chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.apache.maven.plugins:maven-shade-plugin	3.5.2 -> 3.6.0
org.apache.maven.plugins:maven-compiler-plugin	3.12.1 -> 3.13.0
com.github.dasniko:testcontainers-keycloak	3.2.0 -> 3.3.1
org.testcontainers:junit-jupiter (source)	1.19.6 -> 1.19.8
org.assertj:assertj-core (source)	3.25.3 -> 3.26.0
com.microsoft.playwright:playwright	1.41.2 -> 1.44.0
org.projectlombok:lombok (source)	1.18.30 -> 1.18.32
org.keycloak:keycloak-admin-client (source)	24.0.1 -> 24.0.5
org.keycloak:keycloak-model-jpa (source)	24.0.1 -> 24.0.5
org.keycloak:keycloak-services (source)	24.0.1 -> 24.0.5
org.keycloak:keycloak-server-spi-private (source)	24.0.1 -> 24.0.5
org.keycloak:keycloak-server-spi (source)	24.0.1 -> 24.0.5

---

Release Notes

dasniko/testcontainers-keycloak (com.github.dasniko:testcontainers-keycloak)

v3.3.0

Compare Source

Upgrade Keycloak dependencies to 24.0 and other dependencies to most recent versions.

testcontainers/testcontainers-java (org.testcontainers:junit-jupiter)

v1.19.8

Compare Source

Testcontainers for Java 1.19.8

🚀 Features & Enhancements

• support backtick enquoting in SQL script splitter (#​8593) @​peterhalicky
• [localstack] Automatically add LAMBDA_DOCKER_FLAGS with testcontainers labels (#​8595) @​dfangl
• [qdrant] Allow to set key and config file (#​8556) @​eddumelendez
• [weaviate] Support new project container registry (#​8512) @​ThomasVitale
• [kafka] Add support for apache/kafka (#​8416) @​eddumelendez
• [kafka] Skip starting zookeeper when using a Kafka container with the provided Zookeeper (#​8433) @​silh
• Use Awaitility to Poll the Image Pull (#​8453) @​JKomoroski
• Avoid usage of the non monotonic clock System.currentTimeMillis() in favor of System.nanoTime() (#​6392) @​Nateckert
• Fix DateTimeParseException when created is not set in image config (#​8302) @​SgtSilvio
• [redpanda] Override entrypoint (#​8450) @​eddumelendez
• [weaviae] Add method for getting gRPC port (#​8431) @​antas-marcin
• [clickhouse] Add getDatabaseName() method (#​8339) @​colin-lee

🐛 Bug Fixes

• Pass env to ComposeDelegate in DockerComposeContainer#stop (#​8493) @​mmusenbr

📖 Documentation

🧹 Housekeeping

• Add Weaviate module tests with modules (#​8481) @​antas-marcin
• Update alpine image version to 3.17 (#​8476) @​eddumelendez
• fix getConnectionString javadoc (#​8129) @​gabrielluciano

📦 Dependency updates

• Move to gradle/actions/wrapper-validation (#​8559) @​eddumelendez
• upgrade to github actions setup-java v4 (#​8475) @​sullis
• Update ryuk version to 0.7.0 (#​8451) @​eddumelendez
• chore: use new sshd:1.2.0 image (#​8574) @​mdelapenya

v1.19.7

Compare Source

Testcontainers for Java 1.19.7

Modules

• New K6 module (#​8318) @​javaducky
• New OceanBase module (#​7502) @​whhe
• New Ollama module (#​8369) @​eddumelendez
• New OpenFGA module (#​8371) @​eddumelendez

Elasticserach

• Enable lazy certificates for Elasticsearch (#​7991) @​pioorg

HiveMQ

• Fix wrong permission setup for HiveMQ container (#​8399) @​SgtSilvio

MongoDB

• Support mongodb/mongodb-community-server and mongodb/mongodb-enterprise-server (#​8386) @​eddumelendez

PostgreSQL

• Add pgvector/pgvector as a compatible image (#​7898) (#​8401) @​eddumelendez

📖 Documentation

• Improve Ollama docs (#​8417) @​eddumelendez
• openfga.md: fix typo in docker hub link (#​8400) @​rpalcolea

📦 Dependency updates

• Update docker-java version to 3.3.6 (#​8410) @​eddumelendez

microsoft/playwright-java (com.microsoft.playwright:playwright)

v1.44.0

Compare Source

New APIs

Accessibility assertions

• assertThat(locator).toHaveAccessibleName() checks if the element has the specified accessible name:

  Locator locator = page.getByRole(AriaRole.BUTTON);
  assertThat(locator).hasAccessibleName("Submit");

• assertThat(locator).toHaveAccessibleDescription() checks if the element has the specified accessible description:

  Locator locator = page.getByRole(AriaRole.BUTTON);
  assertThat(locator).hasAccessibleDescription("Upload a photo");

• assertThat(locator).toHaveRole() checks if the element has the specified ARIA role:

  Locator locator = page.getByTestId("save-button");
  assertThat(locator).hasRole(AriaRole.BUTTON);

Locator handler

• After executing the handler added with page.addLocatorHandler(), Playwright will now wait until the overlay that triggered the handler is not visible anymore. You can opt-out of this behavior with the new setNoWaitAfter option.
• You can use new setTimes option in page.addLocatorHandler() to specify maximum number of times the handler should be run.
• The handler in page.addLocatorHandler() now accepts the locator as argument.
• New page.removeLocatorHandler() method for removing previously added locator handlers.

Locator locator = page.getByText("This interstitial covers the button");
page.addLocatorHandler(locator, overlay -> {
  overlay.locator("#close").click();
}, new Page.AddLocatorHandlerOptions().setTimes(3).setNoWaitAfter(true));
// Run your tests that can be interrupted by the overlay.
// ...
page.removeLocatorHandler(locator);

Miscellaneous options

• New method formData.append() allows to specify repeating fields with the same name in setMultipart option in RequestOptions:

  FormData formData = FormData.create();
  formData.append("file", new FilePayload("f1.js", "text/javascript",
  "var x = 2024;".getBytes(StandardCharsets.UTF_8)));
  formData.append("file", new FilePayload("f2.txt", "text/plain",
    "hello".getBytes(StandardCharsets.UTF_8)));
  APIResponse response = context.request().post("https://example.com/uploadFile", RequestOptions.create().setMultipart(formData));

• expect(page).toHaveURL(url) now supports setIgnoreCase option.

Browser Versions

• Chromium 125.0.6422.14
• Mozilla Firefox 125.0.1
• WebKit 17.4

This version was also tested against the following stable channels:

• Google Chrome 124
• Microsoft Edge 124

v1.43.0

Compare Source

New APIs

• Method browserContext.clearCookies([options]) now supports filters to remove only some cookies.

  // Clear all cookies.
  context.clearCookies();
  // New: clear cookies with a particular name.
  context.clearCookies(new BrowserContext.ClearCookiesOptions().setName("session-id"));
  // New: clear cookies for a particular domain.
  context.clearCookies(new BrowserContext.ClearCookiesOptions().setDomain("my-origin.com"));

• New method locator.contentFrame() converts a Locator object to a FrameLocator. This can be useful when you have a Locator object obtained somewhere, and later on would like to interact with the content inside the frame.

  Locator locator = page.locator("iframe[name='embedded']");
  // ...
  FrameLocator frameLocator = locator.contentFrame();
  frameLocator.getByRole(AriaRole.BUTTON).click();

• New method frameLocator.owner() converts a FrameLocator object to a Locator. This can be useful when you have a FrameLocator object obtained somewhere, and later on would like to interact with the iframe element.

  FrameLocator frameLocator = page.frameLocator("iframe[name='embedded']");
  // ...
  Locator locator = frameLocator.owner();
  assertThat(locator).isVisible();

Browser Versions

• Chromium 124.0.6367.8
• Mozilla Firefox 124.0
• WebKit 17.4

This version was also tested against the following stable channels:

• Google Chrome 123
• Microsoft Edge 123

v1.42.0

Compare Source

JUnit integration

[!WARNING]
This feature is experimental, we are actively looking for the feedback based on your scenarios.

Add new @UsePlaywright annotation to your test classes to start using Playwright
fixtures for Page, BrowserContext, Browser, APIRequestContext and Playwright in the
test methods.

package org.example;

import com.microsoft.playwright.Page;
import com.microsoft.playwright.junit.UsePlaywright;
import org.junit.jupiter.api.Test;

import static com.microsoft.playwright.assertions.PlaywrightAssertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;

@​UsePlaywright
public class TestExample {
  void shouldNavigateToInstallationGuide(Page page) {
    page.navigate("https://playwright.dev/java/");
    page.getByRole(AriaRole.LINK, new Page.GetByRoleOptions().setName("Docs")).click();
    assertThat(page.getByRole(AriaRole.HEADING, new Page.GetByRoleOptions().setName("Installation"))).isVisible();
  }

  @​Test
  void shouldCheckTheBox(Page page) {
    page.setContent("<input id='checkbox' type='checkbox'></input>");
    page.locator("input").check();
    assertEquals(true, page.evaluate("window['checkbox'].checked"));
  }

  @&#8203;Test
  void shouldSearchWiki(Page page) {
    page.navigate("https://www.wikipedia.org/");
    page.locator("input[name=\"search\"]").click();
    page.locator("input[name=\"search\"]").fill("playwright");
    page.locator("input[name=\"search\"]").press("Enter");
    assertThat(page).hasURL("https://en.wikipedia.org/wiki/Playwright");
  }
}

In the example above, all three test methods use the same Browser. Each test
uses its own BrowserContext and Page.

Custom options

Implement your own OptionsFactory to initialize the fixtures with custom configuration.

import com.microsoft.playwright.junit.Options;
import com.microsoft.playwright.junit.OptionsFactory;
import com.microsoft.playwright.junit.UsePlaywright;

@​UsePlaywright(MyTest.CustomOptions.class)
public class MyTest {

  public static class CustomOptions implements OptionsFactory {
    @​Override
    public Options getOptions() {
      return new Options()
          .setHeadless(false)
          .setContextOption(new Browser.NewContextOptions()
              .setBaseURL("https://github.com"))
          .setApiRequestOptions(new APIRequest.NewContextOptions()
              .setBaseURL("https://playwright.dev"));
    }
  }

  @​Test
  public void testWithCustomOptions(Page page, APIRequestContext request) {
    page.navigate("/");
    assertThat(page).hasURL(Pattern.compile("github"));

    APIResponse response = request.get("/");
    assertTrue(response.text().contains("Playwright"));
  }
}

Learn more about the fixtures in our JUnit guide.

New Locator Handler

New method page.addLocatorHandler(locator, handler, handler, handler) registers a callback that will be invoked when specified element becomes visible and may block Playwright actions. The callback can get rid of the overlay. Here is an example that closes a cookie dialog when it appears.

// Setup the handler.
page.addLocatorHandler(
    page.getByRole(AriaRole.BUTTON, new Page.GetByRoleOptions().setName("Hej! You are in control of your cookies.")),
    () - > {
        page.getByRole(AriaRole.BUTTON, new Page.GetByRoleOptions().setName("Accept all")).click();
    });
// Write the test as usual.
page.navigate("https://www.ikea.com/");
page.getByRole(AriaRole.LINK, new Page.GetByRoleOptions().setName("Collection of blue and white")).click();
assertThat(page.getByRole(AriaRole.HEADING, new Page.GetByRoleOptions().setName("Light and easy"))).isVisible();

New APIs

• page.pdf() accepts two new options tagged and outline.

Announcements

• ⚠️ Ubuntu 18 is not supported anymore.

Browser Versions

• Chromium 123.0.6312.4
• Mozilla Firefox 123.0
• WebKit 17.4

This version was also tested against the following stable channels:

• Google Chrome 122
• Microsoft Edge 123

projectlombok/lombok (org.projectlombok:lombok)

v1.18.32

keycloak/keycloak (org.keycloak:keycloak-admin-client)

v24.0.5

Compare Source

Highlights

Security issue with PAR clients using client_secret_post based authentication

This release contains the fix of the important security issue affecting some OIDC confidential clients using PAR (Pushed authorization request). In case you use OIDC confidential clients together with PAR and you use client authentication based on client_id and client_secret sent as parameters in the HTTP request body (method client_secret_post specified in the OIDC specification), it is highly encouraged to rotate the client secrets of your clients after upgrading to this version.

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​29073 Use cache.compute() method to improve the replace retry loop
• #​29280 Update Create Realm in Keycloak 24 Getting Started

Bugs

• #​29129 JGroups creates log messages as it switched internally to "trace" dist/quarkus
• #​29206 LDAP user creation reports error but user is created ldap
• #​29314 Clicking the "save" button multiple times in the Saml IDP configuration page corrupts the value of "AuthnContext ClassRefs" admin/ui
• #​29458 Empty CSP header value breaks security filter authentication
• #​29471 Cypress tests store videos even for passing tests ci
• #​29525 Maven clean build doesn't clean admin client generated files ci
• #​29554 Cypress failing on video recording ci
• #​29625 Database driver install examples can lead to permission errors in some circumstances docs

v24.0.4

Compare Source

Highlights

Partial update to user attributes when updating users through the Admin User API is no longer supported

When updating user attributes through the Admin User API, you cannot execute partial updates when updating the user attributes, including the root attributes like username, email, firstName, and lastName.

For more details, see the Upgrading Guide.

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​27508 Use new remote-store options in HA guides
• #​28429 Add details to error messages, especially around refresh tokens
• #​28729 Emphasize the need for setting container limit docs
• #​28880 Upgrade to Quarkus 3.8.4 dist/quarkus
• #​29183 Minor corrections to High Availability Guide docs

Bugs

• #​16345 Unable to delete realm names with invalid URL characters admin/api
• #​22617 kc export fails when using User Federation (LDAP) with file-based Vault enabled import-export
• #​24568 iframe for frontend logout gets blocked if a custom CSP header is used core
• #​24878 NoClassDefFoundError for Apache XML and EAP8 adapter/jee-saml
• #​27021 Workflow failure: Fuse adapter tests ci
• #​27080 Workflow failure: Operator CI - KeycloakTruststoresTests#testTrustroreExists ci
• #​27514 Uncaught server error: java.lang.IllegalArgumentException: Path parameter not provided oidc
• #​28079 Group search does not work in user view admin/ui
• #​28187 Admin UI drag & drop in flow config seems to delete actions admin/ui
• #​28220 Admin API: User PUT operation clears firstname, lastname email fields admin/api
• #​28303 WARN - Event object wasn't available in remote cache after event was received infinispan
• #​28377 Broken lists in import/export server guide docs
• #​28431 Dedicated client scopes always show up when searching admin/ui
• #​28514 Message for searchClientRegistration is missing admin/ui
• #​28666 Accessing a transient (lightweight) user through client session fails in admin-api/-ui admin/ui
• #​28684 "Extend to children" button in authorization group policies is wrongly disabled admin/ui
• #​28911 clients_saml_test.spec.ts fails in main admin/ui
• #​29072 Startup probe should check for existence of an Admin user before returning 200 dist/quarkus
• #​29094 Fix the client name help grammatical error admin/ui
• #​29133 DuplicateEmailValidator causes two DB queries on every login if a user has an email address core
• #​29147 local user login not possible after LDAP connection problem ldap
• #​29154 Update docs to distinguish between product names and CR names docs
• #​29233 Broken link in documentation docs

v24.0.3

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​26695 Keycloak and MSAD: enabling account in MSAD does not propagate to Keycloak ldap

Bugs

• #​24201 Cannot disable LDAP-backed user if importEnabled=false ldap
• #​28100 Failed authentication: java.lang.NullPointerException: Cannot invoke "org.keycloak.models.UserModel.getFederationLink()" because "this.delegate" is null identity-brokering
• #​28248 Update user makes User ID changes when federationLink and LDAP_ID is not set properly admin/api
• #​28335 The false option of the pkceMethod init parameter for the JavaScript adapter is ignored adapter/javascript
• #​28638 Missing permission to read configmaps in `keycloak-operator-role` operator

v24.0.2

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​25057 Inconsistent behaviour on getting user permissions using authorization authorization-services
• #​27433 Clarify format of keys in `additionalOptions` field in the Keycloak CR docs
• #​27481 Edit High Availability guide
• #​27484 Edit 23.0 changes part of Upgrading Guide
• #​27632 Integrate downstream Upgrading Guide changes into upstream
• #​27696 Upgrade to Quarkus 3.8.2 dist/quarkus
• #​27867 Corrections to Securing Apps Guide
• #​27871 Upgrade to Infinispan 14.0.26 core
• #​27953 Address feedback to Keycloak Server guide docs
• #​27955 Address term Keycloak in Server Administration Guide docs
• #​28009 Address edits to the Operator Guide
• #​28033 Upgrade Infinispan to 14.0.27.Final
• #​28084 Upgrade to Quarkus 3.8.3 dist/quarkus

Bugs

• #​14501 Getting failed to initialize js message if consent is rejected by user account/ui
• #​15403 No email send on TOTP/Authenticator app removal core
• #​20637 Reset password flow fails with "Page has expired" error when Kerberos authentication is enabled in the browser flow authentication
• #​22644 Flaky test: org.keycloak.testsuite.forms.BrowserFlowTest#testAlternativeNonInteractiveExecutorInSubflow core
• #​23701 Attribute search does not work with federated users with ldap. admin/ui
• #​23980 Keycloak Operator fails to install realm authentication flow because "flow is null" import-export
• #​25490 Partial export/import is not mentioned in Keycloak's Server Administration Guide docs
• #​25687 A java.lang.NullPointerException occurs when sending a Multipart/form-data request to any file upload interface. admin/api
• #​26396 How do you update a custom user storage provider jar that includes a version number? dist/quarkus
• #​27117 user sessions not accessible in all cluster nodes infinispan
• #​27180 Grant type "urn:ietf:params:oauth:grant-type:uma-ticket" openid-connect/token service endpoint is returning refresh token with invalid Expiration authorization-services
• #​27228 Lowercased "terms_and_conditions" is not migrated in fed_user_required_action table core
• #​27245 Account console does not correctly treat link / unlink account account/ui
• #​27269 mvnw clean install -Pdistribution on Windows deletes necessary files during clean of org.keycloak:keycloak-admin-ui admin/ui
• #​27275 Invalidating offline token is not working from client sessions tab authentication
• #​27366 Social login - test failures with unexpected status code testsuite
• #​27483 Authz-client AuthorizationResource.getPermissions() ClassCastException authorization-services
• #​27504 Cpu and memory sizing typo docs
• #​27529 LegacyUserCredentialManager class not found storage
• #​27540 URL change for liquibase docs docs
• #​27548 Custom Browser Flow not working anymore admin/ui
• #​27573 Release notes from 24.0.0 miss that multi-site active-passive deployments are supported docs
• #​27597 dropping KC_PROXY=edge causes startup error core
• #​27611 Cannot modify realm email settings since keycloak 24 user-profile
• #​27653 Admin tests: Flaky realm_settings_user_profile_enabled test admin/ui
• #​27701 MTLS Cache options should be runtime options, not build time options dist/quarkus
• #​27719 Wrong Welcome page image in the documentation docs
• #​27745 Registration template in login2 is broken login/ui
• #​27761 Snyk workflow failure ci
• #​27779 Broken Migration "MigrateTo24_0_0" core
• #​27780 Fixing downstream documentation build docs
• #​27797 User profile fields cannot be set empty once they have a non-empty value (in Login Theme) user-profile
• #​27820 Account console confusing with WebAuthn account/ui
• #​27841 ES translation causes FreeMarker rendering issues translations
• #​27852 VerifyUserProfile invalidates user cache on every login core
• #​27878 Error when executing refresh grant, with scope param, without offline_access scope specified oidc
• #​27882 Incorrect version of bctls-fips in the docs docs
• #​27892 Truststore handling for the Operator is not documented operator
• #​27894 Multi datasource configuration does not work in Keycloak 24.0.1 dist/quarkus
• #​27900 Performance impact in changed hashing measured wrong authentication
• #​27925 Keycloak docs state that there are http metrics, but they are disabled docs
• #​27954 Hibernate Dialect detection does not work anymore for Oracle DBs storage
• #​27966 🍺 instead of dot: Attributes in account UI are not loaded user-profile
• #​27967 ORA-01450 when updating keycloak 23 -> 24 storage
• #​27981 User Profile: Inconsistent ordering of attributes between account and login themes user-profile
• #​28001 MySQL connector artifact should be ignored dist/quarkus
• #​28012 Keycloak CR Truststore should not have a name operator
• #​28113 WebAuthN registration broken after upgrading to 24.0.1 authentication/webauthn

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.