Bump metrics-jvm from 3.1.2 to 4.1.19

[dependabot-preview]

Bumps metrics-jvm from 3.1.2 to 4.1.19.

Release notes

Sourced from metrics-jvm's releases.

v4.1.19

⚠️ Security fixes

• Bump jetty9.version from 9.4.37.v20210219 to 9.4.39.v20210325 (#1767, #1835)
  • This is addressing various security issues (Jetty 9.4.39.v20210325 release notes).
  • GHSA-j6qj-j888-vvgq
  • GHSA-26vr-8j45-3r4w
  • GHSA-v7ff-8wcx-gmc5

Improvements

• Make metrics-caffeine compatible with Caffeine 2.x and 3.x (#1765)

Dependency updates

• Bump ehcache from 3.9.1 to 3.9.2 (#1766)
• Update dependency com.google.errorprone:error_prone_core to v2.6.0 (#1769, #1840)
• Update log4j2.version to v2.14.1 (#1804)
• Bump jdbi3-core from 3.18.0 to 3.18.1 (#1829)
• Bump jcstress-core from 0.7 to 0.8 (#1825)
• Bump jmh.version from 1.27 to 1.29 (#1774, #1824)
• Bump maven-bundle-plugin from 5.1.1 to 5.1.2 (#1833)
• Bump Maven to version 3.8.1
• Bump actions/stale from v3.0.17 to v3.0.18 (#1785)

Assorted

• Configure Renovate (#1747)

v4.1.18

Dependency updates

• Bump amqp-client from 5.10.0 to 5.11.0 (#1756)
• Bump caffeine from 2.8.8 to 2.9.0 (#1754)
• Bump ehcache from 3.9.0 to 3.9.1 (#1757)
• Bump jetty9.version from 9.4.35.v20201120 to 9.4.37.v20210219 (#1740, #1762)
• Upgrade metrics-jersey2 to Jersey 2.33 (#1745)
• Bump assertj-core from 3.18.1 to 3.19.0 (#1741)
• Bump mockito-core from 3.7.0 to 3.8.0 (#1739, #1761)
• Bump maven-checkstyle-plugin from 3.1.1 to 3.1.2 (#1748)
• Bump sphinx-maven-plugin from 2.9.0 to 2.10.0 (#1751)
• Bump actions/cache from v2.1.3 to v2.1.4 (#1749)
• Bump actions/stale from v3.0.14 to v3.0.17 (#1742, #1750, #1755)

v4.1.17

Improvements

• Add no-op implementation of MetricRegistry (#1732)
• Properly reconnect to Graphite via TCP (#1721)

... (truncated)

Commits

• f2cd4b9 [maven-release-plugin] prepare release v4.1.19
• b3071f1 Update dependency com.google.errorprone:error_prone_core to v2.6.0 (release/4...
• 52cf731 Bump Maven to version 3.8.1
• 5232a81 Bumps jetty9.version from 9.4.38.v20210224 to 9.4.39.v20210325. (#1835)
• 06579f9 Bump maven-bundle-plugin from 5.1.1 to 5.1.2 (#1833)
• e330f82 Bump jdbi3-core from 3.18.0 to 3.18.1 (#1829)
• 6bdb023 Bump jmh.version from 1.28 to 1.29 (#1824)
• 045f670 Bump jcstress-core from 0.7 to 0.8 (#1825)
• e89d58e Update log4j2.version to v2.14.1 (release/4.1.x) (#1804)
• 6965ed4 Revert "Bump jackson-databind from 2.9.10.8 to 2.12.2" (#1786)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #41.