Update all dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.postgresql:postgresql (source)	42.7.8 → 42.7.10
org.mockito:mockito-core	5.21.0 → 5.22.0
org.springdoc:springdoc-openapi-starter-webmvc-ui (source)	2.6.0 → 3.0.1
com.nimbusds:oauth2-oidc-sdk	11.30.1 → 11.33
com.squareup.retrofit2:retrofit	2.11.0 → 3.0.0
org.flywaydb:flyway-maven-plugin (source)	10.10.0 → 12.0.3
org.openapitools:openapi-generator-maven-plugin	7.17.0 → 7.20.0
org.springframework.boot:spring-boot-starter-parent (source)	3.3.0 → 4.0.3

---

Release Notes

pgjdbc/pgjdbc (org.postgresql:postgresql)

v42.7.10

Changed

• chore: Migrate to Shadow 9 PR 3931
• style: fix empty line before javadoc for checkstyle compliance PR #​3925
• style: fix lambda argument indentation for checkstyle compliance PR #​3922
• test: add autosave=always|never|conservative and cleanupSavepoints=true|false to the randomized CI jobs PR #​3917

Fixed

• fix: non-standard strings failing test for version 19 PR #​3934
• fix: small issues in ConnectionFactoryImpl PR #​3929
• fix: process pending responses before fastpath to avoid protocol errors PR # 3913
• doc: use.md, fix typos PR #​3911
• doc: datasource.md, fix minor formatting issue PR #​3912
• doc: add the new PGP signing key to the official documentation PR #​3912

Reverted

• Revert "fix: make all Calendar instances proleptic Gregorian (#​3837) (#​3887)" PR #​3932

v42.7.9

Added

• feat: query timeout property PR #​3705
• feat: Add PEMKeyManager to handle PEM based certs and keys PR #​3700

Changed

• perf: optimize PGInterval.getValue() by replacing String.format with StringBuilder
• doc: update property quoteReturningIdentifiers default value PR #​3847
• security: Use a static method forName to load all user supplied classes. Use the Class.forName 3 parameter method and do not initilize it unless it is a subclass of the expected class

Fixed

• fix: incorrect pg_stat_replication.reply_time calculation PR #​3906
• fix: close temporary lob descriptors that are used internally in PreparedStatement#setBlob
• fix: PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is read only PR #​3897
• fix: make all Calendar instances proleptic Gregorian PR #​3837
• fix: Simplify concurrency guards on QueryExecutorBase#transaction and QueryExecutorBase#standardConformingStrings PR #​3897
• fix: avoid memory leaks in Java <= 21 caused by Thread.inheritedAccessControlContext PR #​3886
• fix: Issue #​3784 pgjdbc can't decode numeric arrays containing special numbers like NaN PR #​3838
• fix: use ssl_is_used() to check for ssl connection PR #​3867
• fix: the classloader is nullable PR #​3907

mockito/mockito (org.mockito:mockito-core)

v5.22.0

springdoc/springdoc-openapi (org.springdoc:springdoc-openapi-starter-webmvc-ui)

v3.0.1: springdoc-openapi v3.0.1 released!

Compare Source

Added

• #​3122 – Add log notifications when SpringDocs / Scalar are enabled by default
• #​3123 – Add support for serving static resources
• #​3151 – Add @Order to ApplicationReadyEvent listener
• #​3158 – Add support for API groups in Scalar
• #​3187 – Add Scalar WebMVC and WebFlux support
• #​3185 – Disable creation of blank GitHub issues (GitHub settings & workflow)
• #​3186 – Decouple Web Server APIs following Spring Boot modularization
• #​3131 – Improve warning messages when documentation is explicitly enabled
• #​3183 – Remove unused operations consumer from route builder methods
• #​3141 – Change handling so useReturnTypeSchema is evaluated at HTTP status code level instead of method level

Changed

• Upgrade Spring Boot to version 4.0.1
• Upgrade swagger-core to version 2.2.41
• Upgrade swagger-ui to version 5.31.0
• Upgrade Scalar to version 0.4.3

Fixed

• #​3133 – Fix regression where content type from Swagger @RequestBody did not take precedence
• #​3146 – Fix WebJar resource handler mappings for Swagger UI resources
• #​3168 – Support @Schema annotations on Kotlin value classes
• #​3178 – Fix regression when generating documentation for Kotlin LinkedHashSet
• #​3170 – Fix warnings when setting title and description in application.yml
• #​3173 – Fix /v3/api-docs returning Base64-encoded response with Spring Framework 7.0.2
• #​3155 – Fix native image support regression with SpringDoc 3.0 and Spring Boot 4.0

What's Changed

• Fix WebJar resource handler mappings for Swagger UI resources by @​jamesmissen in #​3146
• Decoupling Web Server APIs after Spring Boot modularization by @​nicolasb29 in #​3186

New Contributors

• @​jamesmissen made their first contribution in #​3146
• @​nicolasb29 made their first contribution in #​3186

Full Changelog: springdoc/springdoc-openapi@v3.0.0...v3.0.1

v3.0.0: springdoc-openapi v3.0.0 released!

Compare Source

Added

• #​2975 - Spring Framework 7 - Initial API versioning support
• #​3123 - Support static resources for webflux

Changed

• Upgrade to Spring Boot 4.0.0!
• Upgrade to Scalar 0.4.3

Fixed

• #​3131 - Warning messages when docs are explicitly enabled
• #​3121 - NPE in KotlinDeprecatedPropertyCustomizer - resolvedSchema is null

Full Changelog: springdoc/springdoc-openapi@v3.0.0-RC1...v3.0.0

v2.8.15

Compare Source

Added

• #​3122 – Add log notifications when SpringDocs / Scalar are enabled by default
• #​3123 – Add support for serving static resources
• #​3151 – Add @Order to ApplicationReadyEvent listener
• #​3158 – Add support for API groups in Scalar
• #​3187 – Add Scalar WebMVC and WebFlux support
• #​3185 – Disable creation of blank GitHub issues (GitHub settings & workflow)
• #​3186 – Decouple Web Server APIs following Spring Boot modularization
• #​3131 - Improve warning messages when documentation is explicitly enabled
• #​3183 - Remove unused operations consumer from route builder methods
• #​3141 - Change handling so useReturnTypeSchema is evaluated at HTTP status code level instead of method level

Changed

• Upgrade Spring Boot to version 3.5.9
• Upgrade swagger-core to version 2.2.41
• Upgrade swagger-ui to version 5.31.0
• Upgrade Scalar to version 0.4.3

Fixed

• #​3133 – Fix regression where content type from Swagger @RequestBody did not take precedence
• #​3146 – Fix WebJar resource handler mappings for Swagger UI resources
• #​3168 – Support @Schema annotations on Kotlin value classes
• #​3178 – Fix regression when generating documentation for Kotlin LinkedHashSet
• #​3170 – Fix warnings when setting title and description in application.yml
• #​3187 – Add scalar scalar-webmvc and scalar-webflux support

v2.8.14

Added

• #​3090 - Add logs to notify when SpringDocs/Scalar is enabled because SpringDocs/Scalar is enabled by default

Changed

• Upgrade swagger-ui to v5.30.1
• Upgrade swagger-core to v2.2.38
• Upgrade spring-boot to v3.5.7
• Upgrade commons-lang3 to v3.18.0
• Upgrade scalar to v0.3.12

Fixed

• #​3107 - Fix:compatible with lower version of getOpenApi().
• #​3121 - NPE in KotlinDeprecatedPropertyCustomizer - resolvedSchema is null

v2.8.13

Added

• #​3084 - Add Scalar Support

Changed

• Upgrade swagger-ui to v5.28.1

Fixed

• #​3076 - With oneOf the response schema contains an extra type: string

v2.8.12

Changed

• Upgrade swagger-ui to v5.28.0

Fixed

• #​3073 - Duplicate key class Parameter when documenting two GET methods with same path and PathVariable.
• #​3071 - @​io.swagger.v3.oas.annotations.parameters.RequestBody does not work well with @​RequestPart
• #​3066 - Parameter is now required after upgrading to springdoc-openapi 2.8.10

v2.8.11

Added

• #​3065 - javadoc and overall performance optimization

Changed

• Upgrade spring-boot to v3.5.5

Fixed

• #​3064 -ClassNotFoundException: kotlin.reflect.full.KClasses

v2.8.10

Added

• #​3046 - Feature Request: Support @​jakarta.annotation.Nonnull.
• #​3042 - Support externalDocs configure on SpecPropertiesCustomizer
• #​3057 - Refactor webhook discovery and scanning mechanism

Changed

• Upgrade spring-boot to v3.5.4
• Upgrade swagger-ui to v5.27.1
• Upgrade swagger-core to 2.2.36

Fixed

• #​3050 - @​RequestPart JSON parameters missing Content-Type in generated curl commands, causing 415 errors.
• #​2978 - Parameter is no longer optional after upgrade to 2.8.8
• #​3022 - NullPointerException thrown in SchemaUtils.
• #​3026 - Fix unexpected merging of media types
• #​3036 - Fixed "desciption"
• #​3039 - Fix: Property resolution for extensions within @​OpenAPIDefinition Info object
• #​3051 - Fixes so that a RequestPart with a Map is added to the RequestBody
• #​3060 - Use adaptFromForwardedHeaders instead of deprecated fromHttpRequest

v2.8.9

Added

• #​2944 - Support for @​Positive
• #​3011 - type-use for method parameters

Changed

• Upgrade spring-boot to version 3.5.0

Fixed

• #​2982 - application/problem+json content type is not set for ProblemDetails
• #​2990 - Issues with POST Request, application/x-www-form-urlencoded and only one parameter
• #​2998 - io.swagger.v3.oas.annotations.Webhook does not work when defined on the method level
• #​3012 - Order of examples is (sometimes) not preserved

v2.8.8

Fixed

• #​2977 - Handle projects not using kotlin-reflect #​2977

v2.8.7

Added

• #​2944 - Introducing springdoc-openapi-bom project
• #​2948 - Customize Servers via application.yml
• #​2963 - Set default content type for problem details object to application/problem+jso
• #​2971 - List of value classes in Kotlin

Changed

• Upgrade swagger-ui to v5.21.0
• Upgrade swagger-core to 2.2.30
• Upgrade spring-boot to version 3.4.5
• Upgrade spring-security-oauth2-authorization-server to version 1.4.3

Fixed

• #​2947 - Unexpected warning "Appended trailing slash to static resource location"
• #​2960 - NPE when customizing group's open-api without specifying any schema
• #​2969 - fix path to register resource handler to work SwaggerIndexPageTransformer
  considering /webjar path prefix
• #​2964 - Cannot add custom description and example for java.time.Duration since v2.8.6
• #​2972 - @​Header(schema = @​Schema(type = "string")) generates empty or broken schema in
  OpenAPI output since 2.8.0
• #​2976, #​2967 - Build Failure due to Private Inner Class.

v2.8.6

Added

• #​2909 - Check both SerDe BeanPropertyDefinition for @​JsonUnwrapped/@​Schema
• #​2927 - Bail sealed class subtype introspection on Schema
• #​2917 - Add Future to ignored response wrappers
• #​2938 - Add out of the box support for LocalTime, YearMonth, MonthDay

Changed

• Upgrade swagger-ui to v5.20.1
• Upgrade swagger-core to 2.2.29
• Upgrade spring-cloud-function to 4.2.2
• Upgrade spring-boot to version 3.4.4

Fixed

• #​2928 - Add missing builder methods in SchemaBuilder
• #​2905 - ModelResolver.enumAsRef = true result in invalid openapi with actuator using
  enum param
• #​2939 - Duplicate ModelConverter registration with Spring Boot DevTools
• #​2941 - SpringBoot native fails /v3/api-docs when using a Map as an http entity field

v2.8.5

Added

• #​2696 - Do not require JsonSubType annotation for sealed classes
• #​2898 - add needed runtime reflection hints for native image
• #​2891 - Refactor trimIndent Method
• #​2931 - OpenAPIService serverBaseUrl is not thread safe
• #​2933 - Wrong schema generation with PagedModel generated VIA_DTO and wrapped in
  ResponseEntity

Changed

• Upgrade swagger-ui to v5.18.3

Fixed

• #​2902 - Schema replaced by String when using @​ApiResponse with RepresentationModel (
  Hateoas links)
• #​2876 - Restentpoints with same name get mix up
• #​2895 - Only filter out actuator endpoints with double asterisks.
• #​2894 - respect @​JsonUnwrapped & @​Schema on props not fields only
• #​2881 - fix defaultValue when using @​PageableDefault together with
  one-indexed-parameters
• #​2888 - Provide a better consistency for parameters and responses order.

