Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change default textual serialization of java.util.Date/Calendar to include colon in timezone offset #2643

Closed
cowtowncoder opened this issue Mar 5, 2020 · 10 comments
Labels
date-time-config Work related to possible larger DateTimeConfig feature
Milestone

Comments

@cowtowncoder
Copy link
Member

(for background, see #1624 and #1744)

So. While older JDK versions (up to JDK 7) always wrote timezone offset, if any, without colon, like:

+0000

ISO-8601 specification expects minute/hour part to be separated by a colon like

+00:00

While #1744 added an option to enable this behavior, it has not been default for Jackson.
Let's change it in 2.11.

A note on implementation: a new SerializationFeature setting was briefly considered, but wiring of such setting to be used proved difficult. Users can still use method in StdDateFormat

@michael-o
Copy link

michael-o commented Mar 5, 2020

That's not competely true. ISO 8601 provides two formats, basic and extended. So both outputs are valid as long as the rest of the timestamp adheres to the same format. Since Jackson uses extended format exclusively, the current behavior is wrong.

@cowtowncoder
Copy link
Member Author

@michael-o Ok. I think this was mentioned in an earlier discussion, but was not sure how to describe it. So, two questions:

  1. Do you agree with the change itself, going forward? (I assume yes, just want to make 100% certain)
  2. Could you suggest an improved wording to use here (feel free to edit if you can; if not let me know)

Also related, for overall change plans wrt Date/Time type handling:

https://github.com/FasterXML/jackson-future-ideas/wiki/JSTEP-5

where it'd be good to first group distinct ideas of improvements needed, in detail.

@cowtowncoder cowtowncoder added the date-time-config Work related to possible larger DateTimeConfig feature label Mar 5, 2020
@michael-o
Copy link

  1. Yes, I do agree.
  2. Do you refer to 4b51149? If yes, it definitvely needs improvement. Because Z has ben designed for RFC dates and not for ISO dates like telescoping X.

@cowtowncoder
Copy link
Member Author

@michael-o Meant specifically wrt Javadoc for SerializationFeature.WRITE_DATES_AS_TIMESTAMPS primarily, and perhaps this issue title secondarily.

cowtowncoder added a commit that referenced this issue Mar 6, 2020
@michael-o
Copy link

New title: Change default textual serialization of java.util.Date/Calendar for the timezone offset to comply with ISO 8601 extended format.

I will review the Javadoc of SerializationFeature.WRITE_DATES_AS_TIMESTAMPS.

@michael-o
Copy link

See this part:

https://github.com/FasterXML/jackson-databind/blob/master/src/main/java/com/fasterxml/jackson/databind/util/StdDateFormat.java#L18-L22

This statement is problematic, even wrong. X cannot be used for RFC and ISO. The subtile difference is that is will always serialize Zulu with Z, never +0000 or 00:00.

I'd say that the Javadoc of WRITE_DATES_AS_TIMESTAMPS is acceptable. StdDateFormat needs imrovements for 3.0. It is a bit of a mess with respect to ISO 8601.

cowtowncoder added a commit that referenced this issue Mar 6, 2020
@cowtowncoder
Copy link
Member Author

@michael-o I want to make sure I understand this part:

X cannot be used for RFC and ISO. The subtile difference is that is will always serialize Zulu with Z, never +0000 or 00:00.

As far as I can read JDK javadocs, X does produce Z for zero timezone offset; one that is legal (as well as alternate +00[:00]) for ISO-8601 as well. So I assume those are not problem parts.

So I assume you refer to the current (2.11) implementation of StdDateFormat, which does (for now) produce only numeric offset. This is easy to change, as comments already indicate (although claiming older specs being problematic, I'll change comment) that behavior was chosen for backwards compatibility.
Since changing that part (+00:00 -> Z) is yet another theoretically tiny, but in practice highly visible -- most likely causing tons of bogus test failures, but also breaking some amount of fragile code -- it seems best to only change colon inclusion for 2.11, and do +00:00 -> Z for 3.0 now. We can consider switch in 2.12 as well, depending on how 2.11 release goes.

Does above make sense?

@michael-o
Copy link

Yes, retain 00:00 for the 2.x line and move fully to XXX in 3.0. I wouldn't really touch that in 2.x as it cause too many confusion with broken stuff out there. Don't make the hodge-podge even worse for now.

@jocull
Copy link

jocull commented Mar 26, 2021

This isn't clearly documented at all, but after digging through the source code I figured out what you need to do to go back to the old behavior:

final ObjectMapper mapper = JsonMapper.builder()
        .defaultDateFormat(new StdDateFormat().withColonInTimeZone(false)) // <<<<
        .build();

Hope that helps someone else. It's really difficult to get to these everywhere in your code (and shared libraries!) that it might exist. It also means that doing dependency alignment for things like security reasons (e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28491 ) is extremely difficult.

@cowtowncoder
Copy link
Member Author

Thank you for sharing this @jocull. Configurability of date/time handling is quite problematic, alas, both because of variety of differences across platforms and because Java has a few alternatives ("old" JDK, newer Java 8, Joda). And date/time handling is a huge swamp in and of itself, as a domain.

This is known as a problem domain so there have been plans:

https://github.com/FasterXML/jackson-future-ideas/wiki/JSTEP-5

to try to address settings, defaults, configurability. Currently no one has time to tackle this one, unfortunately.

haijian-vaadin pushed a commit to vaadin/flow that referenced this issue Sep 3, 2021
…abind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643
fluorumlabs added a commit to vaadin/flow that referenced this issue Sep 3, 2021
…abind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643
fluorumlabs added a commit to vaadin/flow that referenced this issue Sep 6, 2021
* Bump swagger-codegen to 3.0.27

* Fix formatting

* Fix formatting

* chore(deps): bump jetty.version (#11722)

Bumps `jetty.version` from 9.4.27.v20200227 to 9.4.43.v20210629.

Updates `jetty-maven-plugin` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-webapp` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-continuation` from 9.4.27.v20200227 to 9.4.43.v20210629

Updates `jetty-annotations` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `websocket-server` from 9.4.27.v20200227 to 9.4.43.v20210629

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-continuation
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.websocket:websocket-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-clean-plugin from 3.0.0 to 3.1.0 (#11728)

Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-clean-plugin/releases)
- [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.0.0...maven-clean-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump equalsverifier from 3.0 to 3.7.1 (#11723)

Bumps [equalsverifier](https://github.com/jqno/equalsverifier) from 3.0 to 3.7.1.
- [Release notes](https://github.com/jqno/equalsverifier/releases)
- [Changelog](https://github.com/jqno/equalsverifier/blob/main/CHANGELOG.md)
- [Commits](jqno/equalsverifier@equalsverifier-3.0...equalsverifier-3.7.1)

---
updated-dependencies:
- dependency-name: nl.jqno.equalsverifier:equalsverifier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-enforcer-plugin from 1.4.1 to 3.0.0 (#11724)

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 1.4.1 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-1.4.1...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump exec-maven-plugin from 1.6.0 to 3.0.0 (#11727)

Bumps [exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-1.6.0...exec-maven-plugin-3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-dependency-plugin from 2.8 to 3.2.0 (#11738)

Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 2.8 to 3.2.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-2.8...maven-dependency-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump validation-api from 2.0.0.Final to 2.0.1.Final (#11735)

Bumps [validation-api](https://github.com/beanvalidation/beanvalidation-api) from 2.0.0.Final to 2.0.1.Final.
- [Release notes](https://github.com/beanvalidation/beanvalidation-api/releases)
- [Commits](jakartaee/validation@2.0.0.Final...2.0.1.Final)

---
updated-dependencies:
- dependency-name: javax.validation:validation-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump hsqldb from 2.2.6 to 2.6.0 (#11737)

Bumps hsqldb from 2.2.6 to 2.6.0.

---
updated-dependencies:
- dependency-name: org.hsqldb:hsqldb
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump mockito-core from 3.10.0 to 3.12.4 (#11733)

Bumps [mockito-core](https://github.com/mockito/mockito) from 3.10.0 to 3.12.4.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.10.0...v3.12.4)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: organize dependency versions and update vulnerable jackson-databind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643

* chore(deps): Override frontend-plugin-core dependencies (#11732)

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
platosha pushed a commit to vaadin/hilla that referenced this issue May 31, 2022
…abind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643
platosha pushed a commit to vaadin/hilla that referenced this issue May 31, 2022
* Bump swagger-codegen to 3.0.27

* Fix formatting

* Fix formatting

* chore(deps): bump jetty.version (#11722)

Bumps `jetty.version` from 9.4.27.v20200227 to 9.4.43.v20210629.

Updates `jetty-maven-plugin` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-webapp` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-continuation` from 9.4.27.v20200227 to 9.4.43.v20210629

Updates `jetty-annotations` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `websocket-server` from 9.4.27.v20200227 to 9.4.43.v20210629

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-continuation
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.websocket:websocket-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-clean-plugin from 3.0.0 to 3.1.0 (#11728)

Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-clean-plugin/releases)
- [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.0.0...maven-clean-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump equalsverifier from 3.0 to 3.7.1 (#11723)

Bumps [equalsverifier](https://github.com/jqno/equalsverifier) from 3.0 to 3.7.1.
- [Release notes](https://github.com/jqno/equalsverifier/releases)
- [Changelog](https://github.com/jqno/equalsverifier/blob/main/CHANGELOG.md)
- [Commits](jqno/equalsverifier@equalsverifier-3.0...equalsverifier-3.7.1)

---
updated-dependencies:
- dependency-name: nl.jqno.equalsverifier:equalsverifier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-enforcer-plugin from 1.4.1 to 3.0.0 (#11724)

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 1.4.1 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-1.4.1...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump exec-maven-plugin from 1.6.0 to 3.0.0 (#11727)

Bumps [exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-1.6.0...exec-maven-plugin-3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-dependency-plugin from 2.8 to 3.2.0 (#11738)

Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 2.8 to 3.2.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-2.8...maven-dependency-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump validation-api from 2.0.0.Final to 2.0.1.Final (#11735)

Bumps [validation-api](https://github.com/beanvalidation/beanvalidation-api) from 2.0.0.Final to 2.0.1.Final.
- [Release notes](https://github.com/beanvalidation/beanvalidation-api/releases)
- [Commits](jakartaee/validation@2.0.0.Final...2.0.1.Final)

---
updated-dependencies:
- dependency-name: javax.validation:validation-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump hsqldb from 2.2.6 to 2.6.0 (#11737)

Bumps hsqldb from 2.2.6 to 2.6.0.

---
updated-dependencies:
- dependency-name: org.hsqldb:hsqldb
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump mockito-core from 3.10.0 to 3.12.4 (#11733)

Bumps [mockito-core](https://github.com/mockito/mockito) from 3.10.0 to 3.12.4.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.10.0...v3.12.4)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: organize dependency versions and update vulnerable jackson-databind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643

* chore(deps): Override frontend-plugin-core dependencies (#11732)

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
vercel-talented added a commit to vercel-talented/hilla-react that referenced this issue May 4, 2024
…abind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643
vercel-talented added a commit to vercel-talented/hilla-react that referenced this issue May 4, 2024
* Bump swagger-codegen to 3.0.27

* Fix formatting

* Fix formatting

* chore(deps): bump jetty.version (#11722)

Bumps `jetty.version` from 9.4.27.v20200227 to 9.4.43.v20210629.

Updates `jetty-maven-plugin` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-webapp` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-continuation` from 9.4.27.v20200227 to 9.4.43.v20210629

Updates `jetty-annotations` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `websocket-server` from 9.4.27.v20200227 to 9.4.43.v20210629

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-continuation
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.websocket:websocket-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-clean-plugin from 3.0.0 to 3.1.0 (#11728)

Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-clean-plugin/releases)
- [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.0.0...maven-clean-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump equalsverifier from 3.0 to 3.7.1 (#11723)

Bumps [equalsverifier](https://github.com/jqno/equalsverifier) from 3.0 to 3.7.1.
- [Release notes](https://github.com/jqno/equalsverifier/releases)
- [Changelog](https://github.com/jqno/equalsverifier/blob/main/CHANGELOG.md)
- [Commits](jqno/equalsverifier@equalsverifier-3.0...equalsverifier-3.7.1)

---
updated-dependencies:
- dependency-name: nl.jqno.equalsverifier:equalsverifier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-enforcer-plugin from 1.4.1 to 3.0.0 (#11724)

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 1.4.1 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-1.4.1...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump exec-maven-plugin from 1.6.0 to 3.0.0 (#11727)

Bumps [exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-1.6.0...exec-maven-plugin-3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-dependency-plugin from 2.8 to 3.2.0 (#11738)

Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 2.8 to 3.2.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-2.8...maven-dependency-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump validation-api from 2.0.0.Final to 2.0.1.Final (#11735)

Bumps [validation-api](https://github.com/beanvalidation/beanvalidation-api) from 2.0.0.Final to 2.0.1.Final.
- [Release notes](https://github.com/beanvalidation/beanvalidation-api/releases)
- [Commits](jakartaee/validation@2.0.0.Final...2.0.1.Final)

---
updated-dependencies:
- dependency-name: javax.validation:validation-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump hsqldb from 2.2.6 to 2.6.0 (#11737)

Bumps hsqldb from 2.2.6 to 2.6.0.

---
updated-dependencies:
- dependency-name: org.hsqldb:hsqldb
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump mockito-core from 3.10.0 to 3.12.4 (#11733)

Bumps [mockito-core](https://github.com/mockito/mockito) from 3.10.0 to 3.12.4.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.10.0...v3.12.4)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: organize dependency versions and update vulnerable jackson-databind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643

* chore(deps): Override frontend-plugin-core dependencies (#11732)

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
byte-dev-hubs added a commit to byte-dev-hubs/hila-java that referenced this issue May 12, 2024
…abind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643
byte-dev-hubs added a commit to byte-dev-hubs/hila-java that referenced this issue May 12, 2024
* Bump swagger-codegen to 3.0.27

* Fix formatting

* Fix formatting

* chore(deps): bump jetty.version (#11722)

Bumps `jetty.version` from 9.4.27.v20200227 to 9.4.43.v20210629.

Updates `jetty-maven-plugin` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-webapp` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-continuation` from 9.4.27.v20200227 to 9.4.43.v20210629

Updates `jetty-annotations` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `websocket-server` from 9.4.27.v20200227 to 9.4.43.v20210629

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-continuation
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.websocket:websocket-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-clean-plugin from 3.0.0 to 3.1.0 (#11728)

Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-clean-plugin/releases)
- [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.0.0...maven-clean-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump equalsverifier from 3.0 to 3.7.1 (#11723)

Bumps [equalsverifier](https://github.com/jqno/equalsverifier) from 3.0 to 3.7.1.
- [Release notes](https://github.com/jqno/equalsverifier/releases)
- [Changelog](https://github.com/jqno/equalsverifier/blob/main/CHANGELOG.md)
- [Commits](jqno/equalsverifier@equalsverifier-3.0...equalsverifier-3.7.1)

---
updated-dependencies:
- dependency-name: nl.jqno.equalsverifier:equalsverifier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-enforcer-plugin from 1.4.1 to 3.0.0 (#11724)

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 1.4.1 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-1.4.1...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump exec-maven-plugin from 1.6.0 to 3.0.0 (#11727)

Bumps [exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-1.6.0...exec-maven-plugin-3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-dependency-plugin from 2.8 to 3.2.0 (#11738)

Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 2.8 to 3.2.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-2.8...maven-dependency-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump validation-api from 2.0.0.Final to 2.0.1.Final (#11735)

Bumps [validation-api](https://github.com/beanvalidation/beanvalidation-api) from 2.0.0.Final to 2.0.1.Final.
- [Release notes](https://github.com/beanvalidation/beanvalidation-api/releases)
- [Commits](jakartaee/validation@2.0.0.Final...2.0.1.Final)

---
updated-dependencies:
- dependency-name: javax.validation:validation-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump hsqldb from 2.2.6 to 2.6.0 (#11737)

Bumps hsqldb from 2.2.6 to 2.6.0.

---
updated-dependencies:
- dependency-name: org.hsqldb:hsqldb
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump mockito-core from 3.10.0 to 3.12.4 (#11733)

Bumps [mockito-core](https://github.com/mockito/mockito) from 3.10.0 to 3.12.4.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.10.0...v3.12.4)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: organize dependency versions and update vulnerable jackson-databind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643

* chore(deps): Override frontend-plugin-core dependencies (#11732)

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AceDev24 pushed a commit to AceDev24/hiliaGround that referenced this issue Sep 3, 2024
…abind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643
AceDev24 pushed a commit to AceDev24/hiliaGround that referenced this issue Sep 3, 2024
* Bump swagger-codegen to 3.0.27

* Fix formatting

* Fix formatting

* chore(deps): bump jetty.version (#11722)

Bumps `jetty.version` from 9.4.27.v20200227 to 9.4.43.v20210629.

Updates `jetty-maven-plugin` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-webapp` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-continuation` from 9.4.27.v20200227 to 9.4.43.v20210629

Updates `jetty-annotations` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `websocket-server` from 9.4.27.v20200227 to 9.4.43.v20210629

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-continuation
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.websocket:websocket-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-clean-plugin from 3.0.0 to 3.1.0 (#11728)

Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-clean-plugin/releases)
- [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.0.0...maven-clean-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump equalsverifier from 3.0 to 3.7.1 (#11723)

Bumps [equalsverifier](https://github.com/jqno/equalsverifier) from 3.0 to 3.7.1.
- [Release notes](https://github.com/jqno/equalsverifier/releases)
- [Changelog](https://github.com/jqno/equalsverifier/blob/main/CHANGELOG.md)
- [Commits](jqno/equalsverifier@equalsverifier-3.0...equalsverifier-3.7.1)

---
updated-dependencies:
- dependency-name: nl.jqno.equalsverifier:equalsverifier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-enforcer-plugin from 1.4.1 to 3.0.0 (#11724)

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 1.4.1 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-1.4.1...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump exec-maven-plugin from 1.6.0 to 3.0.0 (#11727)

Bumps [exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-1.6.0...exec-maven-plugin-3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-dependency-plugin from 2.8 to 3.2.0 (#11738)

Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 2.8 to 3.2.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-2.8...maven-dependency-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump validation-api from 2.0.0.Final to 2.0.1.Final (#11735)

Bumps [validation-api](https://github.com/beanvalidation/beanvalidation-api) from 2.0.0.Final to 2.0.1.Final.
- [Release notes](https://github.com/beanvalidation/beanvalidation-api/releases)
- [Commits](jakartaee/validation@2.0.0.Final...2.0.1.Final)

---
updated-dependencies:
- dependency-name: javax.validation:validation-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump hsqldb from 2.2.6 to 2.6.0 (#11737)

Bumps hsqldb from 2.2.6 to 2.6.0.

---
updated-dependencies:
- dependency-name: org.hsqldb:hsqldb
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump mockito-core from 3.10.0 to 3.12.4 (#11733)

Bumps [mockito-core](https://github.com/mockito/mockito) from 3.10.0 to 3.12.4.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.10.0...v3.12.4)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: organize dependency versions and update vulnerable jackson-databind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643

* chore(deps): Override frontend-plugin-core dependencies (#11732)

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
date-time-config Work related to possible larger DateTimeConfig feature
Projects
None yet
Development

No branches or pull requests

3 participants