dependabot[bot] opened a new pull request, #2069: URL: https://github.com/apache/jena/pull/2069
Bumps [org.eclipse.jetty:jetty-bom](https://github.com/eclipse/jetty.project) from 10.0.17 to 12.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eclipse/jetty.project/releases";>org.eclipse.jetty:jetty-bom's releases</a>.</em></p> <blockquote> <h2>12.0.3</h2> <h1>Changelog</h1> <ul> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10794";>#10794</a> - 301 Moved Permanently produces query with <code>;</code> instead of <code>?</code></li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10779";>#10779</a> - Upgrade to xhtml-schemas 1.3 which add one more entity systemid</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10771";>#10771</a> - EE10 <code>ServletRequest.isSecure()</code> not set by <code>ForwardedRequestCustomizer</code></li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10762";>#10762</a> - Better handling of Objects in JMX MetaData</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10760";>#10760</a> - Fix Overlay of Combined Resources</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10759";>#10759</a> - Fix HTTP/3 Client handling of MAX_FIELD_SECTION_SIZE setting</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10747";>#10747</a> - Add ability to compress and skip unserializable session attributes</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10734";>#10734</a> - jakarta.websocket.Session.getRequestParameterMap() contains the value as key</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10731";>#10731</a> - org.eclipse.jetty.server.Request uses wrong context attribute name javax.servlet instead of jakarta.servlet</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10727";>#10727</a> - Fix EE10 removeAttributes</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10726";>#10726</a> - NPE in ResponseListeners content notification</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10716";>#10716</a> - Incorrect setting of content type with charset encoding before and after PrintWriter obtained</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10703";>#10703</a> - Fix race condition in <code>ArrayByteBufferPool.clear()</code></li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10699";>#10699</a> - Jetty HTTP SPI redirects SOAP POST requests to GET requests if URL does not end with /</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10688";>#10688</a> - Introduce Jetty 12 ee8 osgi layer</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10685";>#10685</a> - fix infinite recursion in server dump with Path</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10661";>#10661</a> - Ensure jetty api servlets/filters take precedence over <code>webdefault.xml</code> declarations.</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10656";>#10656</a> - EE10 <code>ServletRequest.getProtocolRequestId()</code> impl not spec compliant when protocol is H1</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10651";>#10651</a> - MutableHttpFields.asImmutable avoids copy</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10612";>#10612</a> - Fix surefire display name in surefire report and restore TestTrackerExtension in output"</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10582";>#10582</a> - NPE when including a directory that should be resolved with servlet-mapped welcome file</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10578";>#10578</a> - Jetty 12.0.x use automatic formatter for poms to have same style for every poms</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10555";>#10555</a> - Re-introduce a more complete set of stats in <code>StatisticsHandler</code></li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10477";>#10477</a> - Jetty 12: Review MBeans for Handlers</li> </ul> <h2>12.0.2</h2> <h1>Security Updates</h1> <p>This release addresses:</p> <ul> <li>CVE-2023-44487 - (in case <a href="https://redirect.github.com/github/advisory-database/issues/2869";>github/advisory-database#2869</a> isn't fixed, use top level link <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-44487";>https://nvd.nist.gov/vuln/detail/CVE-2023-44487</a>)</li> </ul> <h1>Changelog</h1> <ul> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10679";>#10679</a> - Review HTTP/2 rate control</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10672";>#10672</a> - Changed default implementation of Session.Listener.onNewStream() and …</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10618";>#10618</a> - Reduced mildly expensive HttpMethod.is calls by reordering boolean logic</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10613";>#10613</a> - Fix incorrect call to super in BufferedResponseHandler</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10563";>#10563</a> - An omnibus PR for changes needed to support webfunctions</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10558";>#10558</a> - NPE when forwarding a request to default servlet which should redirect to a subdirectory with trailing slash</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10553";>#10553</a> - Reintroduce an Exception type for invalid UTF-8</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10547";>#10547</a> - Cannot customize Executor on WebSocketClient</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10542";>#10542</a> - Added WebSocket migration documentation, pointing to existing WebSock…</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10526";>#10526</a> - do not run this in parallel as some conflicted jdni entries with ServerWithJNDITest</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10513";>#10513</a> - Lockup processing POST request body with Jetty 12.0.1 using http/2</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10508";>#10508</a> - Jetty 12 IllegalArgumentExeption when setting a HTTP header to null</li> <li><a href="https://redirect.github.com/eclipse/jetty.project/issues/10502";>#10502</a> - Introduced CompletableResponseListener</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jetty/jetty.project/commit/a873259fd5af141dedaa6c7fa8fe8fbdedce0d61";><code>a873259</code></a> Updating to version 12.0.3</li> <li><a href="https://github.com/jetty/jetty.project/commit/7be6c4b375de7cf44f71f4f7e7f1c87ed386ef9b";><code>7be6c4b</code></a> Merge pull request <a href="https://redirect.github.com/eclipse/jetty.project/issues/10800";>#10800</a> from jetty/fix/12.0.x/dependency-updates</li> <li><a href="https://github.com/jetty/jetty.project/commit/6a70a931eb6c5e1d0ad3082d9f4e17454a75fa96";><code>6a70a93</code></a> Bump weld to 5.1.2.Final</li> <li><a href="https://github.com/jetty/jetty.project/commit/65d53b3f785fe734d4f2e36bbe8ddc3dd375546b";><code>65d53b3</code></a> Bump log4j2 to 2.21.1</li> <li><a href="https://github.com/jetty/jetty.project/commit/054d3501eb4b3da8963860954b42c326e2e40de3";><code>054d350</code></a> Bump netty to 4.1.100.Final</li> <li><a href="https://github.com/jetty/jetty.project/commit/2de0140eb89d058c486b500da4724497bccb74d0";><code>2de0140</code></a> Bump grpc to 1.59.0</li> <li><a href="https://github.com/jetty/jetty.project/commit/312121199037b02f3e3b6e5d3151eafaa6ea35bd";><code>3121211</code></a> Bump hazelcast to 5.3.5</li> <li><a href="https://github.com/jetty/jetty.project/commit/10ce6fdfa3a5c879ae1132a3113fa50b51412d51";><code>10ce6fd</code></a> Bump google-guava to 32.1.3-jre</li> <li><a href="https://github.com/jetty/jetty.project/commit/e57da58b7dfb5423ed46121c7280a43b55b3ea9d";><code>e57da58</code></a> Bump google-errorprone to 2.23.0</li> <li><a href="https://github.com/jetty/jetty.project/commit/4b35c731cf8716d8efd1f7c32ef469620c5aa9de";><code>4b35c73</code></a> Bump com.fasterxml.jackson to 2.15.3</li> <li>Additional commits viewable in <a href="https://github.com/eclipse/jetty.project/compare/jetty-10.0.17...jetty-12.0.3";>compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> | Dependency Name | Ignore Conditions | | --- | --- | | org.eclipse.jetty:jetty-bom | [>= 11.a, < 12] | </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
