fix: update dependencies

[Anty0]

Summary by CodeRabbit

• Chores
  • Downgraded Netty dependencies to version 4.1.129.Final across build configurations
  • Updated Docker base image to the latest PostgreSQL 13.23-alpine variant
  • Refreshed system libraries and dependencies in container environment
  • Updated testing and cloud library versions for improved compatibility

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR downgrades Netty dependencies from version 4.2.5.Final to 4.1.129.Final across multiple build configuration files, adds a global Netty version property with forced resolution strategy, updates the PostgreSQL Docker base image from 13.21 to 13.23, and bumps assertJ and Google Cloud BOM library versions.

Changes

Cohort / File(s)	Summary
Netty Dependency Downgrades backend/app/build.gradle, backend/data/build.gradle, build.gradle	Downgraded Netty artifacts (netty-codec-http, netty-codec-http2, netty-handler, and related modules) from 4.2.5.Final to 4.1.129.Final; added global netty.version property and resolutionStrategy in root build.gradle to enforce version consistency across all configurations.
Docker Base Image & Package Updates docker/app/Dockerfile	Bumped PostgreSQL base image from 13.21-alpine3.22 to 13.23-alpine3.22; restructured APK package installation to include system upgrades and explicit pinned versions for openjdk21 (21.0.10_p7-r0) and libxml2 (2.13.9-r0).
Library Version Updates settings.gradle	Upgraded assertJCore from 3.27.3 to 3.27.7 and Google Cloud BOM from 26.61.0 to 26.73.0 in Gradle version catalog.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• fix: update base docker image #3130 — Modifies docker/app/Dockerfile with related PostgreSQL image and package installation updates.

Suggested reviewers

• JanCizmar

Poem

🐰 Down we hop from 4.2 to 4.1,
Netty's threads now in harmony spun,
Docker's postgres grows one patch more,
AssertJ checks with sharper lore,
Configuration gates keep flow secure! 🌿

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'fix: update dependencies' is vague and generic, using a non-descriptive term that doesn't convey meaningful information about which dependencies were updated or why.	Consider a more specific title such as 'fix: downgrade Netty dependencies to 4.1.129.Final' or 'chore: update Netty and test dependencies' to clearly indicate the nature and scope of the changes.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch jirikuchynka/update-dependencies

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@docker/app/Dockerfile`:
- Around line 1-11: The Dockerfile pins an unavailable openjdk21 version; update
the RUN apk --no-cache add openjdk21=21.0.10_p7-r0 line to use a valid Alpine
3.22 package version (e.g., openjdk21-jre=21.0.8_p9-r0 or
openjdk21-jdk=21.0.7_p6-r0) so the image build won't fail—modify the RUN
instruction that installs openjdk21 to reference one of those available package
names/versions.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

Alpine Linux 3.22 packages busybox libcrypto3 libssl3 openjdk21 libxml2

💡 Result:

Alpine Linux v3.22 package versions (per pkgs.alpinelinux.org; versions can vary by architecture, so examples below use x86_64 unless noted):

• busybox (main): 1.37.0-r20 [1]
• libcrypto3 (main, from openssl): 3.5.5-r0 [2]
• libssl3 (main, from openssl): 3.5.5-r0 [3]
• libxml2 (main): 2.13.9-r0 [4]
• openjdk21 (community):
  • openjdk21-jre (x86_64): 21.0.8_p9-r0 [5]
  • openjdk21-jdk (x86_64): 21.0.7_p6-r0 [6]
  • some other v3.22 architectures already show 21.0.9_p10-r0 (example: ppc64le) [7]

Sources: [1] https://pkgs.alpinelinux.org/package/v3.22/main/x86/busybox, [2] https://pkgs.alpinelinux.org/package/v3.22/main/x86/libcrypto3, [3] https://pkgs.alpinelinux.org/package/v3.22/main/x86/libssl3, [4] https://pkgs.alpinelinux.org/package/v3.22/main/x86/libxml2, [5] https://pkgs.alpinelinux.org/package/v3.22/community/x86_64/openjdk21-jre, [6] https://pkgs.alpinelinux.org/package/v3.22/community/x86_64/openjdk21-jdk, [7] https://pkgs.alpinelinux.org/package/v3.22/community/ppc64le/openjdk21

---

Fix openjdk21 version pinning—21.0.10_p7-r0 does not exist in Alpine 3.22.

The pinned version for openjdk21 is not available in Alpine v3.22. Available versions in x86_64 are 21.0.8_p9-r0 (openjdk21-jre) or 21.0.7_p6-r0 (openjdk21-jdk). Update the pin to one of these available versions to prevent build failures. Other packages (busybox, libcrypto3, libssl3, libxml2) are correctly pinned.

🤖 Prompt for AI Agents

In `@docker/app/Dockerfile` around lines 1 - 11, The Dockerfile pins an
unavailable openjdk21 version; update the RUN apk --no-cache add
openjdk21=21.0.10_p7-r0 line to use a valid Alpine 3.22 package version (e.g.,
openjdk21-jre=21.0.8_p9-r0 or openjdk21-jdk=21.0.7_p6-r0) so the image build
won't fail—modify the RUN instruction that installs openjdk21 to reference one
of those available package names/versions.