02-16 Release of logback version 1.5.32

• In DefaultProcessor, fixed incorrect check for dependencies contained within a parent model. Previous only the direct children were scanned. This fixes logback-access/issues/34.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e807335a67535b4eacce94e942c0bcb649665d93 associated with the tag v_1.5.32. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.31

2026-02-14 Release of logback version 1.5.31

• Fixed missing META-INF/services directory in logback-classic.jar. This issue rendered logback-classic version 1.5.30 unusable with SLF4J.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 168e42f9f9a18a3ffdf31eb2bfe80a71e33ecd8b associated with the tag v_1.5.31. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.30

2026-02-14 Release of logback version 1.5.30

• In this version, logback-classic.jar was missing the META-INF/services directory, making it unusable with SLF4J. Version 1.5.31 (released later on the same day) fixes this issue.

• Fix scanning issue when an included file becomes available at a later time. This problem was reported in issues/1021 by Sergey Nazarov.

• Standardized code for version checking across modules.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 44164f10ca3fb44ce0e68519f13564b87e3aca61 associated with the tag v_1.5.30. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.29

2026-02-09 Release of logback version 1.5.29

• In response to issues/1017, appender names and appender references are once again subject to variable substitution, reverting the change introduced in version 1.5.28.

Logback 1.5.28

2026-02-06 Release of logback version 1.5.28

• Appender names or appender references are no longer subject to variable substitution.

• Fixed issue with configurations with conditionals encompassing appenders. This was reported in issues/1016 reported by Sergey Sazonov.

• The element now admits a 'scan' attribute which can be used to override the 'scan' attribute in the element.

• Fixed NullPointerException thrown by VersionUtil.checkForVersionEquality method occurring with GraalVM Native Images. This issue was reported in issues/1014.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e7a1855ab562bb102333f754603ff89359bf3cfc associated with the tag v_1.5.28. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.27

2026-01-30 Release of logback version 1.5.27

• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.

• Fixed missing MDC data transmitted by SocketAppender reported in issues/1010 by Lars Vogel.

... (truncated)

Commits

e807335 prepare release 1.5.32
dc35d55 fix logback-access/issues/34 by checking if dependency is a sub-model of the ...
8e32278 added simple test for appender definitiob via file inclusion
834dbed start work on 1.5.32-SNAPSHOT
168e42f add test to check that Logback SLF4J provider can be activated
ed45362 prepare release 1.5.31
609dae7 fix missing META-INF directory
7739739 start work on 1.5.31-SNAPSHOT
44164f1 prepare release 1.5.30
9874f06 test for top-file as a resource, introduced new module logback-classic-misc
Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.18 to 1.5.32

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.32

2026-02-16 Release of logback version 1.5.32

• In DefaultProcessor, fixed incorrect check for dependencies contained within a parent model. Previous only the direct children were scanned. This fixes logback-access/issues/34.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e807335a67535b4eacce94e942c0bcb649665d93 associated with the tag v_1.5.32. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.31

2026-02-14 Release of logback version 1.5.31

• Fixed missing META-INF/services directory in logback-classic.jar. This issue rendered logback-classic version 1.5.30 unusable with SLF4J.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 168e42f9f9a18a3ffdf31eb2bfe80a71e33ecd8b associated with the tag v_1.5.31. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.30

2026-02-14 Release of logback version 1.5.30

• In this version, logback-classic.jar was missing the META-INF/services directory, making it unusable with SLF4J. Version 1.5.31 (released later on the same day) fixes this issue.

• Fix scanning issue when an included file becomes available at a later time. This problem was reported in issues/1021 by Sergey Nazarov.

• Standardized code for version checking across modules.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 44164f10ca3fb44ce0e68519f13564b87e3aca61 associated with the tag v_1.5.30. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.29

2026-02-09 Release of logback version 1.5.29

• In response to issues/1017, appender names and appender references are once again subject to variable substitution, reverting the change introduced in version 1.5.28.

Logback 1.5.28

2026-02-06 Release of logback version 1.5.28

• Appender names or appender references are no longer subject to variable substitution.

• Fixed issue with configurations with conditionals encompassing appenders. This was reported in issues/1016 reported by Sergey Sazonov.

• The element now admits a 'scan' attribute which can be used to override the 'scan' attribute in the element.

• Fixed NullPointerException thrown by VersionUtil.checkForVersionEquality method occurring with GraalVM Native Images. This issue was reported in issues/1014.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e7a1855ab562bb102333f754603ff89359bf3cfc associated with the tag v_1.5.28. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.27

2026-01-30 Release of logback version 1.5.27

• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.

• Fixed missing MDC data transmitted by SocketAppender reported in issues/1010 by Lars Vogel.

... (truncated)

Commits

e807335 prepare release 1.5.32
dc35d55 fix logback-access/issues/34 by checking if dependency is a sub-model of the ...
8e32278 added simple test for appender definitiob via file inclusion
834dbed start work on 1.5.32-SNAPSHOT
168e42f add test to check that Logback SLF4J provider can be activated
ed45362 prepare release 1.5.31
609dae7 fix missing META-INF directory
7739739 start work on 1.5.31-SNAPSHOT
44164f1 prepare release 1.5.30
9874f06 test for top-file as a resource, introduced new module logback-classic-misc
Additional commits viewable in compare view

Updates io.cloudevents:cloudevents-http-vertx from 4.0.1 to 4.0.2

Updates io.cloudevents:cloudevents-kafka from 4.0.1 to 4.0.2

Release notes

Sourced from io.cloudevents:cloudevents-kafka's releases.

v4.0.2

What's Changed

[Release] Bump to 4.1.0-SNAPSHOT by @github-actions[bot] in cloudevents/sdk-java#645

Allow bumping versions in /docs only by @pierDipi in cloudevents/sdk-java#648

[Release] Bump to 4.0.0 by @github-actions[bot] in cloudevents/sdk-java#649

Make CloudEventValidatorProvider thread safe by @pierDipi in cloudevents/sdk-java#650

Bump org.apache.rocketmq:rocketmq-client-java from 5.0.4 to 5.0.7 by @dependabot[bot] in cloudevents/sdk-java#653

Fix cloudevents-sql artifactId in bom by @dsimansk in cloudevents/sdk-java#669

Bump org.apache.maven.plugins:maven-install-plugin from 2.5.1 to 3.1.3 by @dependabot[bot] in cloudevents/sdk-java#664

docs: correcting import to EventFormatProvider by @rohanrmallya in cloudevents/sdk-java#658

[Release] Bump to 4.0.1 by @github-actions[bot] in cloudevents/sdk-java#656

Bump org.apache.avro:avro from 1.11.3 to 1.11.4 in /formats/avro-compact by @dependabot[bot] in cloudevents/sdk-java#671

Bump org.eclipse.jetty:jetty-server from 9.4.51.v20230217 to 9.4.55.v20240627 in /examples/basic-http by @dependabot[bot] in cloudevents/sdk-java#672

Bump rexml from 3.2.8 to 3.3.6 in /docs by @dependabot[bot] in cloudevents/sdk-java#665

Bump rexml from 3.3.6 to 3.3.9 in /docs by @dependabot[bot] in cloudevents/sdk-java#675

Bump org.slf4j:slf4j-simple from 1.7.36 to 2.0.16 by @dependabot[bot] in cloudevents/sdk-java#674

Bump io.projectreactor:reactor-core from 3.5.1 to 3.6.11 by @dependabot[bot] in cloudevents/sdk-java#677

fix: disallow empty 'subject' header by @pnt in cloudevents/sdk-java#679

Bump org.apache.kafka:kafka-clients from 3.0.0 to 3.7.1 in /kafka by @dependabot[bot] in cloudevents/sdk-java#681

Bump org.apache.qpid:proton-j from 0.33.7 to 0.34.1 by @dependabot[bot] in cloudevents/sdk-java#678

Bump org.apache.maven.plugins:maven-antrun-plugin from 3.0.0 to 3.1.0 by @dependabot[bot] in cloudevents/sdk-java#682

Bump nokogiri from 1.16.5 to 1.18.3 in /docs by @dependabot[bot] in cloudevents/sdk-java#685

build: remove maven cache by @SleimanJneidi in cloudevents/sdk-java#696

upgrade to protobuf sdk 4.31.1 by @SleimanJneidi in cloudevents/sdk-java#695

Migrate from OSSRH to Central Portal by @pierDipi in cloudevents/sdk-java#698

Update Jackson version to 2.21.2 by @akerekes in cloudevents/sdk-java#712

Bump rexml from 3.3.9 to 3.4.2 in /docs by @dependabot[bot] in cloudevents/sdk-java#700

Bump org.apache.kafka:kafka-clients from 3.7.1 to 3.9.1 in /kafka by @dependabot[bot] in cloudevents/sdk-java#693

Bump faraday from 1.1.0 to 1.10.5 in /docs by @dependabot[bot] in cloudevents/sdk-java#713

Bump io.vertx:vertx-core from 4.3.3 to 4.5.24 in /http/restful-ws-jakarta-integration-tests/restful-ws-resteasy by @dependabot[bot] in cloudevents/sdk-java#714

Bump nokogiri from 1.18.3 to 1.19.1 in /docs by @dependabot[bot] in cloudevents/sdk-java#716

Bump activesupport from 6.0.6.1 to 7.2.3.1 in /docs by @dependabot[bot] in cloudevents/sdk-java#715

Bump maven-surefire-plugin.version from 2.17 to 3.5.2 by @dependabot[bot] in cloudevents/sdk-java#684

Bump protobuf.version from 3.21.10 to 4.26.1 by @dependabot[bot] in cloudevents/sdk-java#633

Bump org.apache.maven.plugins:maven-resources-plugin from 2.6 to 3.3.1 by @dependabot[bot] in cloudevents/sdk-java#583

Bump org.apache.maven.plugins:maven-jar-plugin from 2.4 to 3.4.2 by @dependabot[bot] in cloudevents/sdk-java#642

Bump addressable from 2.8.1 to 2.9.0 in /docs by @dependabot[bot] in cloudevents/sdk-java#721

Bump maven-surefire-plugin.version from 3.5.2 to 3.5.5 by @dependabot[bot] in cloudevents/sdk-java#720

Bump org.sonatype.central:central-publishing-maven-plugin from 0.8.0 to 0.10.0 by @dependabot[bot] in cloudevents/sdk-java#719

[Release] Bump to 4.0.2 by @github-actions[bot] in cloudevents/sdk-java#723

[Release] try to fix release 4.0.2 by @duglin in cloudevents/sdk-java#726

New Contributors

@dsimansk made their first contribution in cloudevents/sdk-java#669

@rohanrmallya made their first contribution in cloudevents/sdk-java#658

@pnt made their first contribution in cloudevents/sdk-java#679

@SleimanJneidi made their first contribution in cloudevents/sdk-java#696

@akerekes made their first contribution in cloudevents/sdk-java#712

Full Changelog: cloudevents/sdk-java@v4.0.1...v4.0.2

Commits

7fcd8d6 try to fix release 4.0.2 (#726)
58aff57 Bump to 4.0.2 (#723)
91dd9c1 Bump org.sonatype.central:central-publishing-maven-plugin (#719)
13824c4 Bump maven-surefire-plugin.version from 3.5.2 to 3.5.5 (#720)
70eae67 Bump addressable from 2.8.1 to 2.9.0 in /docs (#721)
d16f9ba Bump org.apache.maven.plugins:maven-jar-plugin from 2.4 to 3.4.2 (#642)
5722295 Bump org.apache.maven.plugins:maven-resources-plugin from 2.6 to 3.3.1 (#583)
75975f4 Bump protobuf.version from 3.21.10 to 4.26.1 (#633)
6b438cc Bump maven-surefire-plugin.version from 2.17 to 3.5.2 (#684)
f4192f5 Bump activesupport from 6.0.6.1 to 7.2.3.1 in /docs (#715)
Additional commits viewable in compare view

Updates io.cloudevents:cloudevents-json-jackson from 4.0.1 to 4.0.2

Updates io.cloudevents:cloudevents-sql from 4.0.1 to 4.0.2

Release notes

Sourced from io.cloudevents:cloudevents-sql's releases.

v4.0.2

What's Changed

[Release] Bump to 4.1.0-SNAPSHOT by @github-actions[bot] in cloudevents/sdk-java#645

Allow bumping versions in /docs only by @pierDipi in cloudevents/sdk-java#648

[Release] Bump to 4.0.0 by @github-actions[bot] in cloudevents/sdk-java#649

Make CloudEventValidatorProvider thread safe by @pierDipi in cloudevents/sdk-java#650

Bump org.apache.rocketmq:rocketmq-client-java from 5.0.4 to 5.0.7 by @dependabot[bot] in cloudevents/sdk-java#653

Fix cloudevents-sql artifactId in bom by @dsimansk in cloudevents/sdk-java#669

Bump org.apache.maven.plugins:maven-install-plugin from 2.5.1 to 3.1.3 by @dependabot[bot] in cloudevents/sdk-java#664

docs: correcting import to EventFormatProvider by @rohanrmallya in cloudevents/sdk-java#658

[Release] Bump to 4.0.1 by @github-actions[bot] in cloudevents/sdk-java#656

Bump org.apache.avro:avro from 1.11.3 to 1.11.4 in /formats/avro-compact by @dependabot[bot] in cloudevents/sdk-java#671

Bump org.eclipse.jetty:jetty-server from 9.4.51.v20230217 to 9.4.55.v20240627 in /examples/basic-http by @dependabot[bot] in cloudevents/sdk-java#672

Bump rexml from 3.2.8 to 3.3.6 in /docs by @dependabot[bot] in cloudevents/sdk-java#665

Bump rexml from 3.3.6 to 3.3.9 in /docs by @dependabot[bot] in cloudevents/sdk-java#675

Bump org.slf4j:slf4j-simple from 1.7.36 to 2.0.16 by @dependabot[bot] in cloudevents/sdk-java#674

Bump io.projectreactor:reactor-core from 3.5.1 to 3.6.11 by @dependabot[bot] in cloudevents/sdk-java#677

fix: disallow empty 'subject' header by @pnt in cloudevents/sdk-java#679

Bump org.apache.kafka:kafka-clients from 3.0.0 to 3.7.1 in /kafka by @dependabot[bot] in cloudevents/sdk-java#681

Bump org.apache.qpid:proton-j from 0.33.7 to 0.34.1 by @dependabot[bot] in cloudevents/sdk-java#678

Bump org.apache.maven.plugins:maven-antrun-plugin from 3.0.0 to 3.1.0 by @dependabot[bot] in cloudevents/sdk-java#682

Bump nokogiri from 1.16.5 to 1.18.3 in /docs by @dependabot[bot] in cloudevents/sdk-java#685

build: remove maven cache by @SleimanJneidi in cloudevents/sdk-java#696

upgrade to protobuf sdk 4.31.1 by @SleimanJneidi in cloudevents/sdk-java#695

Migrate from OSSRH to Central Portal by @pierDipi in cloudevents/sdk-java#698

Update Jackson version to 2.21.2 by @akerekes in cloudevents/sdk-java#712

Bump rexml from 3.3.9 to 3.4.2 in /docs by @dependabot[bot] in cloudevents/sdk-java#700

Bump org.apache.kafka:kafka-clients from 3.7.1 to 3.9.1 in /kafka by @dependabot[bot] in cloudevents/sdk-java#693

Bump faraday from 1.1.0 to 1.10.5 in /docs by @dependabot[bot] in cloudevents/sdk-java#713

Bump io.vertx:vertx-core from 4.3.3 to 4.5.24 in /http/restful-ws-jakarta-integration-tests/restful-ws-resteasy by @dependabot[bot] in cloudevents/sdk-java#714

Bump nokogiri from 1.18.3 to 1.19.1 in /docs by @dependabot[bot] in cloudevents/sdk-java#716

Bump activesupport from 6.0.6.1 to 7.2.3.1 in /docs by @dependabot[bot] in cloudevents/sdk-java#715

Bump maven-surefire-plugin.version from 2.17 to 3.5.2 by @dependabot[bot] in cloudevents/sdk-java#684

Bump protobuf.version from 3.21.10 to 4.26.1 by @dependabot[bot] in cloudevents/sdk-java#633

Bump org.apache.maven.plugins:maven-resources-plugin from 2.6 to 3.3.1 by @dependabot[bot] in cloudevents/sdk-java#583

Bump org.apache.maven.plugins:maven-jar-plugin from 2.4 to 3.4.2 by @dependabot[bot] in cloudevents/sdk-java#642

Bump addressable from 2.8.1 to 2.9.0 in /docs by @dependabot[bot] in cloudevents/sdk-java#721

Bump maven-surefire-plugin.version from 3.5.2 to 3.5.5 by @dependabot[bot] in cloudevents/sdk-java#720

Bump org.sonatype.central:central-publishing-maven-plugin from 0.8.0 to 0.10.0 by @dependabot[bot] in cloudevents/sdk-java#719

[Release] Bump to 4.0.2 by @github-actions[bot] in cloudevents/sdk-java#723

[Release] try to fix release 4.0.2 by @duglin in cloudevents/sdk-java#726

New Contributors

@dsimansk made their first contribution in cloudevents/sdk-java#669

@rohanrmallya made their first contribution in cloudevents/sdk-java#658

@pnt made their first contribution in cloudevents/sdk-java#679

@SleimanJneidi made their first contribution in cloudevents/sdk-java#696

@akerekes made their first contribution in cloudevents/sdk-java#712

Full Changelog: cloudevents/sdk-java@v4.0.1...v4.0.2

Commits

7fcd8d6 try to fix release 4.0.2 (#726)
58aff57 Bump to 4.0.2 (#723)
91dd9c1 Bump org.sonatype.central:central-publishing-maven-plugin (#719)
13824c4 Bump maven-surefire-plugin.version from 3.5.2 to 3.5.5 (#720)
70eae67 Bump addressable from 2.8.1 to 2.9.0 in /docs (#721)
d16f9ba Bump org.apache.maven.plugins:maven-jar-plugin from 2.4 to 3.4.2 (#642)
5722295 Bump org.apache.maven.plugins:maven-resources-plugin from 2.6 to 3.3.1 (#583)
75975f4 Bump protobuf.version from 3.21.10 to 4.26.1 (#633)
6b438cc Bump maven-surefire-plugin.version from 2.17 to 3.5.2 (#684)
f4192f5 Bump activesupport from 6.0.6.1 to 7.2.3.1 in /docs (#715)
Additional commits viewable in compare view

Updates io.cloudevents:cloudevents-kafka from 4.0.1 to 4.0.2

Release notes

Sourced from io.cloudevents:cloudevents-kafka's releases.

v4.0.2

What's Changed

[Release] Bump to 4.1.0-SNAPSHOT by @github-actions[bot] in cloudevents/sdk-java#645

Allow bumping versions in /docs only by @pierDipi in cloudevents/sdk-java#648

[Release] Bump to 4.0.0 by @github-actions[bot] in cloudevents/sdk-java#649

Make CloudEventValidatorProvider thread safe by @pierDipi in cloudevents/sdk-java#650

Bump org.apache.rocketmq:rocketmq-client-java from 5.0.4 to 5.0.7 by @dependabot[bot] in cloudevents/sdk-java#653

Fix cloudevents-sql artifactId in bom by @dsimansk in cloudevents/sdk-java#669

Bump org.apache.maven.plugins:maven-install-plugin from 2.5.1 to 3.1.3 by @dependabot[bot] in cloudevents/sdk-java#664

docs: correcting import to EventFormatProvider by @rohanrmallya in cloudevents/sdk-java#658

[Release] Bump to 4.0.1 by @github-actions[bot] in cloudevents/sdk-java#656

Bump org.apache.avro:avro from 1.11.3 to 1.11.4 in /formats/avro-compact by @dependabot[bot] in cloudevents/sdk-java#671

Bump org.eclipse.jetty:jetty-server from 9.4.51.v20230217 to 9.4.55.v20240627 in /examples/basic-http by @dependabot[bot] in cloudevents/sdk-java#672

Bump rexml from 3.2.8 to 3.3.6 in /docs by @dependabot[bot] in cloudevents/sdk-java#665

Bump rexml from 3.3.6 to 3.3.9 in /docs by @dependabot[bot] in cloudevents/sdk-java#675

Bump org.slf4j:slf4j-simple from 1.7.36 to 2.0.16 by @dependabot[bot] in cloudevents/sdk-java#674

Bump io.projectreactor:reactor-core from 3.5.1 to 3.6.11 by @dependabot[bot] in cloudevents/sdk-java#677

fix: disallow empty 'subject' header by @pnt in cloudevents/sdk-java#679

Bump org.apache.kafka:kafka-clients from 3.0.0 to 3.7.1 in /kafka by @dependabot[bot] in cloudevents/sdk-java#681

Bump org.apache.qpid:proton-j from 0.33.7 to 0.34.1 by @dependabot[bot] in cloudevents/sdk-java#678

Bump org.apache.maven.plugins:maven-antrun-plugin from 3.0.0 to 3.1.0 by @dependabot[bot] in cloudevents/sdk-java#682

Bump nokogiri from 1.16.5 to 1.18.3 in /docs by @dependabot[bot] in cloudevents/sdk-java#685

build: remove maven cache by @SleimanJneidi in cloudevents/sdk-java#696

upgrade to protobuf sdk 4.31.1 by @SleimanJneidi in cloudevents/sdk-java#695

Migrate from OSSRH to Central Portal by @pierDipi in cloudevents/sdk-java#698

Update Jackson version to 2.21.2 by @akerekes in

…16 updates Bumps the patch group with 16 updates in the /data-plane directory: | Package | From | To | | --- | --- | --- | | [io.quarkus:quarkus-bom](https://github.com/quarkusio/quarkus) | `3.28.0` | `3.28.5` | | [io.vertx:vertx-opentelemetry](https://github.com/eclipse-vertx/vertx-tracing) | `4.5.16` | `4.5.26` | | [io.vertx:vertx-junit5](https://github.com/eclipse-vertx/vertx-junit5) | `4.5.16` | `4.5.26` | | [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.32` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.32` | | io.cloudevents:cloudevents-http-vertx | `4.0.1` | `4.0.2` | | [io.cloudevents:cloudevents-kafka](https://github.com/cloudevents/sdk-java) | `4.0.1` | `4.0.2` | | io.cloudevents:cloudevents-json-jackson | `4.0.1` | `4.0.2` | | [io.cloudevents:cloudevents-sql](https://github.com/cloudevents/sdk-java) | `4.0.1` | `4.0.2` | | [software.amazon.msk:aws-msk-iam-auth](https://github.com/aws/aws-msk-iam-auth) | `2.3.2` | `2.3.5` | | [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.3` | `3.27.7` | | [org.scala-lang:scala-reflect](https://github.com/scala/scala) | `2.13.14` | `2.13.18` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.5` | | [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.6.1` | `3.6.2` | | [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.12` | `0.8.14` | | [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) | `3.6.0` | `3.6.2` | Updates `io.quarkus:quarkus-bom` from 3.28.0 to 3.28.5 - [Release notes](https://github.com/quarkusio/quarkus/releases) - [Commits](quarkusio/quarkus@3.28.0...3.28.5) Updates `io.vertx:vertx-opentelemetry` from 4.5.16 to 4.5.26 - [Commits](eclipse-vertx/vertx-tracing@4.5.16...4.5.26) Updates `io.vertx:vertx-junit5` from 4.5.16 to 4.5.26 - [Commits](eclipse-vertx/vertx-junit5@4.5.16...4.5.26) Updates `ch.qos.logback:logback-core` from 1.5.18 to 1.5.32 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.32) Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.32 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.32) Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.32 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.32) Updates `io.cloudevents:cloudevents-http-vertx` from 4.0.1 to 4.0.2 Updates `io.cloudevents:cloudevents-kafka` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/cloudevents/sdk-java/releases) - [Commits](cloudevents/sdk-java@v4.0.1...v4.0.2) Updates `io.cloudevents:cloudevents-json-jackson` from 4.0.1 to 4.0.2 Updates `io.cloudevents:cloudevents-sql` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/cloudevents/sdk-java/releases) - [Commits](cloudevents/sdk-java@v4.0.1...v4.0.2) Updates `io.cloudevents:cloudevents-kafka` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/cloudevents/sdk-java/releases) - [Commits](cloudevents/sdk-java@v4.0.1...v4.0.2) Updates `io.cloudevents:cloudevents-json-jackson` from 4.0.1 to 4.0.2 Updates `io.cloudevents:cloudevents-sql` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/cloudevents/sdk-java/releases) - [Commits](cloudevents/sdk-java@v4.0.1...v4.0.2) Updates `software.amazon.msk:aws-msk-iam-auth` from 2.3.2 to 2.3.5 - [Release notes](https://github.com/aws/aws-msk-iam-auth/releases) - [Commits](aws/aws-msk-iam-auth@v2.3.2...v2.3.5) Updates `io.vertx:vertx-junit5` from 4.5.16 to 4.5.26 - [Commits](eclipse-vertx/vertx-junit5@4.5.16...4.5.26) Updates `org.assertj:assertj-core` from 3.27.3 to 3.27.7 - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.3...assertj-build-3.27.7) Updates `org.scala-lang:scala-reflect` from 2.13.14 to 2.13.18 - [Release notes](https://github.com/scala/scala/releases) - [Commits](scala/scala@v2.13.14...v2.13.18) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.5 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.5) Updates `org.apache.maven.plugins:maven-enforcer-plugin` from 3.6.1 to 3.6.2 - [Release notes](https://github.com/apache/maven-enforcer/releases) - [Commits](apache/maven-enforcer@enforcer-3.6.1...enforcer-3.6.2) Updates `org.jacoco:jacoco-maven-plugin` from 0.8.12 to 0.8.14 - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](jacoco/jacoco@v0.8.12...v0.8.14) Updates `org.apache.maven.plugins:maven-shade-plugin` from 3.6.0 to 3.6.2 - [Release notes](https://github.com/apache/maven-shade-plugin/releases) - [Commits](apache/maven-shade-plugin@maven-shade-plugin-3.6.0...maven-shade-plugin-3.6.2) --- updated-dependencies: - dependency-name: io.quarkus:quarkus-bom dependency-version: 3.28.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.vertx:vertx-opentelemetry dependency-version: 4.5.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.vertx:vertx-junit5 dependency-version: 4.5.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: ch.qos.logback:logback-core dependency-version: 1.5.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-http-vertx dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-kafka dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-json-jackson dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-sql dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-kafka dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-json-jackson dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.cloudevents:cloudevents-sql dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: software.amazon.msk:aws-msk-iam-auth dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: io.vertx:vertx-junit5 dependency-version: 4.5.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: org.scala-lang:scala-reflect dependency-version: 2.13.18 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: org.apache.maven.plugins:maven-enforcer-plugin dependency-version: 3.6.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: org.jacoco:jacoco-maven-plugin dependency-version: 0.8.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: org.apache.maven.plugins:maven-shade-plugin dependency-version: 3.6.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] <support@github.com>

openshift-ci · 2026-04-15T01:57:10Z

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign rudyredhat1 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci · 2026-04-15T01:57:16Z

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift-knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 15, 2026

openshift-ci Bot requested review from Cali0707 and creydr April 15, 2026 01:57

openshift-ci Bot added the needs-ok-to-test label Apr 15, 2026

Run make generate-release

07ae8f5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[release-v1.21][maven]: Bump the patch group across 1 directory with 16 updates#2303

[release-v1.21][maven]: Bump the patch group across 1 directory with 16 updates#2303
dependabot[bot] wants to merge 2 commits intorelease-v1.21from
dependabot/maven/data-plane/release-v1.21/patch-64d26fe056

dependabot Bot commented on behalf of github Apr 15, 2026 •

edited

Loading

Uh oh!

openshift-ci Bot commented Apr 15, 2026

Uh oh!

openshift-ci Bot commented Apr 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

3.28.5

Complete changelog

3.28.4

Complete changelog

3.28.3

Complete changelog

Logback 1.5.32

Logback 1.5.31

Logback 1.5.30

Logback 1.5.29

Logback 1.5.28

Logback 1.5.27

Logback 1.5.32

Logback 1.5.31

Logback 1.5.30

Logback 1.5.29

Logback 1.5.28

Logback 1.5.27

Logback 1.5.32

Logback 1.5.31

Logback 1.5.30

Logback 1.5.29

Logback 1.5.28

Logback 1.5.27

v4.0.2

What's Changed

New Contributors

v4.0.2

What's Changed

New Contributors

v4.0.2

What's Changed

Uh oh!

openshift-ci Bot commented Apr 15, 2026

Uh oh!

openshift-ci Bot commented Apr 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 15, 2026 •

edited

Loading