v2.8.4

Added

• #​2873 - Improve performance of getGenericMapResponse
• #​2836 - Provide option to set allowed locales
• 2862 - Align Swagger-UI Prefix Path with Swagger-WebMvc Behavior

Changed

• Upgrade spring-boot to 3.4.2
• Upgrade spring-cloud-function to 4.2.1
• Upgrade swagger-core to 2.2.28

Fixed

• #​2870 - Springdoc 2.8.x + Spring Boot 3.4.1 breaks native image support
• #​2869 - Exception logged when generating schema for delete method of Spring Data
  repository.
• #​2856 - @​JsonUnwrapped is ignored in new version of lib.
• #​2852 - @​Schema(types = "xxx") does not work for multipart param with enabled
  springdoc.default-support-form-data config option.

v2.8.3

Added

• #​2851 - Refine condition, for ignoring types when using PolymorphicModelConverter

v2.8.2

Added

• #​2849 - Provide better compatibility for projects migrating from OAS 3.0 to OAS 3.1

Fixed

• #​2846 - ClassCastException with spring-data-rest and openapi version 3.1 bug
• #​2844 - PageableObject and SortObject are called Pageablenull and Sortnull

v2.8.1

Added

• Add support for springdoc.swagger-ui.document-title property to customize the browser tab title

Changed

• Upgrade Spring Boot to version 3.5.11
• Upgrade swagger-core to version 2.2.43
• Upgrade swagger-ui to version 5.32.0
• Upgrade Scalar to version 0.5.55

Fixed

• #​3230 – Scalar source URLs resolve to null/<groupName> on second request when using GroupedOpenApi
• #​3226 – Propagate @JsonView context when resolving Page<T> schema in PageOpenAPIConverter
• #​3205 – springdoc-ui does not work with native compile GraalVM 25
• #​3219 – Upgrade swagger-core from 2.2.42 to 2.2.43 (fixes schema resolution issues)
• #​3193 – OpenApi field in SpringDocConfigProperties does not comply with camelCase naming conventions
• #​3161 – Prevent duplicate _links in allOf child schemas extending RepresentationModel
• Fix type annotation not considered when Kotlin is not present
• Fix property resolution for parameter default values

v2.8.0

Added

• #​2790 - Moving to OpenAPI 3.1 as the default implementation for springdoc-openapi
• #​2817 - Obey annotations when flattening ParameterObject fields
• #​2826 - Make it possible to mark parameters with @​RequestParam annotation to be sent in
  form instead of query.
• #​2822 - Support returning null in ParameterCustomizer
• #​2830 - Add support for deprecated fields.
• #​2780 - Add Security Schema by AutoConfigure

Changed

• Upgrade spring-boot to 3.4.1
• Upgrade spring-cloud-function to 4.2.0
• Upgrade swagger-core to 2.2.27

Fixed

• #​2804 - Stable release 2.7.0 depends on Spring Cloud Milestone 4.2.0-M1
• #​2828 - Required a bean of type '
  org.springframework.data.rest.webmvc.mapping.Associations' that could not be found.
• #​2823 - Capturing pattern in identical paths only renders the path element of one method
• #​2817 - Automatically add required if a field is @​notNull or @​NotBlank.
• #​2814 - An unresolvable circular reference with
  management.endpoint.gateway.enabled=true.
• #​2798 - Object schema generated for Unit Kotlin type.
• #​2797 - Removing operationId via customizer does not work anymore.
• #​2833 - Resolve infinite recursion and add example test with OpenAPI v3.1
• #​2827 - Ignoring @​Parameter(required = false)

v2.7.0

Added

• #​2777 - Add SortAsQueryParam annotation
• #​2786 - No static resource swagger-ui/index.html error after migration to 2.7.0-RC1

Changed

• Upgrade spring-boot to 3.4.0
• Upgrade swagger-ui to 5.18.2
• Upgrade spring-security-oauth2-authorization-server to 1.4.0

connect2id/oauth-2.0-sdk-with-openid-connect-extensions (com.nimbusds:oauth2-oidc-sdk)

v11.33

Compare Source

v11.32

Compare Source

v11.31.1

Compare Source

v11.31

Compare Source

v11.30.2

Compare Source

square/retrofit (com.squareup.retrofit2:retrofit)

v3.0.0

Compare Source

Changed

• Upgrade to OkHttp 4.12 (from 3.14).

  This is the version of OkHttp that is written in Kotlin, and as a result Retrofit now has a transitive Kotlin dependency. However, this is also the supported version of OkHttp whereas the previous version was out of support for nearly 4 years.

Note: The 3.x versions of Retrofit maintain forward binary-compatibility with the 2.x versions.
This means libraries compiled against 2.x can still be used with the 3.x versions.

v2.12.0

Compare Source

New

• First-party converters now support deferring serialization to happen when the request body is written (i.e., during HTTP execution) rather than when the HTTP request is created. In some cases this moves conversion from a calling thread to a background thread, such as in the case when using Call.enqueue directly.

  The following converters support this feature through a new withStreaming() factory method:

  • Gson
  • Jackson
  • Moshi
  • Protobuf
  • Wire

Fixed

• Primitive types used with @Tag now work by storing the value boxed with the boxed class as the key.

flyway/flyway (org.flywaydb:flyway-maven-plugin)

v12.0.3

v12.0.2

v12.0.1

v12.0.0

openapitools/openapi-generator (org.openapitools:openapi-generator-maven-plugin)

v7.20.0: released

Compare Source

v7.20.0 stable release comes with 140+ enhancements, bug fixes. Once again thanks for all the contributions from the community.

This release comes with 2 new generators:

• [Terraform] New Terraform Provider generator #​22949
• C++ Httplib server codegen #​21724

Below are the highlights of the changes. For a full list of changes, please refer to the "Pull Request" tab.

General

• feat: Make model property generation deterministic by sorting alphabetically #​22836
• [Normalizer] add type information to an error message #​22742

C#

• [csharp][generichost] Added xml comments and restrict some access #​22796
• C# GenericHost Support multi targetting #​22234
• C# GenericHost remove state from TokenProvider abstract base class so it makes more sense for JIT requested tokens (for long lived ApiClients with OAuth security schemes) #​22233
• [csharp][generichost] Add HTTP client name to fix client duplicity #​22118

C++

• [cpp-qt-client]Prefix signal argument types with namespace #​22921
• [cpp-qt] Add global server index setter for all operations #​22760
• C++ Httplib server codegen (New Generator) #​21724

Go

• [go] Fix text escaping in example code generation #​22841

Java

• [java][jackson] fix double serialization of discriminator #​22924
• [BUG] [JAVA] fix validateJsonElement failing for required nullable fields #​22912
• [JAVA][FEIGN] Put back hardcoded HTTP Client but without the performance issue #​22905
• feature(jackson3) add jackson3 support for spring generator #​22854
• [JAVA-SPRING;KOTLIN-SPRING] - add possibility to override x-implements and x-kotlin-implements via config options. #​22839
• Fix Jackson Serialization of additionalProperties on java and jaxrs-spec #​22366

Kotlin

• [KOTLIN;SPRING] - add support for 'x-spring-paginated' to get closer to feature parity with java-spring codegen add 'autoXSpringPaginated' option; support x-operation-extra-annotation #​22958
• [BUG] [KOTLIN-SPRING] @​HttpExchange in declarative interface does not support property placeholders #​22882
• [kotlin][jvm-okhttp4] Fix multipart/form-data with JSON content-type #​22856
• [Kotlin][Client] Migrate Enum.values() to Enum.entities #​22852
• [KOTLIN-CLIENT] fix Parent interface class having incorrect collection property type List instead of Set #​22850
• [JAVA-SPRING][KOTLIN-SPRING] - add possibility to override x-implements and x-kotlin-implements via config options. #​22839
• [kotlin-server] Add polymorphism, oneOf and allOf support #​22610

PHP

• [php-symfony] fix sequencial escape when validating a class type #​22906
• [php][php-nextgen] Fix nullability when multiple response types are possible #​22827

Protobuf

• [Protobuf] Fix Discriminator Issue and add capability Enum Extraction #​22740

Python

• Update python sdk to strip any directory traversal in filename #​22965
• Remove coding: utf-8 as that's the default already #​22934
• feat(python): enhance retry configuration in REST client #​22867
• [python-fastapi] Set python version to 3.10 #​22823

R

• [R] avoid to-JSON issues when R6 classes contain lists of R6 classes #​22828
• [R] optionally skip parsing responses to R6 objects #​22705

Rust

• Add support for ApiKey auth to rust-server #​22950
• Add support for enums of integers in rust-server generator #​22915
• fix: apply integer type fitting for Rust params #​22853
• feat: Support selective ssl/tls backend in rust-server to optionally remove openssl #​22825
• [Rust] Update reqwest to 0.13 and reqwest-middleware to 0.5 #​22816
• fix: Fix rust-server model generation following serde_valid upgrade #​22737

Swift

• [swift6][client] Remove unnecessary Combine checks #​22810
• [swift6] fix Vapor build, disable swift 5 tests on CI and enable more swift 6 tests on CI #​22805
• [swift6][client] Increase minimum supported SDK to accommodate swift concurrency #​22802
• [swift6][client] improve swift 6 thread safety #​22801
• [swift6][client] Add new hooks to OpenAPIInterceptor #​22800
• [swift6][client] mark PromiseKit as deprecated #​22792
• [swift6][client] make api calls concurrent #​22790
• [swift5][client] soft deprecate Swift 5 generator #​22789
• [swift6][client] mark some closures as sendable #​22776

Terraform

• [Terraform] New Terraform Provider generator (New Generator) #​22949

TypeScript

• fix(typescript-axios): Ignore unused parameter on JSON serializer replacer function #​22858
• [BUG][Typescript] Fix isRelativeUrl incorrectly detecting URLs containing @​, -, ~, . as not relative. #​22768
• [typescript-angular] Fix inner enum reference in multi-map property type #​22748
• Add create requestOpts method to {{classname}}Interface #​21709
• [typescript] make TypeScript version configurable and default to v5 #​20064

v7.19.0: released

Compare Source

v7.19.0 stable release comes with 60+ enhancements, bug fixes. Once again thanks for all the contributions from the community.

Below are the highlights of the changes. For a full list of changes, please refer to the "Pull Request" tab.

General

• Update parser to newer version v2.1.37 #​22729
• Fix DevContainer by switching from moby to docker #​22725
• Resolve vendor extensions on schemas referenced in parameters #​22690
• Better null check in normalizeSchema #​22671
• [Fix] [Regression] Resolve the discriminator type from a 3.1 sibling #​22634

C#

• [REQ][CSHARP] Make TokenProvider abstract method GetAsync protected for override #​22615

C++

• [cpp] Fix Nested Map & Additional Properties Support #​22639

Crystal

• [CRYSTAL] object_id method should be a reserved words #​22577

Go

• [go] fix default value for array type #​22584

Java

• [Java][Native] Fix request compression #​22688
• fix: [JAVA][SPRING] Nullaways warn with JSpecify => add missing annotation to parameter of method toIndentedString #​22685
• [BUG][JAVA][SPRING] api util must test variable nullity #​22679
• [java][jackson] fix: conditionally add jackson JsonIgnoreProperties for base class polymorphism #​22528

Kotlin

• [kotlin-spring] Revert nested property placeholder in @​RequestMapping that Spring cannot resolve #​22625

Nim

• [Nim] Fix nested map support #​22643

PHP

• [php][php-nextgen] Mark nullable things as nullable in phpdoc #​22650

ProtoBuf

• [Protobuf] Improve oneOf Handling by Unwrapping allOf for Complex Types #​22700

Python

• Update python fastapi urllib3 to newer version #​22644

R

• [R] fix error handling in the R client #​22704
• [R] fix set[object] deserialization #​22697

Rust

• Refresh dependencies in the Rust server generator #​22710
• [Rust] Enum Query Parameter Serialization Fixes #​22683

Swift

• [swift][client] Update CI to use Xcode 26 #​22648
• Fix Swift oneOf discriminator decoding with enumUnknownDefaultCase #​22635
• [Swift6] Remove ParameterConvertible for models #​21150

TypeScript

• fix(typescript-axios): Add missing import in case of separate models and API #​22712
• [typescript-axios] Handle sets as arrays in input parameters #​22642
• feat(typescript-angular): add angular 21 support #​22636

v7.18.0: released

Compare Source

v7.18.0 stable release comes with 70+ enhancements, bug fixes. Once again thanks for all the contributions from the community.

Below are the highlights of the changes. For a full list of changes, please refer to the "Pull Request" tab.

