fix(deps): bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16

.github/workflows/cve-check.yml

@@ -144,7 +144,7 @@ jobs:
 
       - name: Upload CVE files
         if: failure()
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: cves
           path: cve_slack_payload_*.json

.github/workflows/documentdb-5.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Connect DocumentDB 5
         env:
           DDB5_HOST: ${{ secrets.DDB5_HOST }} # expected: sample-cluster.node.zone.docdb.amazonaws.com
-          DDB5_HOSTS_MAP: ${{ secrets.DDB5_HOSTS_MAP }} # expected: config for /etc/hosts including all propagated hostnames
+          DDB5_HOSTS_MAP: ${{ secrets.DDB5_HOSTS_MAP }} # expected: config for /etc/hosts including all propagated hostnames (master, cluster, cluster-ro) pointing to 127.0.0.1
           DDB_EC2_FINGERPRINT: ${{ secrets.DDB_EC2_FINGERPRINT }} # expected: hostname.ec2.proxy.to.forward.com,123.123.123.123 ecdsa-sha2-nistp256 ...
           DDB_EC2_USER_AND_HOST: ${{ secrets.DDB_EC2_USER_AND_HOST }} # expected: username@hostname.ec2.proxy.to.forward.com
           DDB_EC2_CERTIFICATE: ${{ secrets.DDB_EC2_CERTIFICATE }} # expected: pem certificate

.github/workflows/documentdb.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Connect DocumentDB
         env:
           DDB_HOST: ${{ secrets.DDB_HOST }} # expected: sample-cluster.node.zone.docdb.amazonaws.com
-          DDB_HOSTS_MAP: ${{ secrets.DDB_HOSTS_MAP }} # expected: config for /etc/hosts including all propagated hostnames
+          DDB_HOSTS_MAP: ${{ secrets.DDB_HOSTS_MAP }} # expected: config for /etc/hosts including all propagated hostnames (master, cluster, cluster-ro) pointing to 127.0.0.1
           DDB_EC2_FINGERPRINT: ${{ secrets.DDB_EC2_FINGERPRINT }} # expected: hostname.ec2.proxy.to.forward.com,123.123.123.123 ecdsa-sha2-nistp256 ...
           DDB_EC2_USER_AND_HOST: ${{ secrets.DDB_EC2_USER_AND_HOST }} # expected: username@hostname.ec2.proxy.to.forward.com
           DDB_EC2_CERTIFICATE: ${{ secrets.DDB_EC2_CERTIFICATE }} # expected: pem certificate
@@ -58,4 +58,4 @@ jobs:
 
       - name: Clean
         if: always()
-        run: rm -rf ~/.ssh
+        run: rm -rf ~/.ssh

.github/workflows/java-ci.yml

@@ -37,7 +37,7 @@ jobs:
           ./gradlew jibDockerBuild &&
           docker run --rm --entrypoint="echo" mongodb-operator:latest 'image is not distroless' && exit 1 || echo 'image is distroless'
 
-      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+      - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         if: always()
         with:
           name: java-ci-test-results

.github/workflows/publish-docs.yml

@@ -31,7 +31,7 @@ jobs:
         run: mkdocs build --config-file mkdocs.yml && ls -al
       - name: Archive test build
         if: github.event_name == 'pull_request'
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: site
           path: |

build.gradle

@@ -3,7 +3,7 @@ plugins {
   id "idea"
   id "java"
   id 'org.sonarqube' version '6.0.1.5171'
-  id "com.diffplug.spotless" version "6.25.0"
+  id "com.diffplug.spotless" version "7.0.1"
   id "com.google.cloud.tools.jib" version "3.4.4"
   id 'org.cyclonedx.bom' version '1.10.0'
 }
@@ -73,7 +73,7 @@ dependencies {
     exclude group: 'com.squareup.okio', module: 'okio'
   }
   // upgrade from transitive 1.15.0 in okhttp to fix CVE-2023-3635
-  implementation 'com.squareup.okio:okio:3.9.1'
+  implementation 'com.squareup.okio:okio:3.10.1'
 
   implementation "org.mongodb:mongodb-driver-sync:${mongoDbDriverVersion}"
 
@@ -90,7 +90,7 @@ dependencies {
   // logging
   annotationProcessor "org.slf4j:slf4j-api:${slf4jVersion}"
   implementation "org.slf4j:slf4j-api:${slf4jVersion}"
-  implementation 'ch.qos.logback:logback-classic:1.5.15', {
+  implementation 'ch.qos.logback:logback-classic:1.5.16', {
     exclude group: "org.slf4j", module: "slf4j-api"
   }
   implementation "ch.qos.logback.contrib:logback-json-classic:${logbackContribVersion}", {
@@ -107,7 +107,7 @@ dependencies {
   testImplementation enforcedPlatform("org.junit:junit-bom:5.11.4")
   testImplementation 'org.junit.jupiter:junit-jupiter'
   testImplementation 'org.junit-pioneer:junit-pioneer:2.3.0'
-  testImplementation 'org.assertj:assertj-core:3.27.1', {
+  testImplementation 'org.assertj:assertj-core:3.27.2', {
     // conflict of 1.12.10 in assertj vs 1.12.13 in mockito-core
     exclude group: "net.bytebuddy", module: "byte-buddy"
     exclude group: "net.bytebuddy", module: "byte-buddy-agent"