Bump the all group with 3 updates

[dependabot]

Bumps the all group with 3 updates: com.zaxxer:HikariCP, io.micrometer:micrometer-registry-prometheus and com.google.devtools.ksp.

Updates com.zaxxer:HikariCP from 6.1.0 to 6.2.0

Changelog

Sourced from com.zaxxer:HikariCP's changelog.

HikariCP Changes

Changes in 6.2.0

• merged #2238 handle SQLTimeoutException without eviction. Users looking to preserve previous behavior should provide an implementation of com.zaxxer.hikari.SQLExceptionOverride to the pool configuration.

• added new enum value, Override.MUST_EVICT, available to implementations of com.zaxxer.hikari.SQLExceptionOverride

• enhanced debug logging in circumstances where the pool falls to zero size and new coonections to the database continue to fail.

• update test dependencies that were flagged as having vulnerabilities

Changes in 6.1.0

• fixed #1960 allow SQLExceptionOverride to adjudicate all exceptions for eviction

• merged #1962 dropwizard 5 metrics are now supported via the setMetricRegistry() method in HikariConfig and in HikariDataSource

• merged #2244 improve JavassistProxyFactory

• merged #2243 fix inconsistency between isWrapperFor and unwrap

• merged #1827 support loading properties file in unnamed resources module

• merged #1842 don't clear isCommitStateDirty flag in setReadOnly

• change default maxLifetime variance from 2.5% to 25% to further avoid mass connection die-off dips

Changes in 6.0.0

• fixed #2152 duplicate connection in try with resources clause caused close() being called twice on each connection

• merged #2226 consistent handling of errorCode and sqlState in timeout exception

• merged #2199 eliminate network call if state get is called after set

• merged #2189 add support to get and set db credentials in an atomic operation

• merged #2149 make Savepoint rollbacks mark the connection dirty

• merged #2157 close connections marked as evicted instead of returning them to the pool

• merged #2147 skip Connection::setNetworkTimeout if PoolBase::shutdownNetworkTimeoutExecutor is called

• merged #2126 added Support For beginRequest and endRequest

• small improvements and cleanup from pull request #2166

... (truncated)

Commits

• c6b5eea [maven-release-plugin] prepare release HikariCP-6.2.0
• 14f2c6e update release version
• d32e26e Update CHANGES
• 5df12d6 Update README.md
• ec6891a Expand/improve SQLExceptionOverride handling flexibility
• c7cf4b3 Do not treat a SQLTimeoutException as an evictable offense (#2238)
• 039942b Update README.md
• 1695eb5 Update README.md
• b9690a0 Update README.md
• d20e547 upgrade commons-compress dependency due to security vulnerability (test scope...
• Additional commits viewable in compare view

Updates io.micrometer:micrometer-registry-prometheus from 1.13.6 to 1.14.1

Release notes

Sourced from io.micrometer:micrometer-registry-prometheus's releases.

1.14.1

📔 Documentation

• Gauges may be silently ignored when MeterFilters drop or transform tags #5616

🔨 Dependency Upgrades

• Bump com.netflix.spectator:spectator-reg-atlas from 1.8.1 to 1.8.2 #5685
• Bump software.amazon.awssdk:cloudwatch from 2.29.7 to 2.29.14 #5669
• Bump shaded netty to 4.1.115.Final in micrometer-registry-statsd to address CVE-2024-47535 #5660

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​izeye

1.14.0

Micrometer 1.14.0 is the GA version of a new feature release. See our support policy for support timelines.

Below are the combined release notes of all the pre-release milestones and release candidate preceding this GA release.

⚠️ Noteworthy

• Support ExponentialHistogram in OTLP #3861
• Virtual thread metrics #3956
• Validate expected Observation API call ordering on TestObservationRegistry #5239

⭐ New Features / Enhancements

• Expose TestObservationRegistry as an AssertJ AssertProvider #5551
• Use failure with actual and expected message to improve IDE experience for ObservationContextAssert #5550
• Replace @Nonnull(when = When.MAYBE) with @CheckForNull in @Nullable #5485
• Warn about Prometheus meter registration failure #5228
• Improve performance of merging two Tags/KeyValues instances #5140
• Allow user-provided custom scheduler for periodically binding KafkaMetrics #4976
• Allow specifying the meterNameConsumer for HighCardinalityTagsDetector #4028
• Virtual thread metrics #3956
• Allow tagsBasedOnJoinPoint to override extraTags with CountedAspect #2461
• Configurable _source.enabled Elastic mapping property #1629
• Skip registering Caffeine meters when statistics are not enabled #5409
• Log a warning when instrumenting a cache that is not recording stats in CaffeineCacheMetrics #5402
• MultiGauge.register should accept more types #5390
• Metrics not collected after ExecutorService recreation #5366
• Add "cancelled" information to the GrpcServerObservationContext #5301
• process_start_time_seconds HELP description inconsistency between Prometheus and micrometer #5290
• Add history-tracking to ObservationValidator #5370
• [dynatrace/v2] reduce log verbosity #5306
• Validate expected Observation API call ordering on TestObservationRegistry #5239
• Add JvmThreadDeadlockMetrics #5222
• Allow multiple MeterTag annotations for multiple tags from same target #4081

... (truncated)

Commits

• 2f8b914 Bump software.amazon.awssdk:cloudwatch from 2.29.7 to 2.29.14 (#5669)
• 2b125f4 Bump com.netflix.spectator:spectator-reg-atlas from 1.8.1 to 1.8.2 (#5685)
• 745be35 Bump spring6 from 6.1.14 to 6.1.15 (#5676)
• 00a6e41 Bump com.gradle.develocity from 3.18.1 to 3.18.2 (#5678)
• c3a4ff9 Merge branch '1.13.x' into 1.14.x
• 41c0b53 Merge branch '1.12.x' into 1.13.x
• a0f4911 Bump org.mongodb:mongodb-driver-sync from 4.11.4 to 4.11.5 (#5675)
• f68cc21 Bump me.champeau.gradle:japicmp-gradle-plugin from 0.4.4 to 0.4.5 (#5671)
• 0f7b04e Bump com.amazonaws:aws-java-sdk-cloudwatch from 1.12.777 to 1.12.778 (#5670)
• 1969651 Merge branch '1.13.x' into 1.14.x
• Additional commits viewable in compare view

Updates com.google.devtools.ksp from 2.0.21-1.0.27 to 2.0.21-1.0.28

Release notes

Sourced from com.google.devtools.ksp's releases.

2.0.21-1.0.28

Updates

• [KSP2] Running from command line never finishes #2176
• Introduce KspAATask.commandLineArgumentProviders #2201

Contributors

Thanks to @​GeorgCantor and everyone who reported bugs and participated in discussions!

Commits

• 884c2f8 IntelliJ: set application pool threads to daemon
• 7ecd1d8 KSP2 command line tool: exit with exit code
• 59b9a1f Introduce KspAATask.commandLineArgumentProviders
• f5b4b29 Enable both KSP1 and KSP2 in gradle plugin tests
• f9460ee UPDATE_AA_VERSION: 2.1.20-dev-3305
• 2a1a686 Update KSNameImpl.kt
• cf44710 CI: Update release branch to 1.0.28
• 8f2b41b Downgrade to Kotlin 2.0.21
• 3fac0c1 KSP2: fix module names for Android builds
• 0d114d9 Fix a dependency of integration-tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions