Skip to content

Bump quarkus.version from 3.37.2 to 3.37.3#2045

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/maven/quarkus.version-3.37.3
Jul 16, 2026
Merged

Bump quarkus.version from 3.37.2 to 3.37.3#2045
github-actions[bot] merged 1 commit into
mainfrom
dependabot/maven/quarkus.version-3.37.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Bumps quarkus.version from 3.37.2 to 3.37.3.
Updates io.quarkus:quarkus-bom from 3.37.2 to 3.37.3

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.37.3

Complete changelog

  • #48106 - quarkus.grpc.codegen.proto-directory unrecognized configuration key & missing from documentation
  • #55093 - Incompatible exception classloaders when mocking exceptions during tests
  • #55196 - quarkus-oidc cannot handle non rollable refresh tokens concurrently
  • #55231 - Safer testcontainers.reuse.enable restoration + more resilient tests
  • #55272 - OIDC: deduplicate concurrent token refresh requests within a single Quarkus instance
  • #55288 - [3.x] OpenShift Client native integration test fails after #55242
  • #55292 - Bump the hibernate group across 1 directory with 12 updates
  • #55316 - Fix IsContainerRuntimeWorking to not write testcontainers.reuse.enable to ~/.testcontainers.properties
  • #55319 - Fix native image build failure caused by Netty's SelfSignedCertificate
  • #55351 - Don't truncate stacktrace on OIDC authentication errors
  • #55357 - Do not miss Throwable in the OIDC code flow error log
  • #55362 - @JsonFormat(shape = JsonFormat.Shape.ARRAY) on a class ignored by reflection-free Jackson serializers when used inside a List/Set
  • #55363 - Reflection free deserializers drops data of final collection field with no setter
  • #55365 - Fix flakiness of RawTypeReflectionFreeSerializerTest
  • #55366 - Fix serialization of pojos using JsonFormat.Shape enum in reflection-free Jackson serializers
  • #55369 - quarkus-rest-jackson: reflection-free deserializer ignores @JsonTypeInfo/@JsonSubTypes for polymorphic list elements inside a wrapper type
  • #55370 - Bail out of reflection-free deserializer when @JsonTypeInfo is used
  • #55373 - Jacoco + CycloneDX extension breaking combination in Quarkus 3.37.1+
  • #55374 - Implement getter-as-setter pattern when deserializing private collection in reflection-free Jackson serializers
  • #55378 - Register gRPC codegen configuration properties
  • #55380 - Harden remote dev mode against path traversal and unsafe deserialization
  • #55385 - NPE in modularity can transformed classes
  • #55396 - Fix NPE in modularity when processing removed resources
  • #55397 - Ignore unresolvable POMs for bundled CycloneDX components
  • #55403 - Fix bad link syntax and update cross-document references to use xref
  • #55410 - quarkus-rest-jackson: Reflection-free deserializer ignores @JsonProperty(required=true) on a @JsonCreator sometimes
  • #55411 - Take count of @JsonProperty(required=true) on a @JsonCreator in reflection-free Jackson serializers
  • #55425 - Disable Mockito class cache so thenThrow works across component tests
  • #55426 - ServerExceptionMapper on sub-resource is global instead of sub-resource specific
  • #55427 - Make @ServerExceptionMapper in sub-resource specific to that sub-resource
  • #55450 - Fix serialization of java.time.Duration in generated reflection-free Jackson serializers
Commits
  • d647aef [RELEASE] - Bump version to 3.37.3
  • 7a51b0e Merge pull request #55460 from gsmet/3.37.3-backports-4
  • 036eb11 Fix serialization of java.time.Duration in generated reflection-free Jackson ...
  • a435cb1 Fix native image build failure caused by Netty's SelfSignedCertificate
  • 34eacf7 Register gRPC codegen configuration properties
  • 9a31621 fix(quarkus-rest): @​serverexceptionmapper in sub-resource shouldn't be global
  • 81b8969 Ignore unresolvable POMs for bundled CycloneDX components
  • c0090b9 Disable Mockito class cache for thenThrow across component tests
  • 5868f10 Harden remote dev mode against unsafe deserialization
  • 49cfd7e Harden remote dev mode against path traversal
  • Additional commits viewable in compare view

Updates io.quarkus:quarkus-security from 3.37.2 to 3.37.3

Updates io.quarkus:quarkus-core from 3.37.2 to 3.37.3

Updates io.quarkus:quarkus-elytron-security-properties-file from 3.37.2 to 3.37.3

Updates io.quarkus:quarkus-rest from 3.37.2 to 3.37.3

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps `quarkus.version` from 3.37.2 to 3.37.3.

Updates `io.quarkus:quarkus-bom` from 3.37.2 to 3.37.3
- [Release notes](https://github.com/quarkusio/quarkus/releases)
- [Commits](quarkusio/quarkus@3.37.2...3.37.3)

Updates `io.quarkus:quarkus-security` from 3.37.2 to 3.37.3

Updates `io.quarkus:quarkus-core` from 3.37.2 to 3.37.3

Updates `io.quarkus:quarkus-elytron-security-properties-file` from 3.37.2 to 3.37.3

Updates `io.quarkus:quarkus-rest` from 3.37.2 to 3.37.3

---
updated-dependencies:
- dependency-name: io.quarkus:quarkus-bom
  dependency-version: 3.37.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.quarkus:quarkus-security
  dependency-version: 3.37.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.quarkus:quarkus-core
  dependency-version: 3.37.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.quarkus:quarkus-elytron-security-properties-file
  dependency-version: 3.37.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.quarkus:quarkus-rest
  dependency-version: 3.37.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 16, 2026
@github-actions
github-actions Bot enabled auto-merge July 16, 2026 00:53
@github-actions
github-actions Bot merged commit 9e5e314 into main Jul 16, 2026
6 of 7 checks passed
@dependabot
dependabot Bot deleted the dependabot/maven/quarkus.version-3.37.3 branch July 16, 2026 00:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants