[jira] [Commented] (WW-5068) Update multiple Struts 2.6.x libraries / Maven build plugin versions

[ASF GitHub Bot (Jira)]

    [ 
https://issues.apache.org/jira/browse/WW-5068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17086676#comment-17086676
 ] 

ASF GitHub Bot commented on WW-5068:
------------------------------------

JCgH4164838Gh792C124B5 commented on pull request #403: Proposed WW-5068 change
URL: https://github.com/apache/struts/pull/403
 
 
   Proposed WW-5068 change.
   ------
   Proposed list of library version updates:
   ---
       cdi-api 1.0-SP4 -> 1.2
       weld-core 1.0.1-SP4 -> 2.2.16.SP1
       weld-se 1.0.1-Final -> weld-se-core 2.2.16.SP1
       htmlunit 2.27.0 and 2.37.0 -> 2.39.0
       slf4j-api 1.7.29 -> 1.7.30
       slf4j-simple 1.7.29 -> 1.7.30
       log4j2 2.12.1 - > 2.13.1
       jackson 2.10.1 -> 2.10.3
       ognl 3.2.12 -> 3.2.14
       asm 7.2 -> 7.3.1
       spring 4.3.25.RELEASE -> 4.3.26.RELEASE
       fluido-skin 1.8 -> 1.9
       freemarker 2.3.28 -> 2.3.30
       org.apache.felix.main 4.6.1 -> 6.0.3
       velocity 2.1 -> 2.2
       junit 4.12 -> 4.13
       easymock 3.5.1 -> 4.2
       javax.el 3.0.1-b10 -> 3.0.1-b11
       jstl 1.1.2 -> 1.2
       tomcat-jasper 8.5.37 -> 8.5.53
       tomcat-api 8.5.37 -> 8.5.53
       tomcat-juli 8.5.37 -> 8.5.53
       commons-lang3 3.9 -> 3.10
       assertj-core 2.9.1 -> 3.15.0
       mockito-core 2.23.0 -> 3.3.3   (required exclusion for objenesis)
       testng 5.14.10 -> 7.1.0
       juneau-marshall 7.2.2 -> 8.1.3
       validation-api 1.1.0.Final -> 2.0.1.Final
       hibernate-validator 5.4.3.Final -> 6.1.2.Final
       jaxb-impl 2.3.1 -> 2.3.2
   ---
   Proposed list of Maven plugin version updates:
   ---
       maven-project-info-reports-plugin 2.7 -> 3.0.0
       updateimpact-maven-plugin 1.0.10 -> 1.0.12
       maven-surefire-plugin 2.22.2 -> 3.0.0-M4
       jacoco-maven-plugin 0.8.4 - > 0.8.5
       maven-war-plugin 3.2.2 -> 3.2.3
       maven-bundle-plugin 3.5.0 -> 4.2.1
       maven-dependency-plugin 3.1.1 -> 3.1.2
       dependency-check-maven 5.2.4 -> 5.3.2
       maven-enforcer-plugin 3.0.0-M2 -> 3.0.0-M3
       maven-failsafe-plugin 2.22.2 -> 3.0.0-M4
       maven-site-plugin 3.8.2 -> 3.9.0
       doxia-core 1.9 -> 1.9.1
       doxia-module-markdown 1.9 -> 1.9.1
   ---
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Update multiple Struts 2.6.x libraries / Maven build plugin versions
> --------------------------------------------------------------------
>
>                 Key: WW-5068
>                 URL: https://issues.apache.org/jira/browse/WW-5068
>             Project: Struts 2
>          Issue Type: Dependency
>          Components: Build Management, Other
>    Affects Versions: 2.6
>         Environment: All
>            Reporter: James Chaplin
>            Priority: Minor
>             Fix For: 2.6
>
>
>  Hello Apache Struts Team.
> This Jira is to track proposed introduction of newer (believed to be 
> compatible) library versions for the Struts 2.6.x line, as well as newer 
> (believed to be compatible) Maven build plugin versions for the build. 
> Modifications to some pom.xml build files will be all that is required.
> As no code changes are involved, the risk should be pretty low and if 
> back-levelling is required it can take place before 2.6.x is released. If any 
> Maven build plugin version change presents an issue it can be easily reverted 
> in the PR.
> The proposed list of library version updates is:
> ------
> cdi-api 1.0-SP4 -> 1.2
>  weld-core 1.0.1-SP4 -> 2.2.16.SP1
>  weld-se 1.0.1-Final -> weld-se-core 2.2.16.SP1
>  htmlunit 2.37.0 -> 2.39.0
>  slf4j-api 1.7.29 -> 1.7.30
>  slf4j-simple 1.7.29 -> 1.7.30
> log4j2 2.12.1 - > 2.13.1
>  jackson 2.10.1 -> 2.10.3
>  ognl 3.2.12 -> 3.2.14
>  asm 7.2 -> 7.3.1
>  spring 4.3.25.RELEASE -> 4.3.26.RELEASE
>  fluido-skin 1.8 -> 1.9
>  freemarker 2.3.28 -> 2.3.30
>  org.apache.felix.main 4.6.1 -> 6.0.3
>  velocity 2.1 -> 2.2
>  junit 4.12 -> 4.13
>  easymock 3.5.1 -> 4.2
>  javax.el 3.0.1-b10 -> 3.0.1-b11
>  jstl 1.1.2 -> 1.2
>  tomcat-jasper 8.5.37 -> 8.5.53
>  tomcat-api 8.5.37 -> 8.5.53
>  tomcat-juli 8.5.37 -> 8.5.53
>  commons-lang3 3.9 -> 3.10
>  assertj-core 2.9.1 -> 3.15.0
>  mockito-core 2.23.0 -> 3.3.3
>  testng 5.14.10 -> 7.1.0
>  juneau-marshall 7.2.2 -> 8.1.3
>  validation-api 1.1.0.Final -> 2.0.1.Final
>  hibernate-validator 5.4.3.Final -> 6.1.2.Final
>  jaxb-impl 2.3.1 -> 2.3.2
>  ------
> The proposed list of Maven plugin version updates is:
> ------
>  maven-project-info-reports-plugin 2.7 -> 3.0.0
>  updateimpact-maven-plugin 1.0.10 -> 1.0.12
>  maven-surefire-plugin 2.22.2 -> 3.0.0-M4
>  jacoco-maven-plugin 0.8.4 - > 0.8.5
>  maven-war-plugin 3.2.2 -> 3.2.3
>  maven-bundle-plugin 3.5.0 -> 4.2.1
>  maven-dependency-plugin 3.1.1 -> 3.1.2
>  dependency-check-maven 5.2.4 -> 5.3.2
>  maven-enforcer-plugin 3.0.0-M2 -> 3.0.0-M3
>  maven-failsafe-plugin 2.22.2 -> 3.0.0-M4
>  maven-site-plugin 3.8.2 -> 3.9.0
>  doxia-core 1.9 -> 1.9.1
>  doxia-module-markdown 1.9 -> 1.9.1
>  ------
> A PR for this proposal should be available shortly for review.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)