Update all patch/minor versions (3.31)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
tomcat	final	patch	9.0.105-jdk11-temurin-jammy -> 9.0.106-jdk11-temurin-jammy
com.amazonaws:aws-java-sdk-s3 (source)	dependencies	patch	1.12.783 -> 1.12.787
org.codehaus.groovy:groovy-all (source)	dependencies	patch	3.0.24 -> 3.0.25
io.dropwizard.metrics:metrics-logback (source)	dependencies	patch	4.2.32 -> 4.2.33
io.dropwizard.metrics:metrics-jmx (source)	dependencies	patch	4.2.32 -> 4.2.33
io.dropwizard.metrics:metrics-jvm (source)	dependencies	patch	4.2.32 -> 4.2.33
io.dropwizard.metrics:metrics-servlets (source)	dependencies	patch	4.2.32 -> 4.2.33
io.dropwizard.metrics:metrics-httpclient (source)	dependencies	patch	4.2.32 -> 4.2.33
io.dropwizard.metrics:metrics-servlet (source)	dependencies	patch	4.2.32 -> 4.2.33
io.dropwizard.metrics:metrics-core (source)	dependencies	patch	4.2.32 -> 4.2.33
org.postgresql:postgresql (source)	dependencies	patch	42.7.5 -> 42.7.7

---

Release Notes

aws/aws-sdk-java (com.amazonaws:aws-java-sdk-s3)

v1.12.787

Compare Source

AWS SDK for Java

• Features

  • Added support for KualaLumpur, Bangkok, Queretaro, us-isof-east-1, isof-south-1, Taipei Regions.

v1.12.786

Compare Source

AWS SDK for Java

• Features

  • Support for protocols service model field and x-amzn-query-mode header

v1.12.785

Compare Source

v1.12.784

Compare Source

Amazon DynamoDB

• Bugfixes

  • Avoid silently throwing exception when retrieving account ID from resource name

dropwizard/metrics (io.dropwizard.metrics:metrics-logback)

v4.2.33

What's Changed

• fix(deps): update jetty monorepo to v12.0.22 (release/4.2.x) (patch) by @​renovate in https://github.com/dropwizard/metrics/pull/4814
• fix(deps): update dependency org.checkerframework:checker-qual to v3.49.4 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4813
• chore(deps): update dependency maven to v3.9.10 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4818
• fix(deps): update dependency org.glassfish.jersey:jersey-bom to v2.47 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4820
• chore(deps): update dependency org.codehaus.mojo:build-helper-maven-plugin to v3.6.1 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4819
• fix(deps): update dependency com.github.ben-manes.caffeine:caffeine to v3.2.1 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4825
• fix(deps): update dependency org.jdbi:jdbi3-core to v3.49.5 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4827
• fix(deps): update dependency net.bytebuddy:byte-buddy to v1.17.6 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4831
• fix(deps): update dependency org.glassfish.jersey:jersey-bom to v3.0.18 (release/4.2.x) by @​renovate in https://github.com/dropwizard/metrics/pull/4832
• fix(deps): update log4j2 monorepo to v2.25.0 (release/4.2.x) (minor) by @​renovate in https://github.com/dropwizard/metrics/pull/4833

Full Changelog: dropwizard/metrics@v4.2.32...v4.2.33

pgjdbc/pgjdbc (org.postgresql:postgresql)

v42.7.7

Security

• security: Client Allows Fallback to Insecure Authentication Despite channelBinding=require configuration.
  Fix channel binding required handling to reject non-SASL authentication
  Previously, when channel binding was set to "require", the driver would silently ignore this
  requirement for non-SASL authentication methods. This could lead to a false sense of security
  when channel binding was explicitly requested but not actually enforced. The fix ensures that when
  channel binding is set to "require", the driver will reject connections that use
  non-SASL authentication methods or when SASL authentication has not completed properly.
  See the Security Advisory for more detail. Reported by George MacKerron
  The following CVE-2025-49146 has been issued

Added

• test: Added ChannelBindingRequiredTest to verify proper behavior of channel binding settings

v42.7.6

Features

• fix: Enhanced DatabaseMetadata.getIndexInfo() method, added index comment as REMARKS property PR #​3513

Performance Improvements

• performance: Improve ResultSetMetadata.fetchFieldMetaData by using IN row values instead of UNION ALL for improved query performance (later reverted) PR #​3510
• feat:Use a single simple query for all startup parameters, so groupStartupParameters is no longer needed PR #​3613

---

Configuration

📅 Schedule: Branch creation - "after 5pm on the first day of the month,on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.