Bump org.opensearch:opensearch-core from current to 3.0.0 in /buildSrc/src/testKit/thirdPartyAudit

[dependabot]

Bumps org.opensearch:opensearch-core from current to 3.0.0.

Release notes

Sourced from org.opensearch:opensearch-core's releases.

3.0.0

2025-04-28 Version 3.0.0 Release Notes

[3.0.0]

Breaking Changes

• Upgrade to Lucene 10.1.0 - PR (#16366)
• JDK21 as minimum supported Java runtime (#10745)
• Remove deprecated terms from Java API (#5214)
• JPMS Support (Eliminate top level split packages ) Phase-0 only (#8110)
• Add ThreadContextPermission for stashAndMergeHeaders and stashWithOrigin (#15039)
• Add ThreadContextPermission for markAsSystemContext and allow core to perform the method (#15016)
• Migrate client transports to Apache HttpClient / Core 5.x (#4459)
• Validation changes on the Bulk Index API like enforcing 512 byte _id size limit (#6595)
• Ability to use the node as coordinating node by passing node.roles as empty array (#3412)
• Treat Setting value with empty array string as empty array (#10625)
• Ensure Jackson default maximums introduced in 2.16.0 do not conflict with OpenSearch settings (#11811)
• Setting a maximum depth for nested queries (#11670)
• Fix interchanged formats of total_indexing_buffer_in_bytes and total_indexing_buffer (#17070)
• Cleanup deprecated thread pool settings (#2595)
• Replace "blacklist/whitelist" terminology in Java APIs (#1683)
• Remove deprecated methods from JodaCompatibleZonedDateTime which are called by scripts (#3346)
• List of deprecated code removal in 3.0- partially done (#2773)
• Remove mmap.extensions setting (#9392)
• Remove COMPAT locale provider (#13988)
• Remove transport-nio plugin (#16887)
• Deprecate CamelCase PathHierarchy tokenizer name (#10894)
• Rename Class ending with Plugin to Module under modules dir (#4042)
• Remove deprecated batch_size parameter from _bulk (#14283)
• Unset discovery nodes for every transport node actions request (#17682)

Added

• Support for HTTP/2 (server-side) (#3847)
• Allow mmap to use new JDK-19 preview APIs in Apache Lucene 9.4+ (#5151)
• Add events correlation engine plugin (#6854)
• Implement on behalf of token passing for extensions (#8679, #10664)
• Provide service accounts tokens to extensions (#9618)
• GHA to verify checklist items completion in PR descriptions (#10800)
• [WLM] Add WLM support for search scroll API (#16981)
• Views, simplify data access and manipulation by providing a virtual layer over one or more indices (#11957)
• Add systemd configurations to strengthen OS core security (#17107)
• Added pull-based Ingestion (APIs, for ingestion source, a Kafka plugin, and IngestionEngine that pulls data from the ingestion source) (#16958)
• Added ConfigurationUtils to core for the ease of configuration parsing #17223
• Add cluster and index level settings to limit the total primary shards per node and per index #17295
• Add execution_hint to cardinality aggregator request (#17312)
• Arrow Flight RPC plugin with Flight server bootstrap logic and client for internode communication (#16962)
• Added offset management for the pull-based Ingestion (#17354)
• Added integ tests for systemd configs (#17410)
• Add filter function for AbstractQueryBuilder, BoolQueryBuilder, ConstantScoreQueryBuilder(#17409)
• [Star Tree] [Search] Resolving keyword & numeric bucket aggregation with metric aggregation using star-tree (#17165)
• Added error handling support for the pull-based ingestion (#17427)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependabot. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Superseded by #238.