General

• feat: prevent variable resolution when prefixed with $ in server URL templates #​22550
• Fix siblings of $ref using allOf in openapi normalizer #​22364

C++

• fix(cpp-qt): Fix enum query parameter serialization for both inline and referenced enums #​22559
• [cpp-rest] Fixes segfault for nullable strings #​22405
• Add Basic and Bearer Authorization to the CPP Pistache generator #​22337
• Fixes oatpp generator to expose network server on 0.0.0.0 instead of localhost #​22330
• [cpp-rest] Fixing Incorrect Header Name Used #​22298

C#

• [csharp] Patch dependencies with vulnerabilities #​22262

Crystal

• fix(generator): fix java.lang.NullPointerException in constructing example code #​22545
• [crystal] fix Model#to_h method #​22508
• [crystal] Add option to set params_encoder #​22484
• [crystal-lang] Various fixes for Crystal client #​22465

Go

• [GO] Gener

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 4 package(s) with unknown licenses.

See the Details below.

License Issues

pom.xml

Package	Version	License	Issue Type
com.nimbusds:oauth2-oidc-sdk	11.33	Null	Unknown License
org.flywaydb:flyway-maven-plugin	12.0.3	Null	Unknown License
org.openapitools:openapi-generator-maven-plugin	7.20.0	Null	Unknown License
org.postgresql:postgresql	42.7.10	Null	Unknown License

Allowed Licenses:

CC0-1.0, CC-BY-4.0, Unlicense, WTFPL, 0BSD, MIT, Apache-2.0, ISC, BSD-2-Clause, BSD-3-Clause, Zlib, MPL-1.1, MPL-2.0, CDDL-1.0, EPL-1.0, EPL-2.0, CECILL-2.1, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-only, LGPL-3.0-or-later, EUPL-1.0, EUPL-1.1, EUPL-1.2, AAL, AFL-3.0, Apache-1.1, APL-1.0, APSL-2.0, Artistic-1.0-Perl, Artistic-2.0, BSL-1.0, CATOSL-1.1, CPAL-1.0, CUA-OPL-1.0, ECL-2.0, EFL-2.0, Entessa, EUDatagrid, Fair, LPPL-1.3c, LPL-1.02, MirOS, Motosoto, Multics, NASA-1.3, NCSA, NTP, Naumen, Nokia, PostgreSQL, PSF-2.0, RPSL-1.0, RSCPL, SimPL-2.0, Sleepycat, SPL-1.0, VSL-1.0, W3C, W3C-20150513, Xnet, ZPL-2.0

Excluded from license check:

pkg:githubactions/trufflesecurity/trufflehog

OpenSSF Scorecard

Package	Version	Score	Details
maven/com.nimbusds:oauth2-oidc-sdk	11.33	Unknown	Unknown
maven/com.squareup.retrofit2:retrofit	3.0.0	🟢 7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9
maven/org.flywaydb:flyway-maven-plugin	12.0.3	Unknown	Unknown
maven/org.mockito:mockito-core	5.22.0	Unknown	Unknown
maven/org.openapitools:openapi-generator-maven-plugin	7.20.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 Maintained 🟢 10 30 commit(s) out of 30 and 4 issue activity out of 30 found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no badge detected Vulnerabilities 🟢 10 no vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Dependency-Update-Tool 🟢 10 update tool detected Packaging ⚠️ -1 no published package detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 non read-only tokens detected in GitHub workflows Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies ⚠️ -1 internal error: error parsing shell code: modules/openapi-generator/src/main/resources/bash/Dockerfile.mustache:1:9: reached EOF without closing quote ' Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts ⚠️ 0 binaries present in source code
maven/org.postgresql:postgresql	42.7.10	🟢 7.5	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Code-Review 🟢 5 Found 15/28 approved changesets -- score normalized to 5 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 9 SAST tool detected but not run on all commits Signed-Releases ⚠️ 1 1 out of the last 5 releases have a total of 1 signed artifacts. Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches CI-Tests 🟢 8 22 out of 26 merged PRs checked by a CI test -- score normalized to 8 Contributors 🟢 10 project has 34 contributing companies or organizations
maven/org.springdoc:springdoc-openapi-starter-webmvc-ui	3.0.1	🟢 5	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 5 Found 11/21 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• pom.xml