-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump the maven group across 14 directories with 17 updates #12872
build(deps): bump the maven group across 14 directories with 17 updates #12872
Conversation
Bumps the maven group with 2 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core and org.apache.cxf:cxf-rt-frontend-jaxrs. Bumps the maven group with 2 updates in the /projects/async-http-client/project-parent/fuzz-targets directory: [org.asynchttpclient:async-http-client](https://github.com/AsyncHttpClient/async-http-client) and org.eclipse.jetty:jetty-server. Bumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro. Bumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common. Bumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit). Bumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server. Bumps the maven group with 1 update in the /projects/jose4j/project-parent/fuzz-targets directory: [org.bitbucket.b_c:jose4j](https://bitbucket.org/b_c/jose4j). Bumps the maven group with 1 update in the /projects/nimbus-jwt/nimbus-jwt-fuzzer directory: [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt). Bumps the maven group with 2 updates in the /projects/opencensus-java/project-parent/fuzz-targets directory: [com.google.guava:guava](https://github.com/google/guava) and [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /projects/pdfbox/project-parent/fuzz-targets directory: org.apache.pdfbox:pdfbox. Bumps the maven group with 1 update in the /projects/struts/struts2-fuzzer/fuzzer directory: org.eclipse.jetty:jetty-server. Bumps the maven group with 1 update in the /projects/xnio-api/xnio-fuzzer directory: org.jboss.xnio:xnio-api. Bumps the maven group with 1 update in the /projects/yamlbeans/project-parent/fuzz-targets directory: [com.esotericsoftware.yamlbeans:yamlbeans](https://github.com/EsotericSoftware/yamlbeans). Bumps the maven group with 1 update in the /projects/zt-zip/project-parent/fuzz-targets directory: [org.zeroturnaround:zt-zip](https://github.com/zeroturnaround/zt-zip). Updates `org.apache.cxf:cxf-core` from Fuzzing-SNAPSHOT to 3.5.8 Updates `org.apache.cxf:cxf-rt-frontend-jaxrs` from Fuzzing-SNAPSHOT to 2.6.11 Updates `org.asynchttpclient:async-http-client` from Fuzzing-SNAPSHOT to 2.0.35 - [Release notes](https://github.com/AsyncHttpClient/async-http-client/releases) - [Changelog](https://github.com/AsyncHttpClient/async-http-client/blob/main/CHANGES.md) - [Commits](https://github.com/AsyncHttpClient/async-http-client/commits/async-http-client-project-2.0.35) Updates `org.eclipse.jetty:jetty-server` from 11.0.14 to 11.0.24 Updates `org.apache.avro:avro` from Fuzzing-SNAPSHOT to 1.11.4 Updates `org.apache.hadoop:hadoop-common` from Fuzzing-SNAPSHOT to 3.4.0 Updates `org.htmlunit:htmlunit` from 2.7.0 to 3.9.0 - [Release notes](https://github.com/HtmlUnit/htmlunit/releases) - [Commits](HtmlUnit/htmlunit@HtmlUnit-2.7...3.9.0) Updates `org.eclipse.jetty:jetty-server` from Fuzzing-SNAPSHOT to 9.4.55.v20240627 Updates `org.eclipse.jetty:jetty-http` from Fuzzing-SNAPSHOT to 12.0.12 Updates `org.eclipse.jetty.http2:http2-server` from Fuzzing-SNAPSHOT to 9.4.47.v20220610 Updates `org.bitbucket.b_c:jose4j` from Fuzzing-SNAPSHOT to 0.9.4 - [Commits](https://bitbucket.org/b_c/jose4j/commits/tag/jose4j-0.9.4) Updates `com.nimbusds:nimbus-jose-jwt` from 9.30.1 to 9.37.2 - [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt) - [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.2..9.30.1) Updates `com.google.guava:guava` from 31.1-jre to 32.0.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `com.google.protobuf:protobuf-java` from 4.0.0-rc-2 to 4.29.2 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](https://github.com/protocolbuffers/protobuf/commits) Updates `org.apache.pdfbox:pdfbox` from Fuzzing-SNAPSHOT to 1.8.16 Updates `org.eclipse.jetty:jetty-server` from 9.4.51.v20230217 to 9.4.55.v20240627 Updates `org.jboss.xnio:xnio-api` from 3.8.8.Final to 3.8.14.Final Updates `com.esotericsoftware.yamlbeans:yamlbeans` from Fuzzing-SNAPSHOT to 1.17 - [Release notes](https://github.com/EsotericSoftware/yamlbeans/releases) - [Commits](https://github.com/EsotericSoftware/yamlbeans/commits/1.17) Updates `org.zeroturnaround:zt-zip` from Fuzzing-SNAPSHOT to 1.13 - [Changelog](https://github.com/zeroturnaround/zt-zip/blob/master/Changelog.txt) - [Commits](https://github.com/zeroturnaround/zt-zip/commits/zt-zip-1.13) --- updated-dependencies: - dependency-name: org.apache.cxf:cxf-core dependency-type: direct:production dependency-group: maven - dependency-name: org.apache.cxf:cxf-rt-frontend-jaxrs dependency-type: direct:production dependency-group: maven - dependency-name: org.asynchttpclient:async-http-client dependency-type: direct:production dependency-group: maven - dependency-name: org.eclipse.jetty:jetty-server dependency-type: direct:development dependency-group: maven - dependency-name: org.apache.avro:avro dependency-type: direct:development dependency-group: maven - dependency-name: org.apache.hadoop:hadoop-common dependency-type: direct:production dependency-group: maven - dependency-name: org.htmlunit:htmlunit dependency-type: direct:production dependency-group: maven - dependency-name: org.eclipse.jetty:jetty-server dependency-type: direct:production dependency-group: maven - dependency-name: org.eclipse.jetty:jetty-http dependency-type: direct:production dependency-group: maven - dependency-name: org.eclipse.jetty.http2:http2-server dependency-type: direct:development dependency-group: maven - dependency-name: org.bitbucket.b_c:jose4j dependency-type: direct:production dependency-group: maven - dependency-name: com.nimbusds:nimbus-jose-jwt dependency-type: direct:production dependency-group: maven - dependency-name: com.google.guava:guava dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: org.apache.pdfbox:pdfbox dependency-type: direct:production dependency-group: maven - dependency-name: org.eclipse.jetty:jetty-server dependency-type: direct:production dependency-group: maven - dependency-name: org.jboss.xnio:xnio-api dependency-type: direct:production dependency-group: maven - dependency-name: com.esotericsoftware.yamlbeans:yamlbeans dependency-type: direct:production dependency-group: maven - dependency-name: org.zeroturnaround:zt-zip dependency-type: direct:production dependency-group: maven ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot[bot] is a new contributor to projects/jetty. The PR must be approved by known contributors before it can be merged. The past contributors are: henryrneh, fmeum |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we prefer maintainers to do this
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
Bumps the maven group with 2 updates in the /projects/apache-cxf/project-parent/fuzz-targets directory: org.apache.cxf:cxf-core and org.apache.cxf:cxf-rt-frontend-jaxrs.
Bumps the maven group with 2 updates in the /projects/async-http-client/project-parent/fuzz-targets directory: org.asynchttpclient:async-http-client and org.eclipse.jetty:jetty-server.
Bumps the maven group with 1 update in the /projects/avro/project-parent/fuzz-targets directory: org.apache.avro:avro.
Bumps the maven group with 1 update in the /projects/hadoop/project-parent/fuzz-targets directory: org.apache.hadoop:hadoop-common.
Bumps the maven group with 1 update in the /projects/htmlunit/htmlunit-fuzzer directory: org.htmlunit:htmlunit.
Bumps the maven group with 3 updates in the /projects/jetty/project-parent/fuzz-targets directory: org.eclipse.jetty:jetty-server, org.eclipse.jetty:jetty-http and org.eclipse.jetty.http2:http2-server.
Bumps the maven group with 1 update in the /projects/jose4j/project-parent/fuzz-targets directory: org.bitbucket.b_c:jose4j.
Bumps the maven group with 1 update in the /projects/nimbus-jwt/nimbus-jwt-fuzzer directory: com.nimbusds:nimbus-jose-jwt.
Bumps the maven group with 2 updates in the /projects/opencensus-java/project-parent/fuzz-targets directory: com.google.guava:guava and com.google.protobuf:protobuf-java.
Bumps the maven group with 1 update in the /projects/pdfbox/project-parent/fuzz-targets directory: org.apache.pdfbox:pdfbox.
Bumps the maven group with 1 update in the /projects/struts/struts2-fuzzer/fuzzer directory: org.eclipse.jetty:jetty-server.
Bumps the maven group with 1 update in the /projects/xnio-api/xnio-fuzzer directory: org.jboss.xnio:xnio-api.
Bumps the maven group with 1 update in the /projects/yamlbeans/project-parent/fuzz-targets directory: com.esotericsoftware.yamlbeans:yamlbeans.
Bumps the maven group with 1 update in the /projects/zt-zip/project-parent/fuzz-targets directory: org.zeroturnaround:zt-zip.
Updates
org.apache.cxf:cxf-core
from Fuzzing-SNAPSHOT to 3.5.8Updates
org.apache.cxf:cxf-rt-frontend-jaxrs
from Fuzzing-SNAPSHOT to 2.6.11Updates
org.asynchttpclient:async-http-client
from Fuzzing-SNAPSHOT to 2.0.35Changelog
Sourced from org.asynchttpclient:async-http-client's changelog.
Commits
Updates
org.eclipse.jetty:jetty-server
from 11.0.14 to 11.0.24Updates
org.apache.avro:avro
from Fuzzing-SNAPSHOT to 1.11.4Updates
org.apache.hadoop:hadoop-common
from Fuzzing-SNAPSHOT to 3.4.0Updates
org.htmlunit:htmlunit
from 2.7.0 to 3.9.0Release notes
Sourced from org.htmlunit:htmlunit's releases.
... (truncated)
Commits
a599e36
version 3.9.0d4c1105
core-js 3.9.051f0eef
exclude commons.logging from httpcomponents65986a4
code style1587961
lib updates2a972ce
htmx 1.9.9792e845
new subproject htmlunit-cspe07ba67
fix ms driver checke015082
enable FEATURE_SECURE_PROCESSING for the MSXML XSLProcessor77aeaa8
another minor neko updateUpdates
org.eclipse.jetty:jetty-server
from Fuzzing-SNAPSHOT to 9.4.55.v20240627Updates
org.eclipse.jetty:jetty-http
from Fuzzing-SNAPSHOT to 12.0.12Updates
org.eclipse.jetty.http2:http2-server
from Fuzzing-SNAPSHOT to 9.4.47.v20220610Updates
org.bitbucket.b_c:jose4j
from Fuzzing-SNAPSHOT to 0.9.4Commits
Updates
com.nimbusds:nimbus-jose-jwt
from 9.30.1 to 9.37.2Changelog
Sourced from com.nimbusds:nimbus-jose-jwt's changelog.
... (truncated)
Commits
d91be4c
[maven-release-plugin] prepare release 9.339a277ea
[maven-release-plugin] prepare for next development iterationc695b11
Fixes the MACSigner.sign method for SecretKey instances that don't expose the...45f15d1
Updates the MACVerifier to support SecretKey instances don't expose the key m...e965e96
[maven-release-plugin] prepare release 9.348d67f6c
[maven-release-plugin] prepare for next development iterationf64e094
Makes the abstract class BaseJWEProvider public (iss #521)ad6fed3
[maven-release-plugin] prepare release 9.3581c7f24
[maven-release-plugin] prepare for next development iteration24aaaf0
Bumps jacoco-maven-plugin to 0.8.10Updates
com.google.guava:guava
from 31.1-jre to 32.0.0-jreRelease notes
Sourced from com.google.guava:guava's releases.
... (truncated)
Commits
Updates
com.google.protobuf:protobuf-java
from 4.0.0-rc-2 to 4.29.2Commits
Updates
org.apache.pdfbox:pdfbox
from Fuzzing-SNAPSHOT to 1.8.16Updates
org.eclipse.jetty:jetty-server
from 9.4.51.v20230217 to 9.4.55.v20240627Updates
org.jboss.xnio:xnio-api
from 3.8.8.Final to 3.8.14.FinalUpdates
com.esotericsoftware.yamlbeans:yamlbeans
from Fuzzing-SNAPSHOT to 1.17Commits
Updates
org.zeroturnaround:zt-zip
from Fuzzing-SNAPSHOT to 1.13Changelog
Sourced from org.zeroturnaround:zt-zip's changelog.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.