Sync documentation of main branch

Author: actions-user

_generated-doc/main/infra/quarkus-maven-plugin-goals.adoc

@@ -3837,7 +3837,7 @@ Skip the execution of this mojo
 
 = quarkus:update
 
-Log Quarkus-related recommended updates, such as new Quarkus platform BOM versions and Quarkus extensions versions that aren't managed by the Quarkus platform BOMs.
+Suggest project updates and create a recipe with the possibility to apply it.
 
 [.configuration-reference, cols="70,15,15"]
 |===
@@ -3866,7 +3866,7 @@ a| [[quarkus-maven-plugin-goal-update-noRewrite]] noRewrite
 
 [.description]
 --
-Disable the rewrite feature.
+Disable the rewrite feature. Deprecated: use -Drewrite=false instead
 --
 |`Boolean`
 |`false`
@@ -3875,7 +3875,7 @@ a| [[quarkus-maven-plugin-goal-update-perModule]] perModule
 
 [.description]
 --
-Display information per project module.
+Deprecated: this option was unused
 --
 |`boolean`
 |
@@ -3901,6 +3901,15 @@ a| [[quarkus-maven-plugin-goal-update-repos]] repos
 |`List` (required)
 |`${project.remoteProjectRepositories}`
 
+a| [[quarkus-maven-plugin-goal-update-rewrite]] rewrite
+
+[.description]
+--
+Run the suggested update recipe for this project.
+--
+|`Boolean`
+|
+
 a| [[quarkus-maven-plugin-goal-update-additionalUpdateRecipes]] additionalUpdateRecipes
 
 [.description]
@@ -3914,7 +3923,7 @@ a| [[quarkus-maven-plugin-goal-update-rewriteDryRun]] rewriteDryRun
 
 [.description]
 --
-Rewrite in dry-mode.
+Do a dry run the suggested update recipe for this project.
 --
 |`Boolean`
 |`false`

_versions/main/guides/_attributes.adoc

@@ -10,7 +10,7 @@
 :graalvm-flavor: jdk-21
 :mandrel-flavor: jdk-21
 :surefire-version: 3.5.2
-:gradle-version: 8.12
+:gradle-version: 8.13
 :elasticsearch-version: 8.15.0
 :elasticsearch-image: docker.io/elastic/elasticsearch:8.15.0
 :opensearch-image: docker.io/opensearchproject/opensearch:2.16.0

_versions/main/guides/grpc-generation-reference.adoc

@@ -188,28 +188,34 @@ To do this, define the following properties in the `<properties>` section:
 
 These properties configure the gRPC version and the `protoc` version.
 
-Then, add the `os-maven-plugin` extension and the `protobuf-maven-plugin` configuration to the `build` section:
+Then, add the `eu.maveniverse.maven.nisse:plugin3` and the `protobuf-maven-plugin` configuration to the `build` section:
 
 [source,xml]
 ----
 <build>
-    <extensions>
-        <extension>
-            <groupId>kr.motd.maven</groupId>
-            <artifactId>os-maven-plugin</artifactId>
-            <version>${os-maven-plugin-version}</version>
-        </extension>
-    </extensions>
-
     <plugins>
+        <plugin>
+            <groupId>eu.maveniverse.maven.nisse</groupId>
+            <artifactId>plugin3</artifactId>
+            <version>0.3.4</version>
+            <executions>
+                <execution>
+                    <id>inject-properties</id>
+                    <goals>
+                        <goal>inject-properties</goal>
+                    </goals>
+                    <phase>validate</phase>
+                </execution>
+            </executions>
+        </plugin>
         <plugin>
             <groupId>org.xolstice.maven.plugins</groupId>
             <artifactId>protobuf-maven-plugin</artifactId>   <!--1-->
             <version>${protobuf-maven-plugin-version}</version>
             <configuration>
-                <protocArtifact>com.google.protobuf:protoc:${protoc.version}:exe:${os.detected.classifier}</protocArtifact>  <!--2-->
+                <protocArtifact>com.google.protobuf:protoc:${protoc.version}:exe:${nisse.os.classifier}</protocArtifact>  <!--2-->
                 <pluginId>grpc-java</pluginId>
-                <pluginArtifact>io.grpc:protoc-gen-grpc-java:${grpc.version}:exe:${os.detected.classifier}</pluginArtifact>
+                <pluginArtifact>io.grpc:protoc-gen-grpc-java:${grpc.version}:exe:${nisse.os.classifier}</pluginArtifact>
                 <protocPlugins>
                     <protocPlugin>
                         <id>quarkus-grpc-protoc-plugin</id>
@@ -244,7 +250,7 @@ Then, add the `os-maven-plugin` extension and the `protobuf-maven-plugin` config
 ----
 
 <1> The `protobuf-maven-plugin` generates stub classes from your gRPC service definition (`proto` files).
-<2> Class generation uses the tool `protoc`, which is OS-specific. This is why we use the `os-maven-plugin` to target the executable compatible with the operating system.
+<2> Class generation uses the tool `protoc`, which is OS-specific. This is why we use the Nisse Maven plugin to target the executable compatible with the operating system.
 
 Note: This configuration instructs the `protobuf-maven-plugin` to generate default gRPC classes and classes using Mutiny to fit with the Quarkus development experience.
 

_versions/main/guides/images/keycloak-authorization-permissions.png

@@ -107,22 +107,30 @@ shell completion scripts, man pages, license, readme, and more.
 == Creating the distribution
 
 We can leverage the link:http://maven.apache.org/plugins/maven-assembly-plugin/[maven-assembly-plugin] to create such
-a distribution. We'll also make use of the link:https://github.com/trustin/os-maven-plugin[os-maven-plugin] to properly
+a distribution. We'll also make use of the link:https://github.com/maveniverse/nisse[Nisse Maven plugin] to properly
 identify the platform on which this executable can run, adding said platform to the distribution's filename.
 
-First, let's add the os-maven-plugin to the `pom.xml`. This plugin works as a Maven extension and as such must be added
+First, let's add the Nisse Maven plugin to the `pom.xml`. This plugin works as a Maven extension and as such must be added
 to the `<build>` section of the file:
 
 [source,xml]
 ----
   <build>
-    <extensions>
-      <extension>
-        <groupId>kr.motd.maven</groupId>
-        <artifactId>os-maven-plugin</artifactId>
-        <version>1.7.1</version>
-      </extension>
-    </extensions>
+    <plugins>
+      <plugin>
+        <groupId>eu.maveniverse.maven.plugins</groupId>
+        <artifactId>nisse-plugin3</artifactId>
+        <version>0.3.4</version>
+        <executions>
+          <execution>
+            <id>inject-properties</id>
+              <goals>
+                <goal>inject-properties</goal>
+              </goals>
+              <phase>validate</phase>
+            </execution>
+          </executions>
+        </plugin>
     <!-- ... -->
 ----
 
@@ -139,7 +147,7 @@ their own directory to avoid cluttering the `target` directory. Thus, let's add
 
 Now we configure the maven-assembly-plugin to create a Zip and a Tar file containing the executable and any supporting files
 it may need to perform its job. Take special note on the name of the distribution, this is where we make use of the platform
-properties detected by the os-maven-plugin. This plugin is configured in its own profile with the `single` goal bound to
+properties detected by the os-detector-maven-plugin. This plugin is configured in its own profile with the `single` goal bound to
 the `package` phase. It's done this way to avoid rebuilding the distribution every single time the build is invoked, as we
 only needed when we're ready for a release.
 
@@ -156,7 +164,7 @@ only needed when we're ready for a release.
             <configuration>
               <attach>false</attach>
               <appendAssemblyId>false</appendAssemblyId>
-              <finalName>${project.artifactId}-${project.version}-${os.detected.classifier}</finalName>
+              <finalName>${project.artifactId}-${project.version}-${nisse.os.classifier}</finalName>
               <outputDirectory>${distribution.directory}</outputDirectory>
               <workDirectory>${project.build.directory}/assembly/work</workDirectory>
               <descriptors>
@@ -657,14 +665,21 @@ As a reference, these are the full contents of the `pom.xml`:
     </dependency>
   </dependencies>
   <build>
-    <extensions>
-      <extension>
-        <groupId>kr.motd.maven</groupId>
-        <artifactId>os-maven-plugin</artifactId>
-        <version>1.7.1</version>
-      </extension>
-    </extensions>
     <plugins>
+      <plugin>
+        <groupId>eu.maveniverse.maven.nisse</groupId>
+        <artifactId>plugin3</artifactId>
+        <version>0.3.4</version>
+        <executions>
+          <execution>
+            <id>inject-properties</id>
+            <goals>
+              <goal>inject-properties</goal>
+            </goals>
+            <phase>validate</phase>
+          </execution>
+        </executions>
+      </plugin>
       <plugin>
         <groupId>${quarkus.platform.group-id}</groupId>
         <artifactId>quarkus-maven-plugin</artifactId>
@@ -723,7 +738,7 @@ As a reference, these are the full contents of the `pom.xml`:
             <configuration>
               <attach>false</attach>
               <appendAssemblyId>false</appendAssemblyId>
-              <finalName>${project.artifactId}-${project.version}-${os.detected.classifier}</finalName>
+              <finalName>${project.artifactId}-${project.version}-${nisse.os.classifier}</finalName>
               <outputDirectory>${distribution.directory}</outputDirectory>
               <workDirectory>${project.build.directory}/assembly/work</workDirectory>
               <descriptors>

_versions/main/guides/jreleaser.adoc

@@ -2130,7 +2130,7 @@ To change this behavior, set the `quarkus.rest-client.scope` property to the ful
 
 == Further reading
 
- * link:https://download.eclipse.org/microprofile/microprofile-rest-client-2.0/microprofile-rest-client-spec-2.0.html[MicroProfile Rest Client specification]
+ * link:https://download.eclipse.org/microprofile/microprofile-rest-client-4.0/microprofile-rest-client-spec-4.0.html[MicroProfile Rest Client specification]
 
 == Configuration Reference
 

_versions/main/guides/rest-client.adoc

@@ -20,9 +20,9 @@ The Keycloak Authorization extension, `quarkus-keycloak-authorization`, extends
 It features a policy enforcer that dynamically manages access to secured resources.
 Access is governed by permissions defined in Keycloak, supporting flexible and dynamic Resource-Based Access Control (RBAC).
 
-Use the `quarkus-keycloak-authorization` extension only if you are using Keycloak and Keycloak Authorization Services is enabled in your environment to handle authorization decisions.
+Use the `quarkus-keycloak-authorization` extension only if you are using Keycloak and the Keycloak Authorization Services feature is enabled in your environment to handle authorization decisions.
 
-If you are not using Keycloak, or if Keycloak is configured without Keycloak Authorization Services, use the `quarkus-oidc` extension instead.
+If you are not using Keycloak, or if Keycloak is configured without the Keycloak Authorization Services feature, use the `quarkus-oidc` extension instead.
 
 .How it works
 
@@ -52,7 +52,7 @@ It complements explicit mechanisms such as role-based access control with dynami
 
 Before using this extension, ensure the following:
 
-. Keycloak Authorization Services is enabled in your Keycloak instance.
+. Keycloak Authorization Services feature is enabled in your Keycloak instance.
 . Your Quarkus application includes the `quarkus-keycloak-authorization` extension.
 
 For detailed steps, see the xref:security-oidc-bearer-token-authentication.adoc[OIDC Bearer Token Authentication] guide.
@@ -319,7 +319,6 @@ docker run --name keycloak \
   quay.io/keycloak/keycloak:{keycloak.version} \ <1>
   start --hostname-strict=false --https-key-store-file=/etc/keycloak-keystore.jks <2>
 ----
-
 <1> For `keycloak.version`, ensure the version is `26.0.7` or later.
 <2> For Keycloak keystore, use the `keycloak-keystore.jks` file located at https://github.com/quarkusio/quarkus-quickstarts/blob/main/security-keycloak-authorization-quickstart/config/keycloak-keystore.jks[quarkus-quickstarts/security-keycloak-authorization-quickstart/config].
 
@@ -335,7 +334,8 @@ docker run --name keycloak \
 To create a new realm, import the link:{quickstarts-tree-url}/security-keycloak-authorization-quickstart/config/quarkus-realm.json[realm configuration file].
 For detailed steps on creating realms, refer to the Keycloak documentation: https://www.keycloak.org/docs/latest/server_admin/index.html#_create-realm[Create a new realm].
 
-After importing the realm, you can review the resource permissions:
+After importing the realm, go to Clients, choose the `backend-service` client, and select the Authorization and Resources tab for this client.
+You can now review the resource permissions:
 
 image::keycloak-authorization-permissions.png[alt=Keycloak Authorization Permissions,role="center"]
 
@@ -432,7 +432,7 @@ After a while, run the native binary:
 
 [source,bash]
 ----
-./target/security-keycloak-authorization-quickstart-runner
+./target/security-keycloak-authorization-quickstart-1.0.0-SNAPSHOT-runner
 ----
 
 [[testing]]
@@ -661,7 +661,7 @@ public class ProtectedResource {
 <1> The `/standard-way` sub-path requires both the resource permission and the `read` scope, based on the configuration set in the `application.properties` file.
 <2> The `/programmatic-way` sub-path checks only for the `Scope Permission Resource` permission by default. However, you can enforce additional constraints, such as scope requirements, by using `SecurityIdentity#checkPermission`.
 <3> The `@PermissionsAllowed` annotation at `/annotation-way` restricts access to requests that have the `Scope Permission Resource` permission along with the `read` scope.
-For more information, see the section xref:security-authorize-web-endpoints-reference.adoc#standard-security-annotations[Authorization using annotations] of the Security Authorization guide.
+For more information, see the section xref:security-authorize-web-endpoints-reference.adoc#standard-security-annotations[Authorization using annotations] of the Authorization of web endpoints guide.
 
 == Multi-tenancy
 
@@ -735,7 +735,7 @@ public class CustomTenantPolicyConfigResolver implements TenantPolicyConfigResol
     private final KeycloakPolicyEnforcerTenantConfig newTenantConfig;
 
     public CustomTenantPolicyConfigResolver(KeycloakPolicyEnforcerConfig enforcerConfig) {
-        this.enhancedTenantConfig = KeycloakPolicyEnforcerTenantConfig.builder(config) <1>
+        this.enhancedTenantConfig = KeycloakPolicyEnforcerTenantConfig.builder(enforcerConfig.defaultTenant()) <1>
             .paths("/enhanced-config")
             .permissionName("Permission Name")
             .get("read-scope")
@@ -750,7 +750,7 @@ public class CustomTenantPolicyConfigResolver implements TenantPolicyConfigResol
     public Uni<KeycloakPolicyEnforcerTenantConfig> resolve(RoutingContext routingContext, OidcTenantConfig tenantConfig,
                                                 OidcRequestContext<KeycloakPolicyEnforcerTenantConfig> requestContext) {
         String path = routingContext.normalizedPath();
-        String tenantId = tenantConfig.tenantId.orElse(null);
+        String tenantId = tenantConfig.tenantId().orElse(null);
         if ("enhanced-config-tenant".equals(tenantId) && path.equals("/enhanced-config")) {
             return Uni.createFrom().item(enhancedTenantConfig);
         } else if ("new-config-tenant".equals(tenantId) && path.equals("/new-config")) {