Bump the dependency-updates group across 1 directory with 4 updates

[dependabot]

Bumps the dependency-updates group with 4 updates in the / directory: io.airlift:airbase, io.opentelemetry:opentelemetry-bom, com.google.guava:guava and software.amazon.awssdk:bom.

Updates io.airlift:airbase from 234 to 249

Release notes

Sourced from io.airlift:airbase's releases.

Release 249

What's Changed

Dependency updates 📦

• Bump io.airlift:packaging from 328 to 329 by @​dependabot in airlift/airbase#738
• Bump io.opentelemetry:opentelemetry-bom-alpha from 1.48.0-alpha to 1.49.0-alpha by @​dependabot in airlift/airbase#740
• Bump io.opentelemetry:opentelemetry-bom from 1.48.0 to 1.49.0 by @​dependabot in airlift/airbase#739

Full Changelog: airlift/airbase@248...249

Release 248

What's Changed

Dependency updates 📦

• Bump dep.jetty.version from 12.0.18 to 12.0.19 by @​dependabot in airlift/airbase#737

Full Changelog: airlift/airbase@247...248

Release 247

What's Changed

Dependency updates 📦

• Bump com.puppycrawl.tools:checkstyle from 10.22.0 to 10.23.0 by @​dependabot in airlift/airbase#736
• Bump io.opentelemetry.semconv:opentelemetry-semconv from 1.31.0 to 1.32.0 by @​dependabot in airlift/airbase#735
• Bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13 by @​dependabot in airlift/airbase#733
• Bump io.opentelemetry.semconv:opentelemetry-semconv-incubating from 1.31.0-alpha to 1.32.0-alpha by @​dependabot in airlift/airbase#734

Full Changelog: airlift/airbase@246...247

Release 246

What's Changed

Dependency updates 📦

• Bump io.opentelemetry.semconv:opentelemetry-semconv from 1.30.0 to 1.31.0 by @​dependabot in airlift/airbase#732
• Bump io.airlift:packaging from 327 to 328 by @​dependabot in airlift/airbase#731
• Bump io.opentelemetry.semconv:opentelemetry-semconv-incubating from 1.30.0-alpha to 1.31.0-alpha by @​dependabot in airlift/airbase#730

Full Changelog: airlift/airbase@245...246

Release 245

... (truncated)

Commits

• See full diff in compare view

Updates io.opentelemetry:opentelemetry-bom from 1.48.0 to 1.49.0

Release notes

Sourced from io.opentelemetry:opentelemetry-bom's releases.

Version 1.49.0

SDK

Trace

• Avoid linear queue.size() calls in span producers by storing queue size separately (#7141)

Exporters

• OTLP: Add support for setting exporter executor service (#7152)
• OTLP: Refine delay jitter for exponential backoff (#7206)

Extensions

• Autoconfigure: Remove support for otel.experimental.exporter.otlp.retry.enabled (#7200)
• Autoconfigure: Add stable cardinality limit property otel.java.metrics.cardinality.limit (#7199)
• Incubator: Add declarative config model customizer SPI (#7118)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​jack-berg @​jkwatson @​laurit @​MrAlias @​raipc @​stevesea @​trask @​vbedrosova @​YuriyHolinko @​zeitlinger

Changelog

Sourced from io.opentelemetry:opentelemetry-bom's changelog.

Version 1.49.0 (2025-04-04)

SDK

Trace

• Avoid linear queue.size() calls in span producers by storing queue size separately (#7141)

Exporters

• OTLP: Add support for setting exporter executor service (#7152)
• OTLP: Refine delay jitter for exponential backoff (#7206)

Extensions

• Autoconfigure: Remove support for otel.experimental.exporter.otlp.retry.enabled (#7200)
• Autoconfigure: Add stable cardinality limit property otel.java.metrics.cardinality.limit (#7199)
• Incubator: Add declarative config model customizer SPI (#7118)

Commits

• 85c0cf2 [release/v1.49.x] Prepare release 1.49.0 (#7250)
• b312602 Prepare for 1.49.0 release (#7248)
• 233e111 fix(deps): update dependency io.netty:netty-bom to v4.2.0.final (#7244)
• 4ecc0be fix(deps): update dependency nl.jqno.equalsverifier:equalsverifier to v3.19.3...
• 1840909 fix(deps): update dependency jacoco to v0.8.13 (#7241)
• 8fe071a fix(deps): update errorproneversion to v2.37.0 (#7211)
• a7e92df fix(deps): update dependency io.opentelemetry.semconv:opentelemetry-semconv-i...
• dc44948 fix(deps): update dependency checkstyle to v10.23.0 (#7237)
• a48b48f fix(deps): update dependency com.google.protobuf:protobuf-bom to v4.30.0 (#7173)
• e34049b fix(deps): update dependency io.opentelemetry.semconv:opentelemetry-semconv-i...
• Additional commits viewable in compare view

Updates com.google.guava:guava from 33.4.5-jre to 33.4.6-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.4.6

Guava 33.4.6 fixes two problems that we introduced while modularizing Guava in 33.4.5.

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about Guava 33.4.5 and 33.4.6's effect on the module system.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.6-jre</version>
  <!-- or, for Android: -->
  <version>33.4.6-android</version>
</dependency>

Jar files

• 33.4.6-jre.jar
• 33.4.6-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.3.jar

Javadoc

• 33.4.6-jre
• 33.4.6-android

JDiff

• 33.4.6-jre vs. 33.4.5-jre
• 33.4.6-android vs. 33.4.5-android
• 33.4.6-android vs. 33.4.6-jre

Changelog

• Removed the extra copy of each class from the Guava jar. The extra copies were an accidental addition from the modularization work in Guava 33.4.5. (40485b93ce)
• Fixed annotation-related warnings when using Guava in modular builds. The most common such warning is Cannot find annotation method 'value()' in type 'DoNotMock': .... (7e15ab3566)

Commits

• See full diff in compare view

Updates software.amazon.awssdk:bom from 2.31.6 to 2.31.16

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.