Skip to content

build(deps): bump io.quarkus:quarkus-bom from 3.37.2 to 3.37.3#271

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/io.quarkus-quarkus-bom-3.37.3
Open

build(deps): bump io.quarkus:quarkus-bom from 3.37.2 to 3.37.3#271
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/io.quarkus-quarkus-bom-3.37.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps io.quarkus:quarkus-bom from 3.37.2 to 3.37.3.

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.37.3

Complete changelog

  • #48106 - quarkus.grpc.codegen.proto-directory unrecognized configuration key & missing from documentation
  • #55093 - Incompatible exception classloaders when mocking exceptions during tests
  • #55196 - quarkus-oidc cannot handle non rollable refresh tokens concurrently
  • #55231 - Safer testcontainers.reuse.enable restoration + more resilient tests
  • #55272 - OIDC: deduplicate concurrent token refresh requests within a single Quarkus instance
  • #55288 - [3.x] OpenShift Client native integration test fails after #55242
  • #55292 - Bump the hibernate group across 1 directory with 12 updates
  • #55316 - Fix IsContainerRuntimeWorking to not write testcontainers.reuse.enable to ~/.testcontainers.properties
  • #55319 - Fix native image build failure caused by Netty's SelfSignedCertificate
  • #55351 - Don't truncate stacktrace on OIDC authentication errors
  • #55357 - Do not miss Throwable in the OIDC code flow error log
  • #55362 - @JsonFormat(shape = JsonFormat.Shape.ARRAY) on a class ignored by reflection-free Jackson serializers when used inside a List/Set
  • #55363 - Reflection free deserializers drops data of final collection field with no setter
  • #55365 - Fix flakiness of RawTypeReflectionFreeSerializerTest
  • #55366 - Fix serialization of pojos using JsonFormat.Shape enum in reflection-free Jackson serializers
  • #55369 - quarkus-rest-jackson: reflection-free deserializer ignores @JsonTypeInfo/@JsonSubTypes for polymorphic list elements inside a wrapper type
  • #55370 - Bail out of reflection-free deserializer when @JsonTypeInfo is used
  • #55373 - Jacoco + CycloneDX extension breaking combination in Quarkus 3.37.1+
  • #55374 - Implement getter-as-setter pattern when deserializing private collection in reflection-free Jackson serializers
  • #55378 - Register gRPC codegen configuration properties
  • #55380 - Harden remote dev mode against path traversal and unsafe deserialization
  • #55385 - NPE in modularity can transformed classes
  • #55396 - Fix NPE in modularity when processing removed resources
  • #55397 - Ignore unresolvable POMs for bundled CycloneDX components
  • #55403 - Fix bad link syntax and update cross-document references to use xref
  • #55410 - quarkus-rest-jackson: Reflection-free deserializer ignores @JsonProperty(required=true) on a @JsonCreator sometimes
  • #55411 - Take count of @JsonProperty(required=true) on a @JsonCreator in reflection-free Jackson serializers
  • #55425 - Disable Mockito class cache so thenThrow works across component tests
  • #55426 - ServerExceptionMapper on sub-resource is global instead of sub-resource specific
  • #55427 - Make @ServerExceptionMapper in sub-resource specific to that sub-resource
  • #55450 - Fix serialization of java.time.Duration in generated reflection-free Jackson serializers
Commits
  • d647aef [RELEASE] - Bump version to 3.37.3
  • 7a51b0e Merge pull request #55460 from gsmet/3.37.3-backports-4
  • 036eb11 Fix serialization of java.time.Duration in generated reflection-free Jackson ...
  • a435cb1 Fix native image build failure caused by Netty's SelfSignedCertificate
  • 34eacf7 Register gRPC codegen configuration properties
  • 9a31621 fix(quarkus-rest): @​serverexceptionmapper in sub-resource shouldn't be global
  • 81b8969 Ignore unresolvable POMs for bundled CycloneDX components
  • c0090b9 Disable Mockito class cache for thenThrow across component tests
  • 5868f10 Harden remote dev mode against unsafe deserialization
  • 49cfd7e Harden remote dev mode against path traversal
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [io.quarkus:quarkus-bom](https://github.com/quarkusio/quarkus) from 3.37.2 to 3.37.3.
- [Release notes](https://github.com/quarkusio/quarkus/releases)
- [Commits](quarkusio/quarkus@3.37.2...3.37.3)

---
updated-dependencies:
- dependency-name: io.quarkus:quarkus-bom
  dependency-version: 3.37.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jul 15, 2026
@codecov-commenter

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.75%. Comparing base (702221b) to head (25abc93).

Additional details and impacted files
@@             Coverage Diff              @@
##             master     #271      +/-   ##
============================================
- Coverage     80.82%   80.75%   -0.08%     
  Complexity      970      970              
============================================
  Files           185      185              
  Lines          2816     2816              
  Branches        170      170              
============================================
- Hits           2276     2274       -2     
- Misses          425      427       +2     
  Partials        115      115              

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant