build(deps): bump quarkus.version from 3.8.2 to 3.9.0

[dependabot]

Bumps quarkus.version from 3.8.2 to 3.9.0.
Updates io.quarkus:quarkus-bom from 3.8.2 to 3.9.0

Release notes

Sourced from io.quarkus:quarkus-bom's releases.

3.9.0.CR2

Complete changelog

• #30450 - Infinispan Extension: Allow InjectMock for RemoteCache
• #33008 - info extension should have link to ui in devui tile
• #39240 - Bump org.mockito:mockito-bom from 5.10.0 to 5.11.0
• #39302 - Adds RemoteCache @InjectMock support in Infinispan
• #39367 - Improve OIDC client reference document
• #39389 - Updates to Infinispan 15 release
• #39398 - Fix incorrect REST artifactId because PR was stale and using old one
• #39408 - Autogenerated application with oidc-db-token-state-manager fails to be built
• #39409 - Reduce the allocation pressure on ConfigDiagnostic.unknownProperties
• #39421 - Bump org.apache.logging.log4j:log4j-api from 2.23.0 to 2.23.1
• #39422 - Bump com.github.javaparser:javaparser-core from 3.25.8 to 3.25.9
• #39423 - Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2
• #39429 - Dev UI: Info card now links to page
• #39432 - Fix OIDC DB token state validation when no reactive SQL client present
• #39435 - Upgrade to SmallRye GraphQL 2.8.1
• #39444 - Save regexp Pattern allocation on config name renaming

3.9.0.CR1

Major changes

• #34493 - Add CLI command for Config
• #37680 - index.html (welcome page) now dynamic
• #38541 - Support OIDC Client JWT Bearer authentication
• #38603 - Introduce @ClientBasicAuth annotation
• #38608 - Allow TLS certificate reloading for the HTTP server
• #39142 - Initial version of the new declarative WebSocket server API
• #39159 - Big Quarkus REST rename
• #39206 - Improve graceful shutdown
• #39301 - Rename SmallRye Reactive Messaging extensions to Messaging

Complete changelog

• #1120 - Panache - Sort properties injected in the query should be escaped somehow
• #1499 - Improve index.html welcome page
• #5236 - Move handling of NotFound http code from resteasy to the vertx-http extension
• #7963 - test Fault Tolerance in dev mode
• #8392 - Hyperlink Rest Resources on 404 page
• #15926 - Hot Reload for TLS Keystore
• #16833 - quarkus scheduler does not await termination of scheduledExecutor
• #20024 - Support Multi<Byte> and Multi<byte[]> for octet stream in Rest Client Reactive
• #21248 - Clean up JDK 18 workarounds
• #25453 - Mutiny is not compatible with quarkus opentelemetry
• #26308 - Panache - load page with join fetch
• #29172 - Integrate FileVault Utils with Quarkus CLI
• #31157 - websocket extension should implement ping/pong
• #31414 - Exclude banned dependency commons-logging in the BOM

... (truncated)

Commits

• a89b60d [RELEASE] - Bump version to 3.9.0
• caf44e7 Bump io.smallrye.config:smallrye-config-source-yaml in /devtools/gradle
• c1b0c12 Initial version of the WebSocket Next documentation
• 6200585 Merge pull request #39560 from gsmet/3.9.0-backports-2
• 7d30d09 Simplify and fix default codestart selection code
• 34ef25e Fix codestarts compatibility with older CLI
• 4cd8024 Enable proxy configuration for OpenTelemetry exporters
• f82d815 Bump org.postgresql:postgresql from 42.7.2 to 42.7.3
• bac1ca1 Update SmallRye Config to 3.7.1
• ab77cb2 Update SmallRye Config to 3.7.0
• Additional commits viewable in compare view

Updates io.quarkus:quarkus-panache-common from 3.8.2 to 3.9.0

Updates io.quarkus:quarkus-maven-plugin from 3.8.2 to 3.9.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #150.