deps: bump the quarkus group with 4 updates

[dependabot]

Bumps the quarkus group with 4 updates: io.quarkus:quarkus-bom, io.quarkus:quarkus-maven-plugin, io.quarkus:quarkus-extension-maven-plugin and io.quarkus:quarkus-extension-processor.

Updates io.quarkus:quarkus-bom from 3.34.1 to 3.34.2

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.34.2

Complete changelog

• #50392 - JFR extension not capturing Quarkus application runtime data
• #52905 - Behavior of @ProjectedFieldName with aggregate functions
• #53142 - build(deps): bump org.jboss.logging:jboss-logging from 3.6.2.Final to 3.6.3.Final
• #53203 - Refactor jar building to a first-write-wins approach
• #53222 - VertxHttpHotReplacementSetup: move the httpInitiatedReload flag check
• #53261 - Honour the legacy resolver settings in go-offline goals
• #53265 - Document and test @ProjectedFieldName with aggregate functions
• #53267 - Upgrade to Vert.x 4.5.26 and Netty 4.1.132.Final
• #53271 - JFR extension event fix
• #53290 - Webauthn IT: move test-webauthn to the test scope
• #53296 - Swagger UI does not mark endpoint as protected if PermissionsAllowed present multiple times
• #53301 - OpenAPI: Detect repeated @PermissionsAllowed annotations in Swagger UI
• #53302 - @CacheInvalidateAll does not work anymore if an exception is thrown
• #53304 - Document that @CacheInvalidateAll only invalidates after successful method execution
• #53322 - Bump Netty to 4.1.132.Final due to CVE-2026-33871
• #53325 - Quarkus 3.33.1: WARN: This Gauge has been already registered
• #53328 - Dev MCP: Return METHOD_NOT_FOUND for unsupported MCP protocol methods
• #53331 - Prevent warning about Gauge having already been registered
• #53336 - Cannot run JUnit Tests with maven from parent module directory
• #53349 - Updates to Infinispan 16.0.9
• #53352 - Some minor uberjar improvements and a test for service concatenation
• #53374 - Add custom enforcer rule to validate dependency version alignment
• #53379 - Detect and exclude manipulated POMs from when loading a workspace

Commits

• a942b08 [RELEASE] - Bump version to 3.34.2
• 3ed1b36 Merge pull request #53387 from gsmet/3.34.2-backports-1
• 90dc515 Merge pull request #53386 from gsmet/ft-6.10.1-3.34
• bd2bdee Detect and exclude manipulated POMs from when loading a workspace
• f63f994 Add custom enforcer rule to validate dependency version alignment
• 2c5f6b3 Updates to Infinispan 16.0.9
• 70e9236 Add a test for checking service file concatenation in uberjars
• ee2038f Ignore duplicates for META-INF/license/* in uberjars
• 0a8ca6a Avoid new lines when concatenating services files in uberjars
• abe825b Update SmallRye Fault Tolerance to 6.10.1
• Additional commits viewable in compare view

Updates io.quarkus:quarkus-maven-plugin from 3.34.1 to 3.34.2

Updates io.quarkus:quarkus-extension-maven-plugin from 3.34.1 to 3.34.2

Release notes

Sourced from io.quarkus:quarkus-extension-maven-plugin's releases.

3.34.2

Complete changelog

• #50392 - JFR extension not capturing Quarkus application runtime data
• #52905 - Behavior of @ProjectedFieldName with aggregate functions
• #53142 - build(deps): bump org.jboss.logging:jboss-logging from 3.6.2.Final to 3.6.3.Final
• #53203 - Refactor jar building to a first-write-wins approach
• #53222 - VertxHttpHotReplacementSetup: move the httpInitiatedReload flag check
• #53261 - Honour the legacy resolver settings in go-offline goals
• #53265 - Document and test @ProjectedFieldName with aggregate functions
• #53267 - Upgrade to Vert.x 4.5.26 and Netty 4.1.132.Final
• #53271 - JFR extension event fix
• #53290 - Webauthn IT: move test-webauthn to the test scope
• #53296 - Swagger UI does not mark endpoint as protected if PermissionsAllowed present multiple times
• #53301 - OpenAPI: Detect repeated @PermissionsAllowed annotations in Swagger UI
• #53302 - @CacheInvalidateAll does not work anymore if an exception is thrown
• #53304 - Document that @CacheInvalidateAll only invalidates after successful method execution
• #53322 - Bump Netty to 4.1.132.Final due to CVE-2026-33871
• #53325 - Quarkus 3.33.1: WARN: This Gauge has been already registered
• #53328 - Dev MCP: Return METHOD_NOT_FOUND for unsupported MCP protocol methods
• #53331 - Prevent warning about Gauge having already been registered
• #53336 - Cannot run JUnit Tests with maven from parent module directory
• #53349 - Updates to Infinispan 16.0.9
• #53352 - Some minor uberjar improvements and a test for service concatenation
• #53374 - Add custom enforcer rule to validate dependency version alignment
• #53379 - Detect and exclude manipulated POMs from when loading a workspace

Commits

• a942b08 [RELEASE] - Bump version to 3.34.2
• 3ed1b36 Merge pull request #53387 from gsmet/3.34.2-backports-1
• 90dc515 Merge pull request #53386 from gsmet/ft-6.10.1-3.34
• bd2bdee Detect and exclude manipulated POMs from when loading a workspace
• f63f994 Add custom enforcer rule to validate dependency version alignment
• 2c5f6b3 Updates to Infinispan 16.0.9
• 70e9236 Add a test for checking service file concatenation in uberjars
• ee2038f Ignore duplicates for META-INF/license/* in uberjars
• 0a8ca6a Avoid new lines when concatenating services files in uberjars
• abe825b Update SmallRye Fault Tolerance to 6.10.1
• Additional commits viewable in compare view

Updates io.quarkus:quarkus-extension-processor from 3.34.1 to 3.34.2

Updates io.quarkus:quarkus-maven-plugin from 3.34.1 to 3.34.2

Updates io.quarkus:quarkus-extension-maven-plugin from 3.34.1 to 3.34.2

Release notes

Sourced from io.quarkus:quarkus-extension-maven-plugin's releases.

3.34.2

Complete changelog

• #50392 - JFR extension not capturing Quarkus application runtime data
• #52905 - Behavior of @ProjectedFieldName with aggregate functions
• #53142 - build(deps): bump org.jboss.logging:jboss-logging from 3.6.2.Final to 3.6.3.Final
• #53203 - Refactor jar building to a first-write-wins approach
• #53222 - VertxHttpHotReplacementSetup: move the httpInitiatedReload flag check
• #53261 - Honour the legacy resolver settings in go-offline goals
• #53265 - Document and test @ProjectedFieldName with aggregate functions
• #53267 - Upgrade to Vert.x 4.5.26 and Netty 4.1.132.Final
• #53271 - JFR extension event fix
• #53290 - Webauthn IT: move test-webauthn to the test scope
• #53296 - Swagger UI does not mark endpoint as protected if PermissionsAllowed present multiple times
• #53301 - OpenAPI: Detect repeated @PermissionsAllowed annotations in Swagger UI
• #53302 - @CacheInvalidateAll does not work anymore if an exception is thrown
• #53304 - Document that @CacheInvalidateAll only invalidates after successful method execution
• #53322 - Bump Netty to 4.1.132.Final due to CVE-2026-33871
• #53325 - Quarkus 3.33.1: WARN: This Gauge has been already registered
• #53328 - Dev MCP: Return METHOD_NOT_FOUND for unsupported MCP protocol methods
• #53331 - Prevent warning about Gauge having already been registered
• #53336 - Cannot run JUnit Tests with maven from parent module directory
• #53349 - Updates to Infinispan 16.0.9
• #53352 - Some minor uberjar improvements and a test for service concatenation
• #53374 - Add custom enforcer rule to validate dependency version alignment
• #53379 - Detect and exclude manipulated POMs from when loading a workspace

Commits

• a942b08 [RELEASE] - Bump version to 3.34.2
• 3ed1b36 Merge pull request #53387 from gsmet/3.34.2-backports-1
• 90dc515 Merge pull request #53386 from gsmet/ft-6.10.1-3.34
• bd2bdee Detect and exclude manipulated POMs from when loading a workspace
• f63f994 Add custom enforcer rule to validate dependency version alignment
• 2c5f6b3 Updates to Infinispan 16.0.9
• 70e9236 Add a test for checking service file concatenation in uberjars
• ee2038f Ignore duplicates for META-INF/license/* in uberjars
• 0a8ca6a Avoid new lines when concatenating services files in uberjars
• abe825b Update SmallRye Fault Tolerance to 6.10.1
• Additional commits viewable in compare view

Updates io.quarkus:quarkus-extension-processor from 3.34.1 to 3.34.2

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud