[GitHub] [cxf] eric6iese opened a new pull request, #1077: [CXF-8745] ApplicationListener on SpringBus uses WeakReference
eric6iese opened a new pull request, #1077: URL: https://github.com/apache/cxf/pull/1077 The ApplicationListener, which redirects all ApplicationEvents to the SpringBus, now uses a WeakReference to allow a GC if the SpringBus is no longer in use because it's corresponding context has been closed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #111: Bump maven-release-plugin from 3.0.0-M5 to 3.0.0-M7
coheigea merged PR #111: URL: https://github.com/apache/cxf-fediz/pull/111 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1074: Bump feign-httpclient from 10.1.0 to 12.1
reta merged PR #1074: URL: https://github.com/apache/cxf/pull/1074 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1070: Bump msv-core from 2013.6.1 to 2022.7
reta merged PR #1070: URL: https://github.com/apache/cxf/pull/1070 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1076: Bump narayana-jta-jakarta from 5.12.7.Final to 5.13.1.Final
reta merged PR #1076: URL: https://github.com/apache/cxf/pull/1076 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #115: Bump hsqldb from 2.5.2 to 2.6.1
dependabot[bot] opened a new pull request, #115: URL: https://github.com/apache/cxf-fediz/pull/115 Bumps hsqldb from 2.5.2 to 2.6.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.hsqldb:hsqldb=maven=2.5.2=2.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #114: Bump jaxb-runtime from 2.3.5 to 4.0.1
dependabot[bot] opened a new pull request, #114: URL: https://github.com/apache/cxf-fediz/pull/114 Bumps jaxb-runtime from 2.3.5 to 4.0.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.glassfish.jaxb:jaxb-runtime=maven=2.3.5=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #113: Bump maven-javadoc-plugin from 3.4.0 to 3.4.1
dependabot[bot] opened a new pull request, #113: URL: https://github.com/apache/cxf-fediz/pull/113 Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.4.0 to 3.4.1. Release notes Sourced from https://github.com/apache/maven-javadoc-plugin/releases;>maven-javadoc-plugin's releases. 3.4.1 https://issues.apache.org/jira/browse/MJAVADOC-723;>[MJAVADOC-723] - Upgrade Maven Reporting API to 3.1.1/Complete with Maven Reporting Impl 3.2.0 (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/158;>#158) https://github.com/pzygielo;>@pzygielo Skip Java 9-14 in reproducible test (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/155;>#155) https://github.com/jorsol;>@jorsol Add Integration Test for reproducible builds (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/152;>#152) https://github.com/jorsol;>@jorsol https://issues.apache.org/jira/browse/MJAVADOC-719;>[MJAVADOC-719] - Update Maven Archiver to 3.6.0 (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/150;>#150) https://github.com/jorsol;>@jorsol Dependency updates Bump assertj-core from 3.21.0 to 3.23.1 (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/143;>#143) https://github.com/dependabot;>@dependabot Bump spring-webmvc from 4.3.29.RELEASE to 5.2.21.RELEASE in /src/it/projects/MJAVADOC-434_fixcompile (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/135;>#135) https://github.com/dependabot;>@dependabot Bump mockito-core from 4.1.0 to 4.4.0 (https://github-redirect.dependabot.com/apache/maven-javadoc-plugin/issues/133;>#133) https://github.com/dependabot;>@dependabot Commits https://github.com/apache/maven-javadoc-plugin/commit/a5db96e7e16cc432d8fdea05f460f6c3fa258ba9;>a5db96e [maven-release-plugin] prepare release maven-javadoc-plugin-3.4.1 https://github.com/apache/maven-javadoc-plugin/commit/a10f0b11e89fd65d61938186ddf16fb86ded239e;>a10f0b1 [MJAVADOC-723] Upgrade Maven Reporting API to 3.1.1/Complete with Maven Repor... https://github.com/apache/maven-javadoc-plugin/commit/c19dba2fac27b75633efe3c9f905527ba2a8d4e1;>c19dba2 Skip Java 9-14 in reproducible test https://github.com/apache/maven-javadoc-plugin/commit/26d84b264b7a010783ce9373a6f6ebc33bdb0a3b;>26d84b2 Add notimestamp for reproducible builds test https://github.com/apache/maven-javadoc-plugin/commit/92ce668896a95263944ea9235dd99ad8b5c28ab5;>92ce668 Ignore Maven Core updates https://github.com/apache/maven-javadoc-plugin/commit/bacc078f88b29dbdfc4fc8e31a86717a59c4e3b6;>bacc078 Add Integration Test for reproducible builds https://github.com/apache/maven-javadoc-plugin/commit/497f80f40308ba40a30b129f44f5d537fccbb322;>497f80f [MJAVADOC-719] - Update Maven Archiver to 3.6.0 https://github.com/apache/maven-javadoc-plugin/commit/34b501d78a00fa7a222343a7d70cdf65eea6b390;>34b501d Bump assertj-core from 3.21.0 to 3.23.1 https://github.com/apache/maven-javadoc-plugin/commit/b92897088f6fcbc5ec4f3346de591eb97a1c580f;>b928970 Bump spring-webmvc in /src/it/projects/MJAVADOC-434_fixcompile https://github.com/apache/maven-javadoc-plugin/commit/4306c9201551b7cff45f13aaeeb5e17179fdeb7f;>4306c92 Bump mockito-core from 4.1.0 to 4.4.0 Additional commits viewable in https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.4.0...maven-javadoc-plugin-3.4.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-javadoc-plugin=maven=3.4.0=3.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #112: Bump maven-dependency-plugin from 3.3.0 to 3.5.0
dependabot[bot] opened a new pull request, #112: URL: https://github.com/apache/cxf-fediz/pull/112 Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.3.0 to 3.5.0. Commits https://github.com/apache/maven-dependency-plugin/commit/520f8fd6ba4a00a8a1174077d5610aa5ecae7595;>520f8fd [maven-release-plugin] prepare release maven-dependency-plugin-3.5.0 https://github.com/apache/maven-dependency-plugin/commit/4b478d61e1e78f5bddda6d1256f91c357c2561a4;>4b478d6 [MDEP-841] Explicitly start and end tables with Doxia Sinks in report renderers https://github.com/apache/maven-dependency-plugin/commit/799ff97da3130fe8dd1daf9e68405db066584080;>799ff97 [MDEP-831] Remove dependency on commons-lang3 (https://github-redirect.dependabot.com/apache/maven-dependency-plugin/issues/270;>#270) https://github.com/apache/maven-dependency-plugin/commit/68b72723d3ece966078daec13567090b17280216;>68b7272 [MDEP-837] Ignore reformat commit from git blame https://github.com/apache/maven-dependency-plugin/commit/cc082ea7d4af7db78c521d59360d261ffbc1b184;>cc082ea [MDEP-837] Reformat code after parent 38 https://github.com/apache/maven-dependency-plugin/commit/803433bccf1bb4a562d05a6662189fde91184b6d;>803433b [MDEP-837] Upgrade Parent to 38 https://github.com/apache/maven-dependency-plugin/commit/a05a2a4f5ce1e6d9053f6db9b84736e8bbc519b7;>a05a2a4 Bump junit from 4.13 to 4.13.2 in /src/it/projects/tree-verbose-small https://github.com/apache/maven-dependency-plugin/commit/ea2a668dcb21e08c69d42c2cdbcf21483fdb3c01;>ea2a668 remove unused beanutils dependency (https://github-redirect.dependabot.com/apache/maven-dependency-plugin/issues/268;>#268) https://github.com/apache/maven-dependency-plugin/commit/ea43fa6ae8b0504d12d794fdb6ff83e995f6a41a;>ea43fa6 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-dependency-plugin/commit/8fecf8a54af68c7b9cb97f90ac6b9c726e33e5ce;>8fecf8a [maven-release-plugin] prepare release maven-dependency-plugin-3.4.0 Additional commits viewable in https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.3.0...maven-dependency-plugin-3.5.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-dependency-plugin=maven=3.3.0=3.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #111: Bump maven-release-plugin from 3.0.0-M5 to 3.0.0-M7
dependabot[bot] opened a new pull request, #111: URL: https://github.com/apache/cxf-fediz/pull/111 Bumps [maven-release-plugin](https://github.com/apache/maven-release) from 3.0.0-M5 to 3.0.0-M7. Release notes Sourced from https://github.com/apache/maven-release/releases;>maven-release-plugin's releases. 3.0.0-M6 https://issues.apache.org/jira/browse/MRELEASE-1096;>[MRELEASE-1096] - Many cleanups and updates (https://github-redirect.dependabot.com/apache/maven-release/issues/132;>#132) https://github.com/nielsbasjes;>@nielsbasjes https://issues.apache.org/jira/browse/MRELEASE-1098;>[MRELEASE-1098] - Drop o.a.m.shared.release.env.ReleaseEnvironment.getL… (https://github-redirect.dependabot.com/apache/maven-release/issues/136;>#136) https://github.com/michael-o;>@michael-o New features and improvements https://issues.apache.org/jira/browse/MRELEASE-1097;>[MRELEASE-1097] - rework plugin output to clarify goal's phases (https://github-redirect.dependabot.com/apache/maven-release/issues/135;>#135) https://github.com/hboutemy;>@hboutemy https://issues.apache.org/jira/browse/MRELEASE-1091;>[MRELEASE-1091] - Use non-interactive mode for forked Maven process (https://github-redirect.dependabot.com/apache/maven-release/issues/125;>#125) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MRELEASE-1082;>[MRELEASE-1082] - configuration option for using a shallow clone (https://github-redirect.dependabot.com/apache/maven-release/issues/121;>#121) https://github.com/BigMichi1;>@BigMichi1 Bug Fixes https://issues.apache.org/jira/browse/MRELEASE-1022;>[MRELEASE-1022] - Use versions defined in release.properties when doing release:prepare (https://github-redirect.dependabot.com/apache/maven-release/issues/111;>#111) https://github.com/sleberrigaud;>@sleberrigaud Fix xsd NS (https://github-redirect.dependabot.com/apache/maven-release/issues/102;>#102) https://github.com/pzygielo;>@pzygielo Dependency updates https://issues.apache.org/jira/browse/MRELEASE-1095;>[MRELEASE-1095] - Upgrade Maven SCM to 1.13.0 (https://github-redirect.dependabot.com/apache/maven-release/issues/131;>#131) https://github.com/michael-o;>@michael-o Bump plexus-utils from 3.4.1 to 3.4.2 (https://github-redirect.dependabot.com/apache/maven-release/issues/128;>#128) https://github.com/dependabot;>@dependabot Bump slf4j-simple from 1.7.5 to 1.7.36 (https://github-redirect.dependabot.com/apache/maven-release/issues/124;>#124) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MRELEASE-1087;>[MRELEASE-1087] - Upgrade Maven to 3.2.5 (and de-plexus) (https://github-redirect.dependabot.com/apache/maven-release/issues/118;>#118) https://github.com/cstamas;>@cstamas https://issues.apache.org/jira/browse/MRELEASE-1085;>[MRELEASE-1085] - Upgrade Maven Invoker to 3.2.0 (https://github-redirect.dependabot.com/apache/maven-release/issues/117;>#117) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MRELEASE-1086;>[MRELEASE-1086] - Upgrade Parent to 36 (https://github-redirect.dependabot.com/apache/maven-release/issues/116;>#116) https://github.com/slawekjaranowski;>@slawekjaranowski Bump plexus-interpolation from 1.17 to 1.26 (https://github-redirect.dependabot.com/apache/maven-release/issues/107;>#107) https://github.com/dependabot;>@dependabot Bump maven-invoker-plugin from 3.2.0 to 3.2.2 (https://github-redirect.dependabot.com/apache/maven-release/issues/99;>#99) https://github.com/dependabot;>@dependabot Bump jdom2 from 2.0.6 to 2.0.6.1 (https://github-redirect.dependabot.com/apache/maven-release/issues/96;>#96) https://github.com/dependabot;>@dependabot Bump mrm-maven-plugin from 1.2.0 to 1.3.0 (https://github-redirect.dependabot.com/apache/maven-release/issues/95;>#95) https://github.com/dependabot;>@dependabot Maintenance https://issues.apache.org/jira/browse/MRELEASE-1088;>[MRELEASE-1088] - Remove parsing of CLI arguments (https://github-redirect.dependabot.com/apache/maven-release/issues/120;>#120) https://github.com/slawekjaranowski;>@slawekjaranowski Build add release drafter configuration (https://github-redirect.dependabot.com/apache/maven-release/issues/112;>#112) https://github.com/olamy;>@olamy Commits https://github.com/apache/maven-release/commit/b86c5f2ea136bdd540a301ddb2233f2f73b680ae;>b86c5f2 [maven-release-plugin] prepare release maven-release-3.0.0-M7 https://github.com/apache/maven-release/commit/0615a4c3b2138116a255fc2b57fcf83d76d49e68;>0615a4c [MRELEASE-1072] Reuse original tag for next development version in case trans... https://github.com/apache/maven-release/commit/951aba3843d0334fc8d6d06cda6c5540b8861b94;>951aba3 [MRELEASE-1108] Upgrade Maven SCM to 2.0.0-M3
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #93: Bump ehcache from 3.9.3 to 3.10.8
dependabot[bot] closed pull request #93: Bump ehcache from 3.9.3 to 3.10.8 URL: https://github.com/apache/cxf-fediz/pull/93 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #93: Bump ehcache from 3.9.3 to 3.10.8
dependabot[bot] commented on PR #93: URL: https://github.com/apache/cxf-fediz/pull/93#issuecomment-1398012626 OK, I won't notify you about version 3.10.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #93: Bump ehcache from 3.9.3 to 3.10.8
coheigea commented on PR #93: URL: https://github.com/apache/cxf-fediz/pull/93#issuecomment-1398012594 @dependabot ignore this minor version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #105: Bump spring.security.version from 5.6.10 to 5.8.1
dependabot[bot] commented on PR #105: URL: https://github.com/apache/cxf-fediz/pull/105#issuecomment-1398012116 OK, I won't notify you about version 5.8.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #105: Bump spring.security.version from 5.6.10 to 5.8.1
dependabot[bot] closed pull request #105: Bump spring.security.version from 5.6.10 to 5.8.1 URL: https://github.com/apache/cxf-fediz/pull/105 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #105: Bump spring.security.version from 5.6.10 to 5.8.1
coheigea commented on PR #105: URL: https://github.com/apache/cxf-fediz/pull/105#issuecomment-1398012075 @dependabot ignore this minor version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #107: Bump hsqldb from 2.5.2 to 2.7.1
dependabot[bot] commented on PR #107: URL: https://github.com/apache/cxf-fediz/pull/107#issuecomment-1398011975 OK, I won't notify you about version 2.7.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #107: Bump hsqldb from 2.5.2 to 2.7.1
dependabot[bot] closed pull request #107: Bump hsqldb from 2.5.2 to 2.7.1 URL: https://github.com/apache/cxf-fediz/pull/107 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #107: Bump hsqldb from 2.5.2 to 2.7.1
coheigea commented on PR #107: URL: https://github.com/apache/cxf-fediz/pull/107#issuecomment-1398011926 @dependabot ignore this minor version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #109: Bump maven-checkstyle-plugin from 3.1.2 to 3.2.1
coheigea merged PR #109: URL: https://github.com/apache/cxf-fediz/pull/109 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #110: Bump jackson-bom from 2.14.0 to 2.14.1
coheigea merged PR #110: URL: https://github.com/apache/cxf-fediz/pull/110 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1076: Bump narayana-jta-jakarta from 5.12.7.Final to 5.13.1.Final
dependabot[bot] opened a new pull request, #1076: URL: https://github.com/apache/cxf/pull/1076 Bumps narayana-jta-jakarta from 5.12.7.Final to 5.13.1.Final. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jboss.narayana.jta:narayana-jta-jakarta=maven=5.12.7.Final=5.13.1.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1074: Bump feign-httpclient from 10.1.0 to 12.1
reta commented on PR #1074: URL: https://github.com/apache/cxf/pull/1074#issuecomment-1397450603 @dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1075: Bump hoverfly-java from 0.14.0 to 0.14.3
reta merged PR #1075: URL: https://github.com/apache/cxf/pull/1075 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #109: Bump maven-checkstyle-plugin from 3.1.2 to 3.2.1
dependabot[bot] opened a new pull request, #109: URL: https://github.com/apache/cxf-fediz/pull/109 Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.1.2 to 3.2.1. Commits https://github.com/apache/maven-checkstyle-plugin/commit/9f6a75976c0b4b7f5d929de92ba02577f94005cf;>9f6a759 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.2.1 https://github.com/apache/maven-checkstyle-plugin/commit/932c8bcd8953e3634cf8b409e276575c0ad60d3a;>932c8bc [MCHECKSTYLE-423] Explicitly start and end tables with Doxia Sinks in report ... https://github.com/apache/maven-checkstyle-plugin/commit/746a137e5fcf7d68fa7f98c98cfa6f33a7d64e6b;>746a137 update Reproducible Builds badge link https://github.com/apache/maven-checkstyle-plugin/commit/b07adb2e51d6b016dd564893685f46b33fffe5db;>b07adb2 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-checkstyle-plugin/commit/1aaf7cb4198f3076c01309065b1d7e92213e6e1b;>1aaf7cb [maven-release-plugin] prepare release maven-checkstyle-plugin-3.2.0 https://github.com/apache/maven-checkstyle-plugin/commit/627fa4f684866a579f2c105fcc1dbf3ed776daa8;>627fa4f [MCHECKSTYLE-417] Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl t... https://github.com/apache/maven-checkstyle-plugin/commit/cbf3751a152d542715cf2b2219ab1de0850b2730;>cbf3751 [MCHECKSTYLE-418] Deprecate RSS feature and disable by default https://github.com/apache/maven-checkstyle-plugin/commit/549bf3d58a1608dedb0054fd9418efc3fcfffc33;>549bf3d [MCHECKSTYLE-419] Upgrade Parent to 37 and cleanup https://github.com/apache/maven-checkstyle-plugin/commit/171827b256a62e83e662d5e691b5f31e2b41dd00;>171827b Bump animal-sniffer-maven-plugin from 1.21 to 1.22 https://github.com/apache/maven-checkstyle-plugin/commit/a58c6379db1b86af342af5a179403e1bcc333a6b;>a58c637 Bump extra-enforcer-rules from 1.5.1 to 1.6.1 Additional commits viewable in https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.1.2...maven-checkstyle-plugin-3.2.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-checkstyle-plugin=maven=3.1.2=3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #110: Bump jackson-bom from 2.14.0 to 2.14.1
dependabot[bot] opened a new pull request, #110: URL: https://github.com/apache/cxf-fediz/pull/110 Bumps [jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.14.0 to 2.14.1. Commits https://github.com/FasterXML/jackson-bom/commit/28345e8122dd8743240b52e694397e9abb5e1983;>28345e8 [maven-release-plugin] prepare release jackson-bom-2.14.1 https://github.com/FasterXML/jackson-bom/commit/0d678d396876c15736ae69fe866e3a8881d02034;>0d678d3 ... https://github.com/FasterXML/jackson-bom/commit/04e59a53a2ccb3106de1eb5fcac29f8f8a64a3f2;>04e59a5 Merge branch '2.14' of github.com:FasterXML/jackson-bom into 2.14 https://github.com/FasterXML/jackson-bom/commit/806813dcb3f5966e91732329f85884345df42348;>806813d [maven-release-plugin] prepare release jackson-bom-2.14.1 https://github.com/FasterXML/jackson-bom/commit/2a00d4be7f00b825ae2479e515ed1d5175b0f55b;>2a00d4b Prepare for 2.14.1 release https://github.com/FasterXML/jackson-bom/commit/70c86d444379acbec2248af79364015822ecbdc8;>70c86d4 Merge pull request https://github-redirect.dependabot.com/FasterXML/jackson-bom/issues/55;>#55 from yeikel/patch-1 https://github.com/FasterXML/jackson-bom/commit/7cc42f13babbda27152a5703e5c1b2fa6966d282;>7cc42f1 docs: update readme to 2.14.0 https://github.com/FasterXML/jackson-bom/commit/6e65bddeac5cbdaefc502cb2859dff40e943e9fc;>6e65bdd back to snapshot deps https://github.com/FasterXML/jackson-bom/commit/bf3e3e63fbd9bcdcfd2209cd71f05f6630cef2fd;>bf3e3e6 [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.14.0...jackson-bom-2.14.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson:jackson-bom=maven=2.14.0=2.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1075: Bump hoverfly-java from 0.14.0 to 0.14.3
dependabot[bot] opened a new pull request, #1075: URL: https://github.com/apache/cxf/pull/1075 Bumps [hoverfly-java](https://github.com/SpectoLabs/hoverfly-java) from 0.14.0 to 0.14.3. Commits https://github.com/SpectoLabs/hoverfly-java/commit/108cb55d766cbbf4644bed7c668d7a39eaa6a9a7;>108cb55 [Gradle Release Plugin] - pre tag commit: '0.14.3'. https://github.com/SpectoLabs/hoverfly-java/commit/951e54107b4e1c98be4d9aded59b67c9dedad072;>951e541 Support for AARCH64 architecture on Linux (https://github-redirect.dependabot.com/SpectoLabs/hoverfly-java/issues/279;>#279) https://github.com/SpectoLabs/hoverfly-java/commit/20b3321a6cd60e8babc448bedf158b934c293d2a;>20b3321 https://github-redirect.dependabot.com/SpectoLabs/hoverfly-java/issues/276;>#276 update docs (https://github-redirect.dependabot.com/SpectoLabs/hoverfly-java/issues/277;>#277) https://github.com/SpectoLabs/hoverfly-java/commit/2e914b1c2275edf409c7253e75c8792b033c0bd0;>2e914b1 [Gradle Release Plugin] - new version commit: '0.14.3-SNAPSHOT'. https://github.com/SpectoLabs/hoverfly-java/commit/fac8d0f7885f5d45db3dd9921d68d880bd584732;>fac8d0f [Gradle Release Plugin] - pre tag commit: '0.14.2'. https://github.com/SpectoLabs/hoverfly-java/commit/35c2e31a66609b6e19dfec66cf027fa4598943cd;>35c2e31 skip test when running gradle release https://github.com/SpectoLabs/hoverfly-java/commit/41905c29fda867257bec1a98f32b584799572768;>41905c2 Add jenv config (https://github-redirect.dependabot.com/SpectoLabs/hoverfly-java/issues/274;>#274) https://github.com/SpectoLabs/hoverfly-java/commit/4744e6eb085f6d4f52b1c611c43325bbd84a55a5;>4744e6e Update default hoverfly ca cert (https://github-redirect.dependabot.com/SpectoLabs/hoverfly-java/issues/271;>#271) https://github.com/SpectoLabs/hoverfly-java/commit/7e56e43e1532303761dc7f26c993364f0a50a1ae;>7e56e43 Fix deserialization for matcher type enum (https://github-redirect.dependabot.com/SpectoLabs/hoverfly-java/issues/270;>#270) https://github.com/SpectoLabs/hoverfly-java/commit/9ab0bb9fa996a160f7b525097940c4724aa2edda;>9ab0bb9 Bump hoverfly to v1.3.5 Additional commits viewable in https://github.com/SpectoLabs/hoverfly-java/compare/0.14.0...0.14.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.specto:hoverfly-java=maven=0.14.0=0.14.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1074: Bump feign-httpclient from 10.1.0 to 12.1
reta commented on PR #1074: URL: https://github.com/apache/cxf/pull/1074#issuecomment-1387733636 @dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #104: Bump spring-ldap-core from 2.4.1 to 3.0.0
dependabot[bot] closed pull request #104: Bump spring-ldap-core from 2.4.1 to 3.0.0 URL: https://github.com/apache/cxf-fediz/pull/104 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #104: Bump spring-ldap-core from 2.4.1 to 3.0.0
dependabot[bot] commented on PR #104: URL: https://github.com/apache/cxf-fediz/pull/104#issuecomment-1387142543 OK, I won't notify you about version 3.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #104: Bump spring-ldap-core from 2.4.1 to 3.0.0
coheigea commented on PR #104: URL: https://github.com/apache/cxf-fediz/pull/104#issuecomment-1387142412 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #108: Bump maven-resources-plugin from 3.2.0 to 3.3.0
coheigea merged PR #108: URL: https://github.com/apache/cxf-fediz/pull/108 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1073: Bump cxf.tomcat.version from 10.1.4 to 10.1.5
reta merged PR #1073: URL: https://github.com/apache/cxf/pull/1073 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1074: Bump feign-httpclient from 10.1.0 to 12.1
dependabot[bot] opened a new pull request, #1074: URL: https://github.com/apache/cxf/pull/1074 Bumps [feign-httpclient](https://github.com/openfeign/feign) from 10.1.0 to 12.1. Release notes Sourced from https://github.com/openfeign/feign/releases;>feign-httpclient's releases. OpenFeign 12.1 What's Changed Allow usage of GET with body in java11 Module by https://github.com/f-cramer;>@f-cramer in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1819;>OpenFeign/feign#1819 Support retry cancel feature fully for AsyncFeign by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1801;>OpenFeign/feign#1801 Refactor reflective feign by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1821;>OpenFeign/feign#1821 Refactor method signature of MethodHandler.Factory.create by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1822;>OpenFeign/feign#1822 Micrometer Observations by https://github.com/marcingrzejszczak;>@marcingrzejszczak in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1760;>OpenFeign/feign#1760 Allow using SOAPEncoder constructor taking builder by https://github.com/Nicklas2751;>@Nicklas2751 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1841;>OpenFeign/feign#1841 New Contributors https://github.com/f-cramer;>@f-cramer made their first contribution in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1819;>OpenFeign/feign#1819 https://github.com/marcingrzejszczak;>@marcingrzejszczak made their first contribution in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1760;>OpenFeign/feign#1760 https://github.com/Nicklas2751;>@Nicklas2751 made their first contribution in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1841;>OpenFeign/feign#1841 Full Changelog: https://github.com/OpenFeign/feign/compare/12.0...12.1;>https://github.com/OpenFeign/feign/compare/12.0...12.1 OpenFeign 12.0 What's Changed Support kotlin coroutines by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1706;>OpenFeign/feign#1706 Refactor async feign by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1755;>OpenFeign/feign#1755 Add methodInfoResolver attribute to Coroutinebuilder by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1762;>OpenFeign/feign#1762 https://github-redirect.dependabot.com/openfeign/feign/issues/1464;>GH-1464 Add appendHeader that supports Literals by https://github.com/kdavisk6;>@kdavisk6 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1781;>OpenFeign/feign#1781 Fixes missing Content-Length header when body is empty by https://github.com/c00ler;>@c00ler in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1778;>OpenFeign/feign#1778 Implement a Regex based Check on Expressions by https://github.com/JKomoroski;>@JKomoroski in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1776;>OpenFeign/feign#1776 Create example that uses springboot by https://github.com/velo;>@velo in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1782;>OpenFeign/feign#1782 Add retry feature to async feign by https://github.com/wplong11;>@wplong11 in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1757;>OpenFeign/feign#1757 Issue https://github-redirect.dependabot.com/openfeign/feign/issues/1606;>#1606 Customize the length of the body in FeignException builder by https://github.com/coungard;>@coungard in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1767;>OpenFeign/feign#1767 Bump versions by https://github.com/velo;>@velo in https://github-redirect.dependabot.com/OpenFeign/feign/pull/1814;>OpenFeign/feign#1814 ... (truncated) Changelog Sourced from https://github.com/OpenFeign/feign/blob/master/CHANGELOG.md;>feign-httpclient's changelog. Version 11.9 OkHttpClient now implements AsyncClient Version 10.9 Configurable to disable streaming mode for Default client by verils (https://github-redirect.dependabot.com/openfeign/feign/issues/1182;>#1182) Overriding query parameter name by boggard (https://github-redirect.dependabot.com/openfeign/feign/issues/1184;>#1184) Internal feign metrics by velo: Dropwizard metrics 5 (https://github-redirect.dependabot.com/openfeign/feign/issues/1181;>#1181) Micrometer (https://github-redirect.dependabot.com/openfeign/feign/issues/1188;>#1188) Version 10.8 async feign variant supporting CompleteableFutures by motinis (https://github-redirect.dependabot.com/openfeign/feign/issues/1174;>#1174) deterministic iterations for Feign
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1073: Bump cxf.tomcat.version from 10.1.4 to 10.1.5
dependabot[bot] opened a new pull request, #1073: URL: https://github.com/apache/cxf/pull/1073 Bumps `cxf.tomcat.version` from 10.1.4 to 10.1.5. Updates `tomcat-embed-core` from 10.1.4 to 10.1.5 Updates `tomcat-jasper` from 10.1.4 to 10.1.5 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] closed pull request #1071: Bump maven-surefire-report-plugin from 3.0.0-M7 to 3.0.0-M8
dependabot[bot] closed pull request #1071: Bump maven-surefire-report-plugin from 3.0.0-M7 to 3.0.0-M8 URL: https://github.com/apache/cxf/pull/1071 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] commented on pull request #1071: Bump maven-surefire-report-plugin from 3.0.0-M7 to 3.0.0-M8
dependabot[bot] commented on PR #1071: URL: https://github.com/apache/cxf/pull/1071#issuecomment-1385419062 Looks like org.apache.maven.plugins:maven-surefire-report-plugin is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1071: Bump maven-surefire-report-plugin from 3.0.0-M7 to 3.0.0-M8
reta commented on PR #1071: URL: https://github.com/apache/cxf/pull/1071#issuecomment-1385415945 @dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1072: Bump maven-checkstyle-plugin from 3.2.0 to 3.2.1
reta merged PR #1072: URL: https://github.com/apache/cxf/pull/1072 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #108: Bump maven-resources-plugin from 3.2.0 to 3.3.0
dependabot[bot] opened a new pull request, #108: URL: https://github.com/apache/cxf-fediz/pull/108 Bumps [maven-resources-plugin](https://github.com/apache/maven-resources-plugin) from 3.2.0 to 3.3.0. Release notes Sourced from https://github.com/apache/maven-resources-plugin/releases;>maven-resources-plugin's releases. 3.3.0 Dependency updates Bump maven-filtering from 3.2.0 to 3.3.0 (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/32;>#32) https://github.com/dependabot;>@dependabot Bump plexus-utils from 3.4.1 to 3.4.2 (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/28;>#28) https://github.com/dependabot;>@dependabot Bump commons-io from 1.4 to 2.7 in /src/it/user-filters (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/18;>#18) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MRESOURCES-282;>[MRESOURCES-282] - Bump parent-pom from 34 to 36 (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/24;>#24) https://github.com/slachiewicz;>@slachiewicz Documentation updates (doc) Fix XML formatting (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/26;>#26) https://github.com/pzygielo;>@pzygielo (doc) Fix XML formatting (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/15;>#15) https://github.com/pzygielo;>@pzygielo Maintenance add release drafter (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/29;>#29) https://github.com/olamy;>@olamy https://issues.apache.org/jira/browse/MRESOURCES-277;>[MRESOURCES-277] - Update plugin (requires Maven 3.2.5+) - Java 8 (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/23;>#23) https://github.com/slachiewicz;>@slachiewicz https://issues.apache.org/jira/browse/MRESOURCES-283;>[MRESOURCES-283] - Require Java 8 and upgrade deps (https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/22;>#22) https://github.com/slachiewicz;>@slachiewicz Commits https://github.com/apache/maven-resources-plugin/commit/b47af4bf0afea71b68f3116171af922719a1c90f;>b47af4b [maven-release-plugin] prepare release maven-resources-plugin-3.3.0 https://github.com/apache/maven-resources-plugin/commit/08feaaa07acdef3ec9b1c9276fd79e89e00434d6;>08feaaa Ignore Maven Core updates https://github.com/apache/maven-resources-plugin/commit/f76c74964e6f0a87fb19be656ac7a7d070470ba8;>f76c749 Bump maven-filtering from 3.2.0 to 3.3.0 https://github.com/apache/maven-resources-plugin/commit/abf72876231c9a9026a0070dcb4ad7b1282de720;>abf7287 Merge pull request https://github-redirect.dependabot.com/apache/maven-resources-plugin/issues/29;>#29 from apache/release-drafter https://github.com/apache/maven-resources-plugin/commit/e59582b7b577b785a3902e476fc38584ae3b3f66;>e59582b Create release-drafter.yml https://github.com/apache/maven-resources-plugin/commit/34e051f3c682ca3b32e86fe30e5a6610fc9f9681;>34e051f add release drafter https://github.com/apache/maven-resources-plugin/commit/ead6580aa49b373f39cdc234e29d7e2dc7cd0d49;>ead6580 Bump plexus-utils from 3.4.1 to 3.4.2 https://github.com/apache/maven-resources-plugin/commit/fa0aa86cc1cf188fdedda63a5db1e69fdc0ba566;>fa0aa86 (doc) Fix XML formatting https://github.com/apache/maven-resources-plugin/commit/f928cedae45837aff53e1b1795f585e426596a06;>f928ced Bump commons-io from 1.4 to 2.7 in /src/it/user-filters https://github.com/apache/maven-resources-plugin/commit/38eb65ac023cb9c003764342675eb7876c063baf;>38eb65a [MRESOURCES-282] Bump parent-pom from 34 to 36 Additional commits viewable in https://github.com/apache/maven-resources-plugin/compare/maven-resources-plugin-3.2.0...maven-resources-plugin-3.3.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-resources-plugin=maven=3.2.0=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -
[GitHub] [cxf-fediz] coheigea merged pull request #106: Bump tomcat.version from 9.0.70 to 9.0.71
coheigea merged PR #106: URL: https://github.com/apache/cxf-fediz/pull/106 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1072: Bump maven-checkstyle-plugin from 3.2.0 to 3.2.1
dependabot[bot] opened a new pull request, #1072: URL: https://github.com/apache/cxf/pull/1072 Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.2.0 to 3.2.1. Commits https://github.com/apache/maven-checkstyle-plugin/commit/9f6a75976c0b4b7f5d929de92ba02577f94005cf;>9f6a759 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.2.1 https://github.com/apache/maven-checkstyle-plugin/commit/932c8bcd8953e3634cf8b409e276575c0ad60d3a;>932c8bc [MCHECKSTYLE-423] Explicitly start and end tables with Doxia Sinks in report ... https://github.com/apache/maven-checkstyle-plugin/commit/746a137e5fcf7d68fa7f98c98cfa6f33a7d64e6b;>746a137 update Reproducible Builds badge link https://github.com/apache/maven-checkstyle-plugin/commit/b07adb2e51d6b016dd564893685f46b33fffe5db;>b07adb2 [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.2.0...maven-checkstyle-plugin-3.2.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-checkstyle-plugin=maven=3.2.0=3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1069: Bump hsqldb from 2.6.1 to 2.7.1
reta merged PR #1069: URL: https://github.com/apache/cxf/pull/1069 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1068: Update maven-surefire-plugin to 3.0.0-M8
reta merged PR #1068: URL: https://github.com/apache/cxf/pull/1068 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #107: Bump hsqldb from 2.5.2 to 2.7.1
dependabot[bot] opened a new pull request, #107: URL: https://github.com/apache/cxf-fediz/pull/107 Bumps hsqldb from 2.5.2 to 2.7.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.hsqldb:hsqldb=maven=2.5.2=2.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #106: Bump tomcat.version from 9.0.70 to 9.0.71
dependabot[bot] opened a new pull request, #106: URL: https://github.com/apache/cxf-fediz/pull/106 Bumps `tomcat.version` from 9.0.70 to 9.0.71. Updates `tomcat-catalina` from 9.0.70 to 9.0.71 Updates `tomcat-embed-core` from 9.0.70 to 9.0.71 Updates `tomcat-embed-jasper` from 9.0.70 to 9.0.71 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #105: Bump spring.security.version from 5.6.10 to 5.8.1
dependabot[bot] opened a new pull request, #105: URL: https://github.com/apache/cxf-fediz/pull/105 Bumps `spring.security.version` from 5.6.10 to 5.8.1. Updates `spring-security-web` from 5.6.10 to 5.8.1 Release notes Sourced from https://github.com/spring-projects/spring-security/releases;>spring-security-web's releases. 5.8.1 :star: New Features Add EnableWebSecurity migration steps to 5.8 guide https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12334;>#12334 Replace deprecated set-state set-output GitHub Action's commands https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12298;>#12298 :beetle: Bug Fixes codes in spring security docs fail to work https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11396;>#11396 DefaultLdapAuthoritiesPopulator throws NullPointerException https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12408;>#12408 Fix AuthorizationFilter diagram in docs https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12286;>#12286 Fix password encoder migration guide https://github-redirect.dependabot.com/spring-projects/spring-security/pull/12318;>#12318 Fix typo https://github-redirect.dependabot.com/spring-projects/spring-security/pull/12316;>#12316 Incorrect Javadoc for class ExpressionAuthorizationDecision https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12411;>#12411 Incorrect sample code in securityMatcher migration docs https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12296;>#12296 SecurityContextHolderFilter does not apply to async dispatch https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11962;>#11962 :hammer: Dependency Upgrades Update httpclient to 4.5.14 https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12403;>#12403 Update io.projectreactor to 2020.0.26 https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12401;>#12401 Update mockk to 1.13.3 https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12400;>#12400 Update org.eclipse.jetty to 9.4.50.v20221201 https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12404;>#12404 Update org.jetbrains.kotlin to 1.7.22 https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12405;>#12405 Update reactor-netty to 1.0.26 https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12402;>#12402 :heart: Contributors We'd like to thank all the contributors who worked on this release! https://github.com/heowc;>@heowc https://github.com/mschneid;>@mschneid 5.8.0 :star: New Features Add Kotlin example showing integration with WebTestClient https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11611;>#11611 Add MethodExpressionAuthorizationManager https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11502;>#11502 Add Polish localization to error messages from ExceptionTranslationFi… https://github-redirect.dependabot.com/spring-projects/spring-security/pull/12201;>#12201 Add support AuthorizationManager + https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11503;>#11503 AnonymousAuthenticationFilter should cache its Supplier https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11900;>#11900 CookieServerCsrfTokenRepository doesn't support setting MaxAge https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11441;>#11441 DefaultFilterChainValidator should check AuthorizationFilter https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11473;>#11473 Deprecate Resource Owner Password Credentials grant https://github-redirect.dependabot.com/spring-projects/spring-security/issues/11591;>#11591 Document Configure Default CsrfToken BREACH Protection https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12107;>#12107 Document Defer load CsrfToken https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12105;>#12105 Document DelegatingSecurityContextRepository https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12069;>#12069 Document deprecations in oauth2-client https://github-redirect.dependabot.com/spring-projects/spring-security/pull/12193;>#12193 Document how to opt-in for SHA256 in RememberMe https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12097;>#12097 Document how to use the new requestMatchers and securityMatchers https://github-redirect.dependabot.com/spring-projects/spring-security/issues/12100;>#12100 ... (truncated) Commits
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #104: Bump spring-ldap-core from 2.4.1 to 3.0.0
dependabot[bot] opened a new pull request, #104: URL: https://github.com/apache/cxf-fediz/pull/104 Bumps [spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 2.4.1 to 3.0.0. Release notes Sourced from https://github.com/spring-projects/spring-ldap/releases;>spring-ldap-core's releases. 3.0.0 :hammer: Dependency Upgrades Update jackson-bom to 2.14.0 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/718;>#718 Update to Spring Framework 6.0.0 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/716;>#716 3.0.0-RC1 :hammer: Dependency Upgrades Update to Spring Security 6.0.0-M7 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/713;>#713 Update to Mockito 4.8.0 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/712;>#712 Update to Hibernate 5.6.12 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/711;>#711 Update to UnboundId LdapSDK 6.0.6 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/710;>#710 Update to Logback 1.4.4 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/709;>#709 Update to JUnit 5.9.1 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/708;>#708 Update to Spring Data 2022.0.0-M6 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/707;>#707 Update to Spring Framework 6.0.0-RC1 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/706;>#706 3.0.0-M4 :star: New Features Add Native RuntimeHints for Core classes https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/699;>#699 :hammer: Dependency Upgrades Update to Spring Security 6.0 M6 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/704;>#704 Update to Jackson 2.13.4 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/703;>#703 Update to Spring Framework 6.0 M6 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/702;>#702 3.0.0-M3 :star: New Features Add support to return a Java 8 Stream from LdapTemplate https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/586;>#586 :beetle: Bug Fixes Wrong Project Information in Maven POM (2.4.0) https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/659;>#659 :hammer: Dependency Upgrades Update to Easymock 4.3 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/693;>#693 Remove Activation Dependency https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/692;>#692 Update to Commons Pool 1.6 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/691;>#691 Update to Commons CLI 1.5.0 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/690;>#690 Update to AspectJ 1.9.9.1 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/689;>#689 Update to Hibernate Jakarta 5.6.10.Final https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/688;>#688 Update to AssertJ 3.23.1 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/687;>#687 Update to Mockito 4.6.1 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/686;>#686 Update to HDQLDB 5.7.0 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/685;>#685 Update to Freemarker 2.3.31 https://github-redirect.dependabot.com/spring-projects/spring-ldap/issues/684;>#684 ... (truncated) Commits https://github.com/spring-projects/spring-ldap/commit/b4cf3992e56e2fc8ecfa8578c717b5bd5d7c83b6;>b4cf399 Release 3.0.0 https://github.com/spring-projects/spring-ldap/commit/e507b57b1b6da234070d3fc4e05a96a310101676;>e507b57 Revert to released versions https://github.com/spring-projects/spring-ldap/commit/972fc259d344823b13213189406d6472e6466ddc;>972fc25 Update jackson-bom to 2.14.0 https://github.com/spring-projects/spring-ldap/commit/859a9426aca37f0b10814f09c26ee8889e2d602a;>859a942 Update Spring Framework to 6.0.0 https://github.com/spring-projects/spring-ldap/commit/242ade017eca974a7968cd53723424ecee10cc8c;>242ade0 Update to Spring Framework 6.0 SNAPSHOT https://github.com/spring-projects/spring-ldap/commit/bd25a05c522e27f65dc4718218c63a2067f0595a;>bd25a05 Next Development Version https://github.com/spring-projects/spring-ldap/commit/6a6fe544598516c01c1b155ab54f90bb0f18248b;>6a6fe54 Release 3.0.0-RC1 https://github.com/spring-projects/spring-ldap/commit/9013489afcfaaa22675a42f8d85b28f9ee5fffcc;>9013489 Update to Spring Security 6.0.0-M7 https://github.com/spring-projects/spring-ldap/commit/613e7a893a258a69de2b9836870e8ff1d2e65d7c;>613e7a8 Update to Mockito 4.8.0
[GitHub] [cxf-fediz] coheigea commented on pull request #92: Bump jakarta.annotation-api from 1.3.5 to 2.1.1
coheigea commented on PR #92: URL: https://github.com/apache/cxf-fediz/pull/92#issuecomment-1383543348 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #92: Bump jakarta.annotation-api from 1.3.5 to 2.1.1
dependabot[bot] commented on PR #92: URL: https://github.com/apache/cxf-fediz/pull/92#issuecomment-1383543384 OK, I won't notify you about version 2.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #92: Bump jakarta.annotation-api from 1.3.5 to 2.1.1
dependabot[bot] closed pull request #92: Bump jakarta.annotation-api from 1.3.5 to 2.1.1 URL: https://github.com/apache/cxf-fediz/pull/92 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #99: Bump javax.servlet-api from 3.1.0 to 4.0.1
coheigea merged PR #99: URL: https://github.com/apache/cxf-fediz/pull/99 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #102: Bump apache-rat-plugin from 0.12 to 0.15
coheigea merged PR #102: URL: https://github.com/apache/cxf-fediz/pull/102 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #103: Bump keytool-maven-plugin from 1.5 to 1.6
coheigea merged PR #103: URL: https://github.com/apache/cxf-fediz/pull/103 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1070: Bump msv-core from 2013.6.1 to 2022.7
dependabot[bot] opened a new pull request, #1070: URL: https://github.com/apache/cxf/pull/1070 Bumps msv-core from 2013.6.1 to 2022.7. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=net.java.dev.msv:msv-core=maven=2013.6.1=2022.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1071: Bump maven-surefire-report-plugin from 3.0.0-M7 to 3.0.0-M8
dependabot[bot] opened a new pull request, #1071: URL: https://github.com/apache/cxf/pull/1071 Bumps [maven-surefire-report-plugin](https://github.com/apache/maven-surefire) from 3.0.0-M7 to 3.0.0-M8. Commits https://github.com/apache/maven-surefire/commit/54dfdc194d60b11d26943fed09027ddeec9a4c79;>54dfdc1 [maven-release-plugin] prepare release surefire-3.0.0-M8 https://github.com/apache/maven-surefire/commit/c068b121a556028b45632f04dd310e582623487d;>c068b12 [SUREFIRE-2109] Add suffix derived from current user to Surefire temp directo... https://github.com/apache/maven-surefire/commit/0097a41879983b4790299ce1663edd669f321400;>0097a41 [SUREFIRE-1962] Unit test for ProviderInfo#isApplicable https://github.com/apache/maven-surefire/commit/d3dafe4d36b6dd981c399dd816111762213186f3;>d3dafe4 [SUREFIRE-2138] Update JUnit4/JUnit5 versions in ITs https://github.com/apache/maven-surefire/commit/dd707721590b20443cb5aa2395cc736919d18b42;>dd70772 [SUREFIRE-2138] Update JUnit4/JUnit5 versions in docs https://github.com/apache/maven-surefire/commit/6420f7c34e74eafbc0097c70ef860f399a89f4fa;>6420f7c [SUREFIRE-2137] Run JUnitPlatform ITs with latest 5.8.x/5.9.x as well https://github.com/apache/maven-surefire/commit/348bfa119650533cf143137c03bc1e01289bd017;>348bfa1 Disable build on Windows by Jenkins https://github.com/apache/maven-surefire/commit/0c35f44c93c911ac04cc8e9b81e0794aae019796;>0c35f44 [SUREFIRE-2139] Replace EOL JDK18 with JDK19 in build https://github.com/apache/maven-surefire/commit/adfb7f5ce38ff40e45515dfa6c7d960d4a027a6e;>adfb7f5 [SUREFIRE-2139] Raise plexus-java to 1.1.2 for full Java 19 bytecode support https://github.com/apache/maven-surefire/commit/4f4ac976181e4f9303acf6476884544218f03e2e;>4f4ac97 [SUREFIRE-2117] Include package + outer classes in XML report of https://github.com/Nested;>@Nested Additional commits viewable in https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M7...surefire-3.0.0-M8;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-surefire-report-plugin=maven=3.0.0-M7=3.0.0-M8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1069: Bump hsqldb from 2.6.1 to 2.7.1
dependabot[bot] opened a new pull request, #1069: URL: https://github.com/apache/cxf/pull/1069 Bumps hsqldb from 2.6.1 to 2.7.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.hsqldb:hsqldb=maven=2.6.1=2.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta opened a new pull request, #1068: Update maven-surefire-plugin to 3.0.0-M8
reta opened a new pull request, #1068: URL: https://github.com/apache/cxf/pull/1068 Update maven-surefire-plugin to 3.0.0-M8 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1065: Bump plexus-archiver from 4.2.0 to 4.6.1
reta merged PR #1065: URL: https://github.com/apache/cxf/pull/1065 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1061: Bump arquillian-weld-embedded from 3.0.0.Final to 3.0.2.Final
reta commented on PR #1061: URL: https://github.com/apache/cxf/pull/1061#issuecomment-1382854581 @dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] closed pull request #1055: Bump wiremock-maven-plugin from 4.4.0 to 7.3.0
dependabot[bot] closed pull request #1055: Bump wiremock-maven-plugin from 4.4.0 to 7.3.0 URL: https://github.com/apache/cxf/pull/1055 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] commented on pull request #1055: Bump wiremock-maven-plugin from 4.4.0 to 7.3.0
dependabot[bot] commented on PR #1055: URL: https://github.com/apache/cxf/pull/1055#issuecomment-1382815443 Looks like uk.co.automatictester:wiremock-maven-plugin is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1056: CXF-8758: Migration path for Wiremock (Jetty 11/JakartaEE)
reta merged PR #1056: URL: https://github.com/apache/cxf/pull/1056 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1067: Bump testng from 7.6.1 to 7.7.1
reta merged PR #1067: URL: https://github.com/apache/cxf/pull/1067 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #103: Bump keytool-maven-plugin from 1.5 to 1.6
dependabot[bot] opened a new pull request, #103: URL: https://github.com/apache/cxf-fediz/pull/103 Bumps [keytool-maven-plugin](https://github.com/mojohaus/keytool) from 1.5 to 1.6. Release notes Sourced from https://github.com/mojohaus/keytool/releases;>keytool-maven-plugin's releases. 1.6 New features and improvements https://github-redirect.dependabot.com/mojohaus/keytool/issues/11;>#11 mark Mojos threadsafe. (https://github-redirect.dependabot.com/mojohaus/keytool/issues/39;>#39) https://github.com/bmarwell;>@bmarwell Allow multiple ext to be specified for GenerateKeyPairMojo, GenerateCertificateRequestMojo, and GenerateCertificateMojo (https://github-redirect.dependabot.com/mojohaus/keytool/issues/16;>#16) https://github.com/adamretter;>@adamretter setup release drafter, dependabot and gh ci action (https://github-redirect.dependabot.com/mojohaus/keytool/issues/17;>#17) https://github.com/olamy;>@olamy Support parent directory creation for certificates operations (https://github-redirect.dependabot.com/mojohaus/keytool/issues/10;>#10) https://github.com/Hugal31;>@Hugal31 add ext-support for certreq (https://github-redirect.dependabot.com/mojohaus/keytool/issues/13;>#13) https://github.com/magilus;>@magilus Support repeated -ext args in keytool-api (https://github-redirect.dependabot.com/mojohaus/keytool/issues/8;>#8) https://github.com/jfallows;>@jfallows Configure site deploy to gh-pages (https://github-redirect.dependabot.com/mojohaus/keytool/issues/4;>#4) https://github.com/tchemit;>@tchemit Dependency updates Bump maven-site-plugin from 3.11.0 to 3.12.0 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/34;>#34) https://github.com/dependabot;>@dependabot Bump actions/setup-java from 2 to 3 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/32;>#32) https://github.com/dependabot;>@dependabot Bump mojo-parent from 65 to 67 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/31;>#31) https://github.com/dependabot;>@dependabot Bump mavenVersion from 2.1.0 to 2.2.1 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/29;>#29) https://github.com/dependabot;>@dependabot Bump maven-shared-utils from 0.5 to 3.3.4 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/28;>#28) https://github.com/dependabot;>@dependabot Bump plexus-utils from 3.0.1 to 3.4.1 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/20;>#20) https://github.com/dependabot;>@dependabot Bump plexus-container-default from 1.0-alpha-9-stable-1 to 2.1.1 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/19;>#19) https://github.com/dependabot;>@dependabot Bump maven-site-plugin from 3.4 to 3.11.0 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/27;>#27) https://github.com/dependabot;>@dependabot Bump plexus-component-annotations from 1.5.5 to 2.1.1 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/24;>#24) https://github.com/dependabot;>@dependabot Bump mojo-parent from 33 to 65 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/26;>#26) https://github.com/dependabot;>@dependabot Bump plexus-component-metadata from 1.5.5 to 2.1.1 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/22;>#22) https://github.com/dependabot;>@dependabot Bump maven-scm-publish-plugin from 1.1 to 3.1.0 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/23;>#23) https://github.com/dependabot;>@dependabot Bump maven-invoker-plugin from 1.8 to 3.2.2 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/21;>#21) https://github.com/dependabot;>@dependabot Bump actions/checkout from 2 to 3 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/18;>#18) https://github.com/dependabot;>@dependabot Documentation updates https://github-redirect.dependabot.com/mojohaus/keytool/issues/37;>#37 add README.adoc. (https://github-redirect.dependabot.com/mojohaus/keytool/issues/38;>#38) https://github.com/bmarwell;>@bmarwell Fix typo in all examples (https://github-redirect.dependabot.com/mojohaus/keytool/issues/5;>#5) https://github.com/csabapalfi;>@csabapalfi Maintenance https://github-redirect.dependabot.com/mojohaus/keytool/issues/40;>#40 CI update, builds with IBM Semeru and Java 11, 17 (https://github-redirect.dependabot.com/mojohaus/keytool/issues/41;>#41) https://github.com/bmarwell;>@bmarwell use https (https://github-redirect.dependabot.com/mojohaus/keytool/issues/33;>#33) https://github.com/olamy;>@olamy Build https://github-redirect.dependabot.com/mojohaus/keytool/issues/43;>#43 Java 17 requires keyalg argument for generateKeyPair. (https://github-redirect.dependabot.com/mojohaus/keytool/issues/44;>#44) https://github.com/bmarwell;>@bmarwell
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #102: Bump apache-rat-plugin from 0.12 to 0.15
dependabot[bot] opened a new pull request, #102: URL: https://github.com/apache/cxf-fediz/pull/102 Bumps apache-rat-plugin from 0.12 to 0.15. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.rat:apache-rat-plugin=maven=0.12=0.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1067: Bump testng from 7.6.1 to 7.7.1
reta commented on PR #1067: URL: https://github.com/apache/cxf/pull/1067#issuecomment-1381205455 https://github.com/dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #100: Bump bval-jsr from 2.0.5 to 2.0.6
coheigea merged PR #100: URL: https://github.com/apache/cxf-fediz/pull/100 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #101: Bump checkstyle from 8.41 to 8.45.1
dependabot[bot] closed pull request #101: Bump checkstyle from 8.41 to 8.45.1 URL: https://github.com/apache/cxf-fediz/pull/101 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #101: Bump checkstyle from 8.41 to 8.45.1
coheigea commented on PR #101: URL: https://github.com/apache/cxf-fediz/pull/101#issuecomment-1380732263 @dependabot ignore this dependency -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #101: Bump checkstyle from 8.41 to 8.45.1
dependabot[bot] commented on PR #101: URL: https://github.com/apache/cxf-fediz/pull/101#issuecomment-1380732332 OK, I won't notify you about com.puppycrawl.tools:checkstyle again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1067: Bump testng from 7.6.1 to 7.7.1
reta commented on PR #1067: URL: https://github.com/apache/cxf/pull/1067#issuecomment-1380298359 @dependabot recreate -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] commented on pull request #1067: Bump testng from 7.6.1 to 7.7.1
dependabot[bot] commented on PR #1067: URL: https://github.com/apache/cxf/pull/1067#issuecomment-1380297438 Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request `@dependabot recreate`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1067: Bump testng from 7.6.1 to 7.7.1
reta commented on PR #1067: URL: https://github.com/apache/cxf/pull/1067#issuecomment-1380297411 @dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #101: Bump checkstyle from 8.41 to 8.45.1
dependabot[bot] opened a new pull request, #101: URL: https://github.com/apache/cxf-fediz/pull/101 Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 8.41 to 8.45.1. Release notes Sourced from https://github.com/checkstyle/checkstyle/releases;>checkstyle's releases. checkstyle-8.45.1 https://checkstyle.org/releasenotes.html#Release_8.45.1;>https://checkstyle.org/releasenotes.html#Release_8.45.1 checkstyle-8.45 https://checkstyle.org/releasenotes.html#Release_8.45;>https://checkstyle.org/releasenotes.html#Release_8.45 checkstyle-8.44 https://checkstyle.org/releasenotes.html#Release_8.44;>https://checkstyle.org/releasenotes.html#Release_8.44 checkstyle-8.43 https://checkstyle.org/releasenotes.html#Release_8.43;>https://checkstyle.org/releasenotes.html#Release_8.43 checkstyle-8.42 https://checkstyle.org/releasenotes.html#Release_8.42;>https://checkstyle.org/releasenotes.html#Release_8.42 checkstyle-8.41.1 https://checkstyle.org/releasenotes.html#Release_8.41.1;>https://checkstyle.org/releasenotes.html#Release_8.41.1 Commits https://github.com/checkstyle/checkstyle/commit/005fba53352456515cfdcdf5dcd3dea351661f2b;>005fba5 [maven-release-plugin] prepare release checkstyle-8.45.1 https://github.com/checkstyle/checkstyle/commit/8626ae0aedfbd711082e9c6e35233fa02eb2a682;>8626ae0 doc: release notes 8.45.1 https://github.com/checkstyle/checkstyle/commit/95533610e16e9c2ff45cf4268fdb48627168e95d;>9553361 config: update to 8.45.1-SNAPSHOT https://github.com/checkstyle/checkstyle/commit/fe1ee0dcadc723131bd8492f5ecab36730d88e66;>fe1ee0d Issue https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10548;>#10548: Migrate to Inline Config Parser in ArrayTrailingCommaCheckTest https://github.com/checkstyle/checkstyle/commit/f3d1b92ff49f306d2ca14423cebab096abc4a533;>f3d1b92 Issue https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10559;>#10559: Update inputs for FinalParametersCheckTest https://github.com/checkstyle/checkstyle/commit/a1338ac27808b566fbe2889251ff45d3163bce2e;>a1338ac Issue https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10562;>#10562: Update inputs for OuterTypeFilenameCheckTest https://github.com/checkstyle/checkstyle/commit/c350a32d5a89f7e5b02b96dbf51fa348f75c0b42;>c350a32 Issue https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10558;>#10558: Update inputs for DescendantTokenCheckTest https://github.com/checkstyle/checkstyle/commit/c58a869938df120c0fad9aac8a7199383a26c7d9;>c58a869 Issue https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10544;>#10544: Update inputs for RecordTypeParameterNameCheckTest https://github.com/checkstyle/checkstyle/commit/8dd7a39b3c5984d3c176d3afc342d411cf65681b;>8dd7a39 Issue https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10543;>#10543: Update inputs for RecordComponentNameCheckTest https://github.com/checkstyle/checkstyle/commit/1ecc59de97487267c9195429d31943d85fe35375;>1ecc59d supplemental: Convert from Todo check to better MatchXpath check(https://github-redirect.dependabot.com/checkstyle/checkstyle/issues/10107;>#10107) Additional commits viewable in https://github.com/checkstyle/checkstyle/compare/checkstyle-8.41...checkstyle-8.45.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.puppycrawl.tools:checkstyle=maven=8.41=8.45.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #100: Bump bval-jsr from 2.0.5 to 2.0.6
dependabot[bot] opened a new pull request, #100: URL: https://github.com/apache/cxf-fediz/pull/100 Bumps bval-jsr from 2.0.5 to 2.0.6. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.bval:bval-jsr=maven=2.0.5=2.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #99: Bump javax.servlet-api from 3.1.0 to 4.0.1
dependabot[bot] opened a new pull request, #99: URL: https://github.com/apache/cxf-fediz/pull/99 Bumps [javax.servlet-api](https://github.com/javaee/servlet-spec) from 3.1.0 to 4.0.1. Commits https://github.com/javaee/servlet-spec/commit/5574e9b39d806120ac4d3539826a75b2cea0165a;>5574e9b [maven-release-plugin] prepare release 4.0.1 https://github.com/javaee/servlet-spec/commit/6430adae88c7be1c4d750adee995c221bc39ebbc;>6430ada Update pom with latest copyright plugin version https://github.com/javaee/servlet-spec/commit/7265df0dca6923b5d925ec1f85850e2f58f65b9b;>7265df0 Copyright changes. (https://github-redirect.dependabot.com/javaee/servlet-spec/issues/192;>#192) https://github.com/javaee/servlet-spec/commit/9a27193187705844371446cc15c3bfdcc96eee61;>9a27193 [maven-release-plugin] prepare for next development iteration https://github.com/javaee/servlet-spec/commit/ef2740a68cefc1abd70860d26a6eb450bde8dd16;>ef2740a [maven-release-plugin] prepare release 4.0.0 https://github.com/javaee/servlet-spec/commit/62e5c3981993ac5683111a02e3197006a5d6efa6;>62e5c39 update the version to 4.0.0-SNAPSHOT https://github.com/javaee/servlet-spec/commit/10f86f36c02e6fec8cf55c180ba967959fe25703;>10f86f3 Update Bundle-License MANIFEST.MF property https://github.com/javaee/servlet-spec/commit/779f3245062a4e1f04a428550612641383c30418;>779f324 fix typo in skip test https://github.com/javaee/servlet-spec/commit/8ecb128589a8f2432cbe98448aaa6dfa7796c20d;>8ecb128 Remove watermark, and add preposition where needed https://github.com/javaee/servlet-spec/commit/8c36bee945b8b2f713be32ef5d5856c03d26d755;>8c36bee Fix typo. Insert preposition to after corresponding as necessary. Additional commits viewable in https://github.com/javaee/servlet-spec/compare/3.1.0...4.0.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=javax.servlet:javax.servlet-api=maven=3.1.0=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #90: Bump maven-pmd-plugin from 3.14.0 to 3.19.0
dependabot[bot] commented on PR #90: URL: https://github.com/apache/cxf-fediz/pull/90#issuecomment-1380099833 OK, I won't notify you about org.apache.maven.plugins:maven-pmd-plugin again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #90: Bump maven-pmd-plugin from 3.14.0 to 3.19.0
dependabot[bot] closed pull request #90: Bump maven-pmd-plugin from 3.14.0 to 3.19.0 URL: https://github.com/apache/cxf-fediz/pull/90 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #90: Bump maven-pmd-plugin from 3.14.0 to 3.19.0
coheigea commented on PR #90: URL: https://github.com/apache/cxf-fediz/pull/90#issuecomment-1380099784 @dependabot ignore this dependency -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #97: Bump maven-assembly-plugin from 3.3.0 to 3.4.2
coheigea merged PR #97: URL: https://github.com/apache/cxf-fediz/pull/97 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #98: Bump spring.version from 5.3.24 to 5.3.25
coheigea merged PR #98: URL: https://github.com/apache/cxf-fediz/pull/98 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1067: Bump testng from 7.6.1 to 7.7.1
dependabot[bot] opened a new pull request, #1067: URL: https://github.com/apache/cxf/pull/1067 Bumps [testng](https://github.com/cbeust/testng) from 7.6.1 to 7.7.1. Release notes Sourced from https://github.com/cbeust/testng/releases;>testng's releases. TestNG v7.7.1 What's Changed Streamline overloaded assertion methods for Groovy by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2858;>cbeust/testng#2858 Full Changelog: https://github.com/cbeust/testng/compare/7.7.0...7.7.1;>https://github.com/cbeust/testng/compare/7.7.0...7.7.1 TestNG v7.7.0 What's Changed Replace FindBugs by SpotBugs by https://github.com/gruenich;>@gruenich in https://github-redirect.dependabot.com/cbeust/testng/pull/2781;>cbeust/testng#2781 Gradle: Drop forUseAtConfigurationTime() by https://github.com/gruenich;>@gruenich in https://github-redirect.dependabot.com/cbeust/testng/pull/2783;>cbeust/testng#2783 Added ability to provide custom message to assertThrows\expectThrows methods by https://github.com/anatolyuzhakov;>@anatolyuzhakov in https://github-redirect.dependabot.com/cbeust/testng/pull/2793;>cbeust/testng#2793 Fix issue 2801 - Only resolve hostname once by https://github.com/spkrka;>@spkrka in https://github-redirect.dependabot.com/cbeust/testng/pull/2802;>cbeust/testng#2802 [SECURITY] Fix Zip Slip Vulnerability by https://github.com/JLLeitschuh;>@JLLeitschuh in https://github-redirect.dependabot.com/cbeust/testng/pull/2806;>cbeust/testng#2806 GITHUB-2807 - Failsafe buildStackTrace by https://github.com/seregamorph;>@seregamorph in https://github-redirect.dependabot.com/cbeust/testng/pull/2808;>cbeust/testng#2808 Prevent overlogging of debug msgs in Graph impl by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2813;>cbeust/testng#2813 Streamline dataprovider invoking in abstract classes by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2814;>cbeust/testng#2814 Streamline TestResult due to expectedExceptions by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2815;>cbeust/testng#2815 Unexpected test runs count with retry analyzer by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2816;>cbeust/testng#2816 Make PackageUtils compliant with JPMS by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2817;>cbeust/testng#2817 Ability to retry a data provider during failures by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2820;>cbeust/testng#2820 Refactoring by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2821;>cbeust/testng#2821 Fixing bug with DataProvider retry by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2822;>cbeust/testng#2822 Add config key for callback discrepancy behavior by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2823;>cbeust/testng#2823 Upgrading versions by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2824;>cbeust/testng#2824 Fix https://github-redirect.dependabot.com/cbeust/testng/issues/2770;>#2770: FileAlreadyExistsException on copy by https://github.com/melloware;>@melloware in https://github-redirect.dependabot.com/cbeust/testng/pull/2827;>cbeust/testng#2827 JarFileUtils.delete(File f) throw actual exception (instead of FileNotFound) when file cannot be deleted https://github-redirect.dependabot.com/cbeust/testng/issues/2825;>#2825 by https://github.com/speedythesnail;>@speedythesnail in https://github-redirect.dependabot.com/cbeust/testng/pull/2826;>cbeust/testng#2826 GITHUB-2830 - Failsafe parameter.toString by https://github.com/seregamorph;>@seregamorph in https://github-redirect.dependabot.com/cbeust/testng/pull/2831;>cbeust/testng#2831 Changing assertion message of the osgitest by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2832;>cbeust/testng#2832 hidden spotbugs in release https://github-redirect.dependabot.com/cbeust/testng/issues/2829;>#2829 by https://github.com/bobshie;>@bobshie in https://github-redirect.dependabot.com/cbeust/testng/pull/2833;>cbeust/testng#2833 Enhancing the Matrix by https://github.com/krmahadevan;>@krmahadevan in https://github-redirect.dependabot.com/cbeust/testng/pull/2834;>cbeust/testng#2834 Avoid Compilation errors on Semeru JDK flavour. by https://github.com/krmahadevan;>@krmahadevan in
[GitHub] [cxf] reta merged pull request #1066: Bump glassfish-corba-orb from 4.2.2 to 4.2.4
reta merged PR #1066: URL: https://github.com/apache/cxf/pull/1066 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1057: Update EasyMock to 5.1.0
reta merged PR #1057: URL: https://github.com/apache/cxf/pull/1057 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #98: Bump spring.version from 5.3.24 to 5.3.25
dependabot[bot] opened a new pull request, #98: URL: https://github.com/apache/cxf-fediz/pull/98 Bumps `spring.version` from 5.3.24 to 5.3.25. Updates `spring-framework-bom` from 5.3.24 to 5.3.25 Commits https://github.com/spring-projects/spring-framework/commit/2aeddb4fcb0fe49741e0744dbadfecbd7f3d6c54;>2aeddb4 Release v5.3.25 https://github.com/spring-projects/spring-framework/commit/26cd33cb2b7ac1673126a0ac30174d51c910f134;>26cd33c Upgrade to Reactor 2020.0.27 https://github.com/spring-projects/spring-framework/commit/2ee393ae712c8a141c919051a1479a04457fea85;>2ee393a Upgrade to Tomcat 9.0.70, Jetty 9.4.50, Netty 4.1.86, Undertow 2.2.22, HtmlUn... https://github.com/spring-projects/spring-framework/commit/0815d29e45afc36e6843704b8a25bf4f61ce2d89;>0815d29 Defensive check for null returned from createConnection() https://github.com/spring-projects/spring-framework/commit/777f01d7862a026d6f6a45653ed66c1c869a512f;>777f01d Fix path within mapping when pattern contains .* https://github.com/spring-projects/spring-framework/commit/f8fea013fcad168b60fa00c4c98b755c1ea40c02;>f8fea01 Update Jakarta Mail info in ref docs https://github.com/spring-projects/spring-framework/commit/916539178b2e8fe8f5e5b037a595b1f5687d8db5;>9165391 Improve documentation for literals in SpEL expressions https://github.com/spring-projects/spring-framework/commit/fdf3bcc9d90f9e2e3950015c79998715697e6021;>fdf3bcc Remove obsolete AttributeMethods.hasOnlyValueAttribute() method https://github.com/spring-projects/spring-framework/commit/5ddc984192b6150fee98419aedd63c2fac11cb54;>5ddc984 Support repeatable annotation containers with multiple attributes https://github.com/spring-projects/spring-framework/commit/b2ce54e7f13bfa55ecb36dfbf83f7e532d34bcad;>b2ce54e Revise RepeatableContainersTests Additional commits viewable in https://github.com/spring-projects/spring-framework/compare/v5.3.24...v5.3.25;>compare view Updates `spring-web` from 5.3.24 to 5.3.25 Commits https://github.com/spring-projects/spring-framework/commit/2aeddb4fcb0fe49741e0744dbadfecbd7f3d6c54;>2aeddb4 Release v5.3.25 https://github.com/spring-projects/spring-framework/commit/26cd33cb2b7ac1673126a0ac30174d51c910f134;>26cd33c Upgrade to Reactor 2020.0.27 https://github.com/spring-projects/spring-framework/commit/2ee393ae712c8a141c919051a1479a04457fea85;>2ee393a Upgrade to Tomcat 9.0.70, Jetty 9.4.50, Netty 4.1.86, Undertow 2.2.22, HtmlUn... https://github.com/spring-projects/spring-framework/commit/0815d29e45afc36e6843704b8a25bf4f61ce2d89;>0815d29 Defensive check for null returned from createConnection() https://github.com/spring-projects/spring-framework/commit/777f01d7862a026d6f6a45653ed66c1c869a512f;>777f01d Fix path within mapping when pattern contains .* https://github.com/spring-projects/spring-framework/commit/f8fea013fcad168b60fa00c4c98b755c1ea40c02;>f8fea01 Update Jakarta Mail info in ref docs https://github.com/spring-projects/spring-framework/commit/916539178b2e8fe8f5e5b037a595b1f5687d8db5;>9165391 Improve documentation for literals in SpEL expressions https://github.com/spring-projects/spring-framework/commit/fdf3bcc9d90f9e2e3950015c79998715697e6021;>fdf3bcc Remove obsolete AttributeMethods.hasOnlyValueAttribute() method https://github.com/spring-projects/spring-framework/commit/5ddc984192b6150fee98419aedd63c2fac11cb54;>5ddc984 Support repeatable annotation containers with multiple attributes https://github.com/spring-projects/spring-framework/commit/b2ce54e7f13bfa55ecb36dfbf83f7e532d34bcad;>b2ce54e Revise RepeatableContainersTests Additional commits viewable in https://github.com/spring-projects/spring-framework/compare/v5.3.24...v5.3.25;>compare view Updates `spring-context` from 5.3.24 to 5.3.25 Commits https://github.com/spring-projects/spring-framework/commit/2aeddb4fcb0fe49741e0744dbadfecbd7f3d6c54;>2aeddb4 Release v5.3.25 https://github.com/spring-projects/spring-framework/commit/26cd33cb2b7ac1673126a0ac30174d51c910f134;>26cd33c Upgrade to Reactor 2020.0.27 https://github.com/spring-projects/spring-framework/commit/2ee393ae712c8a141c919051a1479a04457fea85;>2ee393a Upgrade to Tomcat 9.0.70, Jetty 9.4.50, Netty 4.1.86, Undertow 2.2.22, HtmlUn... https://github.com/spring-projects/spring-framework/commit/0815d29e45afc36e6843704b8a25bf4f61ce2d89;>0815d29 Defensive check for null returned from createConnection() https://github.com/spring-projects/spring-framework/commit/777f01d7862a026d6f6a45653ed66c1c869a512f;>777f01d Fix path within mapping when pattern contains .* https://github.com/spring-projects/spring-framework/commit/f8fea013fcad168b60fa00c4c98b755c1ea40c02;>f8fea01 Update Jakarta Mail info in ref docs https://github.com/spring-projects/spring-framework/commit/916539178b2e8fe8f5e5b037a595b1f5687d8db5;>9165391 Improve documentation for literals in SpEL expressions
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #97: Bump maven-assembly-plugin from 3.3.0 to 3.4.2
dependabot[bot] opened a new pull request, #97: URL: https://github.com/apache/cxf-fediz/pull/97 Bumps [maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 3.3.0 to 3.4.2. Commits https://github.com/apache/maven-assembly-plugin/commit/6087da54e88899c285093ada96bde31eee0c03e7;>6087da5 [maven-release-plugin] prepare release maven-assembly-plugin-3.4.2 https://github.com/apache/maven-assembly-plugin/commit/db292ea981ab6d02e1123363d2c013d1a02f5481;>db292ea [MASSEMBLY-969] Update common artifact filters to 3.3.1 (https://github-redirect.dependabot.com/apache/maven-assembly-plugin/issues/83;>#83) https://github.com/apache/maven-assembly-plugin/commit/f4f2f7540666d8e14edb7419c621cea5b9aae7a9;>f4f2f75 [MASSEMBLY-949] Correct links https://github.com/apache/maven-assembly-plugin/commit/dfe890497627e55b8e070900049435ea7a77e08a;>dfe8904 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-assembly-plugin/commit/0518d3adfea36721bf754743e2bcb28a18d37d70;>0518d3a [maven-release-plugin] prepare release maven-assembly-plugin-3.4.1 https://github.com/apache/maven-assembly-plugin/commit/7ab92934c00097e64c80ebb42dcaedd65ac214b3;>7ab9293 [MASSEMBLY-964] Fix initFile for FileLocation, UrlLocation https://github.com/apache/maven-assembly-plugin/commit/8fba93dd892e347b55b4e5efae0c59e82239d948;>8fba93d Fix Jenkins url https://github.com/apache/maven-assembly-plugin/commit/5feb0c7cde3c6fb7370befe6585e449be637342e;>5feb0c7 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-assembly-plugin/commit/2d163c17e398624a5d785e0bf4aff198e057c952;>2d163c1 [maven-release-plugin] prepare release maven-assembly-plugin-3.4.0 https://github.com/apache/maven-assembly-plugin/commit/937750250bfe06333f92351fa1a19a9cd5e59d28;>9377502 [MASSEMBLY-961] Update maven-archiver to 3.6.0 (https://github-redirect.dependabot.com/apache/maven-assembly-plugin/issues/70;>#70) Additional commits viewable in https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.3.0...maven-assembly-plugin-3.4.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-assembly-plugin=maven=3.3.0=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1066: Bump glassfish-corba-orb from 4.2.2 to 4.2.4
dependabot[bot] opened a new pull request, #1066: URL: https://github.com/apache/cxf/pull/1066 Bumps glassfish-corba-orb from 4.2.2 to 4.2.4. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.glassfish.corba:glassfish-corba-orb=maven=4.2.2=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1065: Bump plexus-archiver from 4.2.0 to 4.6.1
dependabot[bot] opened a new pull request, #1065: URL: https://github.com/apache/cxf/pull/1065 Bumps [plexus-archiver](https://github.com/codehaus-plexus/plexus-archiver) from 4.2.0 to 4.6.1. Release notes Sourced from https://github.com/codehaus-plexus/plexus-archiver/releases;>plexus-archiver's releases. 4.6.1 Normalize file separators before warning about equal archive entries (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/249;>#249) https://github.com/Bananeweizen;>@Bananeweizen Dependency updates Bump commons-compress from 1.21 to 1.22 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/243;>#243) https://github.com/dependabot;>@dependabot 4.6.0 New features and improvements keep file/directory permissions in Reproducible Builds mode (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/241;>#241) https://github.com/hboutemy;>@hboutemy Dependency updates Bump junitVersion from 5.9.0 to 5.9.1 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/236;>#236) https://github.com/dependabot;>@dependabot Bump plexus-utils from 3.4.2 to 3.5.0 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/242;>#242) https://github.com/dependabot;>@dependabot Bump zstd-jni from 1.5.2-4 to 1.5.2-5 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/240;>#240) https://github.com/dependabot;>@dependabot Plexus Archiver 4.5.0 New features and improvements Add zstd (un)archiver support (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/226;>#226) https://github.com/pleeplop;>@pleeplop Bug Fixes Fix UnArchiver#isOverwrite not working as expected (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/pull/229;>#229) https://github.com/plamentotev;>@plamentotev Existing files were overridden only if UnArchiver#isOverwrite was set and the existing files were older than the archive entry. Now it works as documented: older files are always overridden; when UnArchiver#isOverwrite is true, existing files are always overridden regardless if they are older or not. Plexus Archiver 4.4.0 New features and improvements Drop legacy plexus API and use only JSR330 components (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/220;>#220) https://github.com/cstamas;>@cstamas Plexus Archiver 4.3.0 New features and improvements Require Java 8 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/206;>#206) https://github.com/plamentotev;>@plamentotev Refactor to use FileTime API (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/199;>#199) https://github.com/jorsol;>@jorsol Rename setTime method to setZipEntryTime (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/209;>#209) https://github.com/jorsol;>@jorsol Convert InputStreamSupplier to lambdas (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/212;>#212) https://github.com/jorsol;>@jorsol Update plexus-container-default to 2.1.1, commons-io 2.11.0 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/211;>#211) https://github.com/jorsol;>@jorsol FIX: Reproducible Builds not working when using modular jar (https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/205;>#205) https://github.com/jorsol;>@jorsol ... (truncated) Changelog Sourced from https://github.com/codehaus-plexus/plexus-archiver/blob/master/ReleaseNotes.md;>plexus-archiver's changelog. Plexus Archiver Release Notes Plexus Archiver 4.2.1 Bugs [Issue https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/126;>#126][issue-126] - Fixed broken javadoc for Archiver#configureReproducible. [Issue https://github-redirect.dependabot.com/codehaus-plexus/plexus-archiver/issues/127;>#127][issue-127] - Fixed reproducible zip entry time depends on local daylight saving time. Commits https://github.com/codehaus-plexus/plexus-archiver/commit/f23f7ad8cc510c4a7e888699937d782371cb700c;>f23f7ad [maven-release-plugin] prepare release plexus-archiver-4.6.1 https://github.com/codehaus-plexus/plexus-archiver/commit/04603321fdcaa1a12372c609a891c657b300da45;>0460332 Revert [maven-release-plugin] prepare for next development iteration https://github.com/codehaus-plexus/plexus-archiver/commit/291b03ab779d351645d3f7b887517a75823db272;>291b03a [maven-release-plugin] prepare for next development iteration https://github.com/codehaus-plexus/plexus-archiver/commit/e9cc0c0715857b75880931c380a5e200ad63dd73;>e9cc0c0 (doc) switch scm url to https
[GitHub] [cxf] reta merged pull request #1064: Bump dependency-check-maven from 6.5.3 to 7.4.4
reta merged PR #1064: URL: https://github.com/apache/cxf/pull/1064 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta merged pull request #1062: Bump cxf.openwebbeans.version from 2.0.26 to 2.0.27
reta merged PR #1062: URL: https://github.com/apache/cxf/pull/1062 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf] reta commented on pull request #1064: Bump dependency-check-maven from 6.5.3 to 7.4.4
reta commented on PR #1064: URL: https://github.com/apache/cxf/pull/1064#issuecomment-1377413459 @dependabot rebase please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] closed pull request #96: Bump jakarta.xml.ws-api from 2.3.3 to 4.0.0
dependabot[bot] closed pull request #96: Bump jakarta.xml.ws-api from 2.3.3 to 4.0.0 URL: https://github.com/apache/cxf-fediz/pull/96 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea commented on pull request #96: Bump jakarta.xml.ws-api from 2.3.3 to 4.0.0
coheigea commented on PR #96: URL: https://github.com/apache/cxf-fediz/pull/96#issuecomment-1377406779 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] coheigea merged pull request #95: Bump jetty9.version from 9.4.49.v20220914 to 9.4.50.v20221201
coheigea merged PR #95: URL: https://github.com/apache/cxf-fediz/pull/95 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] commented on pull request #96: Bump jakarta.xml.ws-api from 2.3.3 to 4.0.0
dependabot[bot] commented on PR #96: URL: https://github.com/apache/cxf-fediz/pull/96#issuecomment-1377406852 OK, I won't notify you about version 4.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #96: Bump jakarta.xml.ws-api from 2.3.3 to 4.0.0
dependabot[bot] opened a new pull request, #96: URL: https://github.com/apache/cxf-fediz/pull/96 Bumps [jakarta.xml.ws-api](https://github.com/eclipse-ee4j/jax-ws-api) from 2.3.3 to 4.0.0. Release notes Sourced from https://github.com/eclipse-ee4j/jax-ws-api/releases;>jakarta.xml.ws-api's releases. Jakarta XML Web Services API 4.0.0 This major release contains following changes: annotates jakarta.xml.ws.AsyncHandler with @FunctionalInterface extends jakarta.xml.ws.wsaddressing.W3CEndpointReference API with getters drops implementation lookup through the jaxws.properties configuration file makes implementation lookup through the system property as the first step removes required fallback to some default implementation from the implementation lookup folds Jakarta Web Services Metadata Specification into this/Jakarta Web Services Specification (Jakarta Web Services Metadata Specification is no longer available as a standalone API/project/jar) Project Board: https://github.com/eclipse-ee4j/jax-ws-api/projects/1;>https://github.com/eclipse-ee4j/jax-ws-api/projects/1 Full Changelog: https://github.com/eclipse-ee4j/jax-ws-api/compare/3.0.0...4.0.0;>https://github.com/eclipse-ee4j/jax-ws-api/compare/3.0.0...4.0.0 Jakarta XML Web Services API 3.0.0 Final Release The 3.0.0 release is the first release under the jakarta.xml.ws.* namespace. Commits https://github.com/jakartaee/jax-ws-api/commit/dcce9d9163f58137ac5a088c64629a191cf2b8ea;>dcce9d9 Update API version of jakarta.xml.ws:jakarta.xml.ws-api to 4.0.0 https://github.com/jakartaee/jax-ws-api/commit/1c3572e1f5e77e5cb3cefa861a65548835e59ba5;>1c3572e Jenkins release job update https://github.com/jakartaee/jax-ws-api/commit/04581408df82107a203ebcdba6bdd67293703e3b;>0458140 https://github-redirect.dependabot.com/eclipse-ee4j/jax-ws-api/issues/184;>#184: Refine implementation discovery https://github.com/jakartaee/jax-ws-api/commit/2b5290a52d191ead75e83b224c2c248ceb2cfc2e;>2b5290a small code cleanup https://github.com/jakartaee/jax-ws-api/commit/470f1ec8a866b6b2b4663e807a23fec80b48f2db;>470f1ec https://github-redirect.dependabot.com/eclipse-ee4j/jax-ws-api/issues/167;>#167: extend the API of W3CEndpointReference with getters https://github.com/jakartaee/jax-ws-api/commit/59027e06d4eb0004926e5389e222804f7082e012;>59027e0 update spec change log, https://github.com/jakartaee/jax-ws-api/commit/d34def03e46fe8bb032e019b6c99e528467c2145;>d34def0 Update spec document version, https://github.com/jakartaee/jax-ws-api/commit/a9f0b68b6871a13447f53d0eb33789c7170be5d3;>a9f0b68 Images are recreated in SVG format https://github.com/jakartaee/jax-ws-api/commit/0c0d030cfb337d4689d4a5f287a66176e9d4d287;>0c0d030 update build plugins https://github.com/jakartaee/jax-ws-api/commit/d99f3207c3a1332195f30f44553ed48786aa9ba1;>d99f320 update gh action build Additional commits viewable in https://github.com/eclipse-ee4j/jax-ws-api/compare/2.3.3...4.0.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jakarta.xml.ws:jakarta.xml.ws-api=maven=2.3.3=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To
[GitHub] [cxf-fediz] dependabot[bot] opened a new pull request, #95: Bump jetty9.version from 9.4.49.v20220914 to 9.4.50.v20221201
dependabot[bot] opened a new pull request, #95: URL: https://github.com/apache/cxf-fediz/pull/95 Bumps `jetty9.version` from 9.4.49.v20220914 to 9.4.50.v20221201. Updates `jetty-server` from 9.4.49.v20220914 to 9.4.50.v20221201 Release notes Sourced from https://github.com/eclipse/jetty.project/releases;>jetty-server's releases. 9.4.50.v20221201 Sponsored Release This is a release of the https://github-redirect.dependabot.com/eclipse/jetty.project/issues/7958;>End of Community Support Jetty 9.x series that was sponsored by a https://github.com/eclipse/jetty.project/blob/HEAD/mailto:sa...@webtide.com;>support contract from Webtide.com Changelog https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8774;>#8774 - Added SizeLimitHandler https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8678;>#8678 - Jetty client is not responding to GO_AWAY packet received from (Jetty) Server and continue to send traffic on same connection Dependencies https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8826;>#8826 - Bump infinispan to 11.0.16.Final https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8847;>#8847 - Bump jboss-logmanager to 2.1.19.Final https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8849;>#8849 - Bump jboss-threads to 3.5.0.Final https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8961;>#8961 - Bump jnr-constants to 0.10.4 https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8951;>#8951 - Bump protostream to 4.4.4.Final https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8989;>#8989 - Bump spring-beans to 5.3.24 https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8949;>#8949 - Bump testcontainers to 1.17.6 https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8828;>#8828 - Bump wildfly-elytron to 2.0.0.Final Commits https://github.com/eclipse/jetty.project/commit/da9a0b30691a45daf90a9f17b5defa2f1434f882;>da9a0b3 Updating to version 9.4.50.v20221201 https://github.com/eclipse/jetty.project/commit/f9914c8c56d0688bd38cdee35413378921340fdd;>f9914c8 Merge pull request https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8987;>#8987 from eclipse/dependabot/maven/jetty-9.4.x/org.apache... https://github.com/eclipse/jetty.project/commit/13319cb64b624de5d140682dccc54f2d24f95453;>13319cb Merge pull request https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8989;>#8989 from eclipse/dependabot/maven/jetty-9.4.x/org.spring... https://github.com/eclipse/jetty.project/commit/5617585133a4a0778408dab3a6565e065b3ae5bc;>5617585 Bump spring-beans from 5.3.23 to 5.3.24 https://github.com/eclipse/jetty.project/commit/d16613b6ca224a29c4eded43ac3c3e16dc90b950;>d16613b Bump maven-dependency-plugin from 3.3.0 to 3.4.0 https://github.com/eclipse/jetty.project/commit/20facec5e26c550788af6eef6326284aae24a285;>20facec Merge pull request https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8961;>#8961 from eclipse/dependabot/maven/jetty-9.4.x/com.github... https://github.com/eclipse/jetty.project/commit/f7acd137826c5447e236507fc799d149394e62ca;>f7acd13 Merge pull request https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8971;>#8971 from eclipse/fix/jetty-9.4.x/dependabot-rollup-nov28 https://github.com/eclipse/jetty.project/commit/c70016d68951f2edba4cc7afdf9839c1fe12a49b;>c70016d Merge pull request https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8951;>#8951 from eclipse/dependabot/maven/jetty-9.4.x/org.infini... https://github.com/eclipse/jetty.project/commit/2e9c7152e080b1422eb31b61f591df9a8667d6c5;>2e9c715 Merge pull request https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8949;>#8949 from eclipse/dependabot/maven/jetty-9.4.x/testcontai... https://github.com/eclipse/jetty.project/commit/bc48eb224fd69d93d4d0ff8da65d42ed147b60e4;>bc48eb2 Merge remote-tracking branch 'origin/dependabot/maven/jetty-9.4.x/org.apache Additional commits viewable in https://github.com/eclipse/jetty.project/compare/jetty-9.4.49.v20220914...jetty-9.4.50.v20221201;>compare view Updates `jetty-security` from 9.4.49.v20220914 to 9.4.50.v20221201 Release notes Sourced from https://github.com/eclipse/jetty.project/releases;>jetty-security's releases. 9.4.50.v20221201 Sponsored Release This is a release of the https://github-redirect.dependabot.com/eclipse/jetty.project/issues/7958;>End of Community Support Jetty 9.x series that was sponsored by a https://github.com/eclipse/jetty.project/blob/HEAD/mailto:sa...@webtide.com;>support contract from Webtide.com Changelog https://github-redirect.dependabot.com/eclipse/jetty.project/issues/8774;>#8774 - Added SizeLimitHandler
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1064: Bump dependency-check-maven from 6.5.3 to 7.4.4
dependabot[bot] opened a new pull request, #1064: URL: https://github.com/apache/cxf/pull/1064 Bumps [dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 6.5.3 to 7.4.4. Release notes Sourced from https://github.com/jeremylong/DependencyCheck/releases;>dependency-check-maven's releases. Version 7.4.4 Fixed Resolved issue processing NVD CVE data due to column width (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5229;>#5229) See the full listing of https://github.com/jeremylong/DependencyCheck/milestone/56?closed=1;>changes. Version 7.4.3 Fixed Fixed NPE when analyzing version ranges in NPM (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5158;>#5158 https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5190;>#5190) Resolved several FP (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5191;>#5191) See the full listing of https://github.com/jeremylong/DependencyCheck/milestone/55?closed=1;>changes. Version 7.4.2 Fixed Fixes maven 3.1 compatibility issue (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5152;>#5152) Fixed issue with invalid node_module paths in some scans (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5135;>#5135) Fixed missing option to disable the Poetry Analyzer in the CLI (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5160;>#5160) Fixed missing option to configure the OSS Index URL in the CLI (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5180;>#5180) Fixed NPE when analyzing version ranges in NPM (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5158;>#5158) Fixed issue with non-proxy host in the gradle plugin (https://github-redirect.dependabot.com/dependency-check/dependency-check-gradle/pull/298;>dependency-check/dependency-check-gradle#298) Resolved several FP See the full listing of https://github.com/jeremylong/DependencyCheck/milestone/54?closed=1;>changes. Version 7.4.1 Fixed Fixed bug when setting the proxy port in gradle (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5123;>#5123) Fixed issue with invalid node_module paths in some scans (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5127;>#5127) Resolved several FP See the full listing of https://github.com/jeremylong/DependencyCheck/milestone/53?closed=1;>changes. Version 7.4.0 Added Add support for npm package lock v2 and v3 (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5078;>#5078) Added experimental support for Python Poetry (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5025;>#5025) Added a vanilla HTML report for use in Jenkins (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5053;>#5053) Changed Renamed RELEASE_NOTES.md to CHANGELOG.md to be more conventional Optimized checksum calculation to improve performance (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5112;>#5112) Added support for scanning .NET assemblies when only the dotnet runtime is installed (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5087;>#5087) Bumped several dependencies ... (truncated) Changelog Sourced from https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md;>dependency-check-maven's changelog. https://github.com/jeremylong/DependencyCheck/releases/tag/v7.4.4;>Version 7.4.4 (2023-01-06) Fixed Resolved issue processing NVD CVE data due to column width (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5229;>#5229) See the full listing of https://github.com/jeremylong/DependencyCheck/milestone/56?closed=1;>changes. https://github.com/jeremylong/DependencyCheck/releases/tag/v7.4.3;>Version 7.4.3 (2022-12-29) Fixed Fixed NPE when analyzing version ranges in NPM (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5158;>#5158 https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5190;>#5190) Resolved several FP (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5191;>#5191) See the full listing of https://github.com/jeremylong/DependencyCheck/milestone/55?closed=1;>changes. https://github.com/jeremylong/DependencyCheck/releases/tag/v7.4.2;>Version 7.4.2 (2022-12-28) Fixed Fixes maven 3.1 compatibility issue (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5152;>#5152) Fixed issue with invalid node_module paths in some scans (https://github-redirect.dependabot.com/jeremylong/DependencyCheck/issues/5135;>#5135) Fixed missing
[GitHub] [cxf] dependabot[bot] opened a new pull request, #1063: Bump cxf.maven.core.version from 3.6.3 to 3.8.7
dependabot[bot] opened a new pull request, #1063: URL: https://github.com/apache/cxf/pull/1063 Bumps `cxf.maven.core.version` from 3.6.3 to 3.8.7. Updates `maven-compat` from 3.6.3 to 3.8.7 Release notes Sourced from https://github.com/apache/maven/releases;>maven-compat's releases. 3.8.7 Sub-task [https://issues.apache.org/jira/browse/MNG-7019;>MNG-7019] - Notify also at start when profile is missing Bug [https://issues.apache.org/jira/browse/MNG-7106;>MNG-7106] - VersionRange.toString() produces a string that cannot be parsed with VersionRange.createFromVersionSpec() for same lower and upper bounds [https://issues.apache.org/jira/browse/MNG-7316;>MNG-7316] - REGRESSION: MavenProject.getAttachedArtifacts() is read-only [https://issues.apache.org/jira/browse/MNG-7352;>MNG-7352] - org.apache.maven.toolchain.java.JavaToolchainImpl should be public [https://issues.apache.org/jira/browse/MNG-7529;>MNG-7529] - Maven resolver makes bad repository choices when resolving version ranges [https://issues.apache.org/jira/browse/MNG-7563;>MNG-7563] - REGRESSION: User properties now override model properties in dependencies [https://issues.apache.org/jira/browse/MNG-7568;>MNG-7568] - [WARNING] The requested profile ABCDEF could not be activated because it does not exist. [https://issues.apache.org/jira/browse/MNG-7578;>MNG-7578] - Building Linux image on Windows impossible (patch incuded) [https://issues.apache.org/jira/browse/MNG-7600;>MNG-7600] - LocalRepositoryManager is created too early [https://issues.apache.org/jira/browse/MNG-7621;>MNG-7621] - Parameter '-f' causes ignoring any 'maven.config' (only on Windows) [https://issues.apache.org/jira/browse/MNG-7637;>MNG-7637] - Possible NPE in MavenProject#hashCode() [https://issues.apache.org/jira/browse/MNG-7644;>MNG-7644] - Fix version comparison where .X1 -X2 for any string qualifier X Improvement [https://issues.apache.org/jira/browse/MNG-7590;>MNG-7590] - Allow configure resolver by properties in settings.xml [https://issues.apache.org/jira/browse/MNG-7645;>MNG-7645] - Implement some #toString() methods Task [https://issues.apache.org/jira/browse/MNG-7513;>MNG-7513] - Address commons-io_commons-io vulnerability found in maven latest version [https://issues.apache.org/jira/browse/MNG-7634;>MNG-7634] - Revert MNG-5982 and MNG-7417 [https://issues.apache.org/jira/browse/MNG-7636;>MNG-7636] - Partially revert MNG-5868 to restore backward compatibility (see MNG-7316) Dependency upgrade [https://issues.apache.org/jira/browse/MNG-7506;>MNG-7506] - Upgrade Maven Wagon to 3.5.2 [https://issues.apache.org/jira/browse/MNG-7641;>MNG-7641] - Upgrade Maven Wagon to 3.5.3 3.8.6 What's Changed [MNG-7441] 3.8.x Update version of logback by https://github.com/cstamas;>@cstamas in https://github-redirect.dependabot.com/apache/maven/pull/708;>apache/maven#708 [MNG-7432] Resolver session contains non-MavenWorkspaceReader by https://github.com/laeubi;>@laeubi in https://github-redirect.dependabot.com/apache/maven/pull/695;>apache/maven#695 [MNG-7459] Revert [3.8.x][MNG-7347] SessionScoped beans should be singletons for a given session by https://github.com/gnodet;>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/715;>apache/maven#715 [3.8.x] [MNG-7476] Display a warning when an aggregator mojo locks other mojos executions by https://github.com/gnodet;>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/736;>apache/maven#736 Full Changelog: https://github.com/apache/maven/compare/maven-3.8.5...maven-3.8.6;>https://github.com/apache/maven/compare/maven-3.8.5...maven-3.8.6 ... (truncated) Commits https://github.com/apache/maven/commit/b89d5959fcde851dcb1c8946a785a163f14e1e29;>b89d595 [maven-release-plugin] prepare release maven-3.8.7 https://github.com/apache/maven/commit/6e8b4ffc44b6463328ba5dfb3230adb06c580360;>6e8b4ff [MNG-7352] org.apache.maven.toolchain.java.JavaToolchainImpl should be public https://github.com/apache/maven/commit/91ddc374426eafb5ba6bd02c295867b2c4aa867e;>91ddc37 [MNG-7641] Upgrade Maven Wagon to 3.5.3 https://github.com/apache/maven/commit/da4246ad2677f3a91353b6f3024832e4a5aff7b4;>da4246a [MNG-7644] Fix version comparison where .X1 -X2 for any string qualifier X https://github.com/apache/maven/commit/7d45894266bf2f9c94fda54d44c858c0ed7cb9df;>7d45894 Update bundled license for SLF4J https://github.com/apache/maven/commit/ba058ee3972b4909baccb92fd0ebc2cf923ded85;>ba058ee [MNG-7513] Address commons-io_commons-io vulnerability found in maven latest ... https://github.com/apache/maven/commit/7db942b2f7387f783d4530e2ee63897c204dd904;>7db942b [MNG-7634] Revert MNG-5982 and MNG-7417 https://github.com/apache/maven/commit/61f1f0160eb5fc681b1443226e94dcfe170205d4;>61f1f01 [MNG-7590]