Bump the quarkus group with 1 update

[dependabot]

Bumps the quarkus group with 1 update: io.quarkus:quarkus-bom.

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.5.0.CR1

Major changes

• #36268 - Add OIDC Mastodon provider
• #36175 - Introduce OIDC Database Token State Manager extension
• #36164 - Support Java 21 main launch protocol
• #35923 - Map OIDC scope attribute to the SecurityIdentity permissions
• #35610 - Change decompiler from quiltflower to vineflower
• #33790 - Allow Hibernate Reactive to coexist with Agroal (and thus Flyway and Liquibase)

Complete changelog

• #36393 - Remove "coming soon" about CLI in tooling.adoc
• #36386 - Fixes PatternSyntaxException:Unclosed group near index 34
• #36385 - Fix jakarta.el.ELException: Function 'match' not found
• #36384 - Add gradle deps example to unblock downstream docs build
• #36377 - Allow @ClientHeaderParam to override User-Agent
• #36371 - Fix issue in Java migration in dev-mode
• #36369 - List specific guides about virtual threads
• #36366 - OIDC Db Token State Manager - disable MSSQL test due to limited Github CI resources and cancel timer on shutdown
• #36362 - Explain how to deal with Rate Limiting in the OIDC providers doc
• #36361 - Check semicolon during the OIDC scope to permission conversion
• #36354 - Allow ORM dependencies in mavenLocal for Gradle tests
• #36351 - Properly handle invalid response body errors in Reactive REST Client
• #36349 - PRs involving Doc updates are failing
• #36348 - Smallrye GraphQL 2.5.0
• #36347 - Kafka serde discovery generates serializer for dead letter queue failure strategy
• #36333 - Prepare for ORM update
• #36332 - Bump com.google.cloud.tools:jib-core from 0.24.0 to 0.25.0
• #36331 - Bump org.bouncycastle:bctls-fips from 1.0.16 to 1.0.17
• #36329 - Custom User-Agent header ignored
• #36322 - Do not warn on static init about clearly build-related properties being set in environment variables
• #36321 - Upgrade vaadin to 24.1.10
• #36318 - Bump elasticsearch-opensource-components.version from 8.10.1 to 8.10.2
• #36317 - Bump com.amazonaws:aws-lambda-java-events from 3.11.2 to 3.11.3
• #36315 - Bump org.junit.jupiter:junit-jupiter from 5.9.3 to 5.10.0
• #36314 - Bump com.gradle.enterprise from 3.15 to 3.15.1 in /devtools/gradle
• #36313 - OIDC scope to permission conversion does not initialize StringPermission actions
• #36311 - Upgrade: Hibernate ORM 6.2.11.Final and Reactive 2.0.6.Final
• #36309 - Use consistent versions of Maven for Maven wrapper and mvnd
• #36307 - Add support for Google Application Default Credentials
• #36306 - Natively support Google Application Default Credentials in the container-image-jib extension
• #36302 - Fix headers and preambles in all guides and reintroduce some keywords
• #36299 - quarkus-flyway: Java-Migration does not get picked up on live reload
• #36293 - Use correct quotes
• #36291 - Warning "Build time property cannot be changed at runtime: quarkus.native.builder-image.pull"
• #36290 - Fixed URL for configuring JSON support
• #36286 - Add the secrets keyword in the .env section in the reference docs
• #36281 - Config: detect injected config value mismatch during static init
• #36280 - Enable OracleOpenTelemetryJdbcInstrumentationTest

... (truncated)

Commits

• 8703586 [RELEASE] - Bump version to 3.5.0
• ea3eee6 Updates liquibase to version 4.24 to solve bug
• dc7b4a3 Merge pull request #36533 from gsmet/3.5.0-backports-1
• 91cddc6 Register RuntimeOverrideConfigSource in STATIC_INIT
• e7c0a9a Start MongoDB 4.4 instead of 4.0
• 535b2e2 Use Mandrel 23.1 in windows CI
• 6b739a5 Bump org.wiremock:wiremock-standalone from 3.1.0 to 3.2.0
• feddfda Fix typo in gradle-tooling.adoc
• bbb144b Fix some issues in getting-started-dev-services:
• 6285bf4 Adjust extension name for consistency with rest of Quarkus
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions