Bump the maven group across 6 directories with 7 updates

[dependabot]

Bumps the maven group with 1 update in the /plugins/templates-maven-plugin directory: org.apache.maven:maven-core.
Bumps the maven group with 2 updates in the /v1 directory: org.apache.derby:derby and org.springframework:spring-expression.
Bumps the maven group with 2 updates in the /v2/cdc-parent directory: mysql:mysql-connector-java and org.apache.commons:commons-configuration2.
Bumps the maven group with 1 update in the /v2/cdc-parent/cdc-embedded-connector directory: org.apache.commons:commons-configuration2.
Bumps the maven group with 1 update in the /v2/googlecloud-to-neo4j directory: org.yaml:snakeyaml.
Bumps the maven group with 1 update in the /v2/sourcedb-to-spanner directory: org.apache.derby:derby.

Updates org.apache.maven:maven-core from 3.3.9 to 3.8.1

Updates org.apache.maven:maven-compat from 3.3.9 to 3.8.1

Commits

• 05c21c6 [maven-release-plugin] prepare release maven-3.8.1
• d295dc3 [MNG-7128] keep blocked attribute from mirrors in artifact repositories
• a469068 next version in branch 3.8.x is 3.8.1-SNAPSHOT
• dad8a3e [maven-release-plugin] prepare for next development iteration
• 6aa1f4a [maven-release-plugin] prepare release maven-3.8.0
• 907d53a [MNG-7118] block HTTP repositories by default
• 899465a [MNG-7117] add support for blocked mirror
• fa79cb2 [MNG-7116] add support for mirrorOf external:http:*
• e5f6634 use Maven Resolver 1.6.2
• 09f77da [MNG-7119] Upgrade Maven Wagon to 3.4.3
• Additional commits viewable in compare view

Updates org.apache.derby:derby from 10.14.2.0 to 10.17.1.0

Updates org.springframework:spring-expression from 5.2.22.RELEASE to 5.3.39

Release notes

Sourced from org.springframework:spring-expression's releases.

v5.3.39

⭐ New Features

• SimpleEvaluationContext should disable array allocation #33386

v5.3.38

⭐ New Features

• Efficient handling of conditional HTTP requests #33378

🐞 Bug Fixes

• Fix incorrect weak ETag validation #33377
• SimpleEvaluationContext does not enforce read-only semantics #33320
• ConversionService cannot convert primitive array to Object[] #33314
• SpEL Indexer silently ignores failure to set property as index #33312
• Mockito mock falsely initialized as CGLIB proxy with AspectJ aspect #33142
• "file:." cannot be resolved to java.nio.file.Path (and plain "." value resolves to classpath root) #33140

📔 Documentation

• Typo in Annotation-driven Listener Endpoints section of Spring Framework documentation #33052
• Container Extension Points section of Spring Framework documentation refers to the wrong property name #33039
• Incorrect constructor details in the javadoc for ApplicationContextEvent #33034

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.47 #33322

v5.3.37

⭐ New Features

• AnnotationUtils performance degrades with deep stacks #32923

🐞 Bug Fixes

• AspectJ CTW aspects executed twice #32974
• SpEL compilation fails when indexing into a Map with a primitive #32911
• SpEL compilation fails when indexing into an array or list with an Integer #32909
• Application not starting with @EnableTransactionManagement(mode = AdviceMode.ASPECTJ) #32885

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.45 #33010

v5.3.36

🐞 Bug Fixes

• Overridden aspect method runs twice #32868
• @DateTimeFormat(iso = DateTimeFormat.ISO.DATE\_TIME) cannot convert UTC without milliseconds to java.util.Date #32860

... (truncated)

Commits

• f1b128b Release v5.3.39
• 8a44eaa Next development version (v5.3.39-SNAPSHOT)
• f44d13c Disable array allocation in case of no constructor resolution
• f00bc7b Remove snapshot repo
• 582bfcc Efficient ETag parsing
• 406b33d Upgrade to Netty 4.1.112
• f9c3d00 Introduce withAssignmentDisabled() option for SimpleEvaluationContext
• d2715d2 Fix incorrect weak ETag assertion
• 57b02da Upgrade to Reactor 2020.0.47
• df33bf2 Sync GHA setup
• Additional commits viewable in compare view

Updates mysql:mysql-connector-java from 8.0.13 to 8.0.28

Changelog

Sourced from mysql:mysql-connector-java's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

Version 9.1.0

• Fix for Bug#116114 (Bug#37067812), Connector/J is writing incorrect values when passed negative dates.

• Fix for Bug#96623 (Bug#30221117), batch update with rewriteBatchedStatements&useServerPrepStmts send fail request.

• Fix for Bug#114705 (Bug#36539680), Contribution: make trustStorePassword be null if this.trustStoreSettings.keyStorePassword is null. Thanks to Jesper Blomquist for his contribution.

• Fix for Bug#84117 (Bug#25247468), includeThreadNamesAsStatementComment ignored when using prepared statement. Thanks to Yyjun Yyjun for his contribution.

• Fix for Bug#101054 (Bug#32544786), Batched Query > maxAllowedPacket size causes an ArrayIndexOutOfBoundsException.

• Fix for Bug#108415 (Bug#34579258), NullPointerException in AbstractQuery::stopQueryTimer. Thanks to Anthony Milbourne for his contribution.

• Fix for Bug#115265 (Bug#36843227), Second stored procedure call with cacheCallableStmts might fail.

• Fix for Bug#36936407, PrepareCall method doesn't work as expected when DB name is involved.

• WL#16490, OpenID Connect authentication support.

• Fix for Bug#112790 (Bug#35936477), Statement.getGeneratedKeys() returns unexpected value.

• Fix for Bug#113509 (Bug#36154975), closeOnCompletion cause no statement reuse and server memory leak.

• Fix for Bug#109418 (Bug#36043556), batch insert threw an unexpected exception.

• Fix for Bug#114410 (Bug#36434816), Code performance issue.

• Fix for Bug#110586 (Bug#35254470), got unexpected result when the data type was set to ZEROFILL.

Version 9.0.0

• WL#16391, Upgrade 3rd party libraries and tools.

• Fix for Bug#114800 (Bug#36576596), Wrong code by an old patch.

• Fix for Bug#114846 (Bug#36574322), Auto-closeable X dev session. Thanks to Daniel Kec for his contribution.

• Fix for Bug#114989 (Bug#36612566), Setting null value in setClientInfo throws an NPE.

• WL#16376, Set 'caching_sha2_password' as default fallback authentication plugin.

• WL#16342, Update MySQL error codes mapping.

... (truncated)

Commits

• 7ff2161 Updating copyright years
• b13af38 Fix for DateTimeTest according to changes in MySQL server.
• 5c7b775 Update in test for Bug#96900 (30355150).
• e1169ee Fix for Bug#99260 (31189960), statement.setQueryTimeout,creates a database co...
• 05778ef Fix for Bug#103324 (32770013), X DevAPI Collection.replaceOne() missing match...
• 48219f2 Fix for Bug#105197 (33461744), Statement.executeQuery() may return non-naviga...
• 24cf7e2 Fix for Bug#105323 (33507321), README.md contains broken links.
• ad46620 Fix for Bug#96900 (30355150), STATEMENT.CANCEL()CREATE A DATABASE
• 4d19ea1 Fix for Bug#104067 (33054827), No reset autoCommit after unknown issue occurs.
• bc45d35 Fix for Bug#85223 (25656020), MYSQLSQLXML SETSTRING CRASH.
• Additional commits viewable in compare view

Updates org.apache.commons:commons-configuration2 from 2.8.0 to 2.10.1

Updates org.apache.commons:commons-configuration2 from 2.8.0 to 2.10.1

Updates org.yaml:snakeyaml from 1.33 to 2.0

Commits

• c98ffba issue 561: add negative test case
• e2ca740 Use Maven wrapper on github
• 49d91a1 Fix target for github
• 19e331d Disable toolchain for github
• 42c7812 Cobertura plugin does not work
• 03c82b5 Rename GlobalTagRejectionTest to be run by Maven
• 6e8cd89 Remove cobertura
• d9b0f48 Improve Javadoc
• 519791a Run install and site goals under docker
• 82f33d2 Merge branch 'master' into add-module-info
• Additional commits viewable in compare view

Updates org.apache.derby:derby from 10.14.2.0 to 10.17.1.0

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml