date:20231006

[GH] (commons-digester): Workflow run "Scorecards supply-chain security" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Scorecards supply-chain security" on 
commons-digester.git has failed.
Run started by GitHub user asfgit (triggered by asfgit).

Head commit for run:
5ae9b66cf06bebecb2f085f036674d2ac4fee02a / Gary Gregory 

Merge pull request #97 from 
apache/dependabot/github_actions/github/codeql-action-2.21.9

Bump github/codeql-action from 2.21.8 to 2.21.9

Report URL: https://github.com/apache/commons-digester/actions/runs/6438232648

With regards,
GitHub Actions via GitBox

Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-beanutils]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #187:
URL: 
https://github.com/apache/commons-beanutils/pull/187#issuecomment-1751504443

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-beanutils/pull/187?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#187](https://app.codecov.io/gh/apache/commons-beanutils/pull/187?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (773342a) into 
[master](https://app.codecov.io/gh/apache/commons-beanutils/commit/f0e900be7377c9ecb973e6a30c0f94cef692abb7?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (f0e900b) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master #187   +/-   ##
   =
 Coverage 65.08%   65.08%   
 Complexity 1485 1485   
   =
 Files   105  105   
 Lines  5505 5505   
 Branches   1068 1068   
   =
 Hits   3583 3583   
 Misses 1466 1466   
 Partials456  456   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-beanutils]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #187:
URL: https://github.com/apache/commons-beanutils/pull/187

   Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 
2.2.0 to 2.3.0.
   
   Release notes
   Sourced from https://github.com/ossf/scorecard-action/releases;>ossf/scorecard-action's
 releases.
   
   v2.3.0
   What's Changed
   
   :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 by 
https://github.com/spencerschrock;>@spencerschrock 
in https://redirect.github.com/ossf/scorecard-action/pull/1270;>ossf/scorecard-action#1270
   
   For a full changelist of what this includes, see the https://github.com/ossf/scorecard/releases/tag/v4.12.0;>v4.12.0 and 
https://github.com/ossf/scorecard/releases/tag/v4.13.0;>v4.13.0 
release notes
   
   
   :sparkles: Send rekor tlog index to webapp when publishing results by https://github.com/spencerschrock;>@spencerschrock in 
https://redirect.github.com/ossf/scorecard-action/pull/1169;>ossf/scorecard-action#1169
   :bug: Prevent url clipping for GHES instances by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1225;>ossf/scorecard-action#1225
   
   Documentation
   
   :book: Update access rights needed to see the results in code scanning 
by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1229;>ossf/scorecard-action#1229
   :book: Add package comments. by https://github.com/spencerschrock;>@spencerschrock in 
https://redirect.github.com/ossf/scorecard-action/pull/1221;>ossf/scorecard-action#1221
   :book: Add SECURITY.md file by https://github.com/david-a-wheeler;>@david-a-wheeler in 
https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250
   :book: Fix typo in token input docs by https://github.com/aabouzaid;>@aabouzaid in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258
   
   New Contributors
   
   https://github.com/david-a-wheeler;>@david-a-wheeler 
made their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250
   https://github.com/aabouzaid;>@aabouzaid made 
their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258
   
   Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0;>https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0
   
   
   
   Commits
   
   https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80
 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271)
   https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913
 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270)
   https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6
 :seedling: Bump distroless/base from 46c5b9b to 
a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269)
   https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75
 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268)
   https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0
 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266)
   https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c
 :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267)
   https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393
 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265)
   https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f
 :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264)
   https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1
 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254)
   https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6
 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262)
   Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare
 view

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-validator]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #160:
URL: https://github.com/apache/commons-validator/pull/160

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

CodeQL Action Changelog
See the https://github.com/github/codeql-action/releases;>releases page for
the relevant changes to the CodeQL CLI and language packs.
[UNRELEASED]
No user facing changes.
2.22.0 - 06 Oct 2023

The CodeQL Action now requires CodeQL version 2.10.5 or later. For more
information, see the corresponding changelog entry for CodeQL Action version
2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907
The CodeQL Action no longer runs ML-powered queries. For more
information, including details on our investment in AI-powered security
technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL
code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910
Fix a bug which prevented tracing of projects using Go 1.21 and above on
Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909

2.21.9 - 27 Sep 2023

Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897
We are rolling out a feature in October 2023 that will improve the
success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889
We are rolling out a feature in October 2023 that will provide specific
file coverage information for C and C++, Java and Kotlin, and JavaScript and
TypeScript. Currently file coverage information for each of these pairs of
languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903
Add a warning to help customers avoid inadvertently analyzing the same
CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901

2.21.8 - 19 Sep 2023

Add a deprecation warning for customers using CodeQL version 2.10.4 and
earlier. These versions of CodeQL were discontinued on 12 September 2023
alongside GitHub Enterprise Server 3.6, and will be unsupported by the next
minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884

If you are using one of these versions, please update to CodeQL CLI
version 2.10.5 or later. For instance, if you have specified a custom version
of the CLI using the 'tools' input to the 'init' Action, you can remove this
input to use the default version.
Alternatively, if you want to continue using a version of the CodeQL CLI
between 2.9.5 and 2.10.4, you can replace
github/codeql-action/*@v2 by
github/codeql-action/*@v2.21.7 in your code scanning workflow to
ensure you continue using this version of the CodeQL Action.

Enable the following language aliases when using CodeQL 2.14.4 and
later: c-cpp for C/C++ analysis, java-kotlin for
Java/Kotlin analysis, and javascript-typescript for
JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

Better error message when there is a failure to determine the merge base
of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860
Improve the calculation of default amount of RAM used for query
execution on GitHub Enterprise Server. This now reduces in proportion to the
runner's total memory to better account for system memory usage, helping to
avoid out-of-memory failures on larger runners. This feature is already
available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866
Enable improved file coverage information for GitHub Enterprise Server
users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867
Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873

2.21.5 - 28 Aug 2023

Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845
Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support
for https://projectlombok.org/;>Project Lombok when analyzing
Java. The environment variable
CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be
respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844
Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4
through v2.14.3.

[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-validator]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #159:
URL: https://github.com/apache/commons-validator/pull/159

   Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 
2.2.0 to 2.3.0.
   
   Release notes
   Sourced from https://github.com/ossf/scorecard-action/releases;>ossf/scorecard-action's
 releases.
   
   v2.3.0
   What's Changed
   
   :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 by 
https://github.com/spencerschrock;>@spencerschrock 
in https://redirect.github.com/ossf/scorecard-action/pull/1270;>ossf/scorecard-action#1270
   
   For a full changelist of what this includes, see the https://github.com/ossf/scorecard/releases/tag/v4.12.0;>v4.12.0 and 
https://github.com/ossf/scorecard/releases/tag/v4.13.0;>v4.13.0 
release notes
   
   
   :sparkles: Send rekor tlog index to webapp when publishing results by https://github.com/spencerschrock;>@spencerschrock in 
https://redirect.github.com/ossf/scorecard-action/pull/1169;>ossf/scorecard-action#1169
   :bug: Prevent url clipping for GHES instances by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1225;>ossf/scorecard-action#1225
   
   Documentation
   
   :book: Update access rights needed to see the results in code scanning 
by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1229;>ossf/scorecard-action#1229
   :book: Add package comments. by https://github.com/spencerschrock;>@spencerschrock in 
https://redirect.github.com/ossf/scorecard-action/pull/1221;>ossf/scorecard-action#1221
   :book: Add SECURITY.md file by https://github.com/david-a-wheeler;>@david-a-wheeler in 
https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250
   :book: Fix typo in token input docs by https://github.com/aabouzaid;>@aabouzaid in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258
   
   New Contributors
   
   https://github.com/david-a-wheeler;>@david-a-wheeler 
made their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250
   https://github.com/aabouzaid;>@aabouzaid made 
their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258
   
   Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0;>https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0
   
   
   
   Commits
   
   https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80
 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271)
   https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913
 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270)
   https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6
 :seedling: Bump distroless/base from 46c5b9b to 
a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269)
   https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75
 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268)
   https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0
 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266)
   https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c
 :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267)
   https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393
 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265)
   https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f
 :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264)
   https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1
 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254)
   https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6
 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262)
   Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare
 view

Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-email]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #175:
URL: https://github.com/apache/commons-email/pull/175#issuecomment-1751378340

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-email/pull/175?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#175](https://app.codecov.io/gh/apache/commons-email/pull/175?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (95d3b80) into 
[master](https://app.codecov.io/gh/apache/commons-email/commit/72d062a404cad6da027e7829bae6411c71140830?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (72d062a) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master #175   +/-   ##
   =
 Coverage 65.87%   65.87%   
 Complexity  305  305   
   =
 Files18   18   
 Lines  1052 1052   
 Branches138  138   
   =
 Hits693  693   
 Misses  280  280   
 Partials 79   79   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-email]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #174:
URL: https://github.com/apache/commons-email/pull/174#issuecomment-1751378200

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-email/pull/174?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#174](https://app.codecov.io/gh/apache/commons-email/pull/174?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (179adc0) into 
[master](https://app.codecov.io/gh/apache/commons-email/commit/72d062a404cad6da027e7829bae6411c71140830?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (72d062a) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master #174   +/-   ##
   =
 Coverage 65.87%   65.87%   
 Complexity  305  305   
   =
 Files18   18   
 Lines  1052 1052   
 Branches138  138   
   =
 Hits693  693   
 Misses  280  280   
 Partials 79   79   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-email]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #175:
URL: https://github.com/apache/commons-email/pull/175

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-email]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #174:
URL: https://github.com/apache/commons-email/pull/174

   Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 
2.2.0 to 2.3.0.
   
   Commits
   
   https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80
 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271)
   https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913
 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270)
   https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6
 :seedling: Bump distroless/base from 46c5b9b to 
a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269)
   https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75
 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268)
   https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0
 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266)
   https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c
 :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267)
   https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393
 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265)
   https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f
 :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264)
   https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1
 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254)
   https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6
 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262)
   Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action=github_actions=2.2.0=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-text]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #465:
URL: https://github.com/apache/commons-text/pull/465#issuecomment-1751359631

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-text/pull/465?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#465](https://app.codecov.io/gh/apache/commons-text/pull/465?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (cc8f904) into 
[master](https://app.codecov.io/gh/apache/commons-text/commit/5d0b7d00ea8b91376accae3aace6ffac21316713?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (5d0b7d0) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master #465   +/-   ##
   =
 Coverage 97.11%   97.11%   
 Complexity 2342 2342   
   =
 Files86   86   
 Lines  5791 5791   
 Branches938  938   
   =
 Hits   5624 5624   
 Misses   88   88   
 Partials 79   79   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-text]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #464:
URL: https://github.com/apache/commons-text/pull/464#issuecomment-1751359306

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-text/pull/464?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#464](https://app.codecov.io/gh/apache/commons-text/pull/464?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (bbc7761) into 
[master](https://app.codecov.io/gh/apache/commons-text/commit/5d0b7d00ea8b91376accae3aace6ffac21316713?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (5d0b7d0) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master #464   +/-   ##
   =
 Coverage 97.11%   97.11%   
 Complexity 2342 2342   
   =
 Files86   86   
 Lines  5791 5791   
 Branches938  938   
   =
 Hits   5624 5624   
 Misses   88   88   
 Partials 79   79   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-text]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #465:
URL: https://github.com/apache/commons-text/pull/465

   Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 
2.2.0 to 2.3.0.
   
   Commits
   
   https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80
 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271)
   https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913
 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270)
   https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6
 :seedling: Bump distroless/base from 46c5b9b to 
a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269)
   https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75
 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268)
   https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0
 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266)
   https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c
 :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267)
   https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393
 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265)
   https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f
 :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264)
   https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1
 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254)
   https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6
 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262)
   Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action=github_actions=2.2.0=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-text]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #464:
URL: https://github.com/apache/commons-text/pull/464

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-rdf]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #163:
URL: https://github.com/apache/commons-rdf/pull/163

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-fileupload]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #247:
URL: https://github.com/apache/commons-fileupload/pull/247

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[GH] (commons-vfs): Workflow run "Java CI" is working again!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-vfs.git has succeeded.
Run started by GitHub user garydgregory (triggered by garydgregory).

Head commit for run:
b8facee10a2eb3c758cff2320ea261c99ec0bc0c / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump github/codeql-action from 2.21.9 to 2.22.0 (#434)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- 
[Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
Co-authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>

Report URL: https://github.com/apache/commons-vfs/actions/runs/6431371835

With regards,
GitHub Actions via GitBox

Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-jxpath]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #86:
URL: https://github.com/apache/commons-jxpath/pull/86#issuecomment-1751214648

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-jxpath/pull/86?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#86](https://app.codecov.io/gh/apache/commons-jxpath/pull/86?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (000a6a9) into 
[master](https://app.codecov.io/gh/apache/commons-jxpath/commit/43db6dc49149cedb57ad2fbc9958e2a70f616baa?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (43db6dc) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master  #86   +/-   ##
   =
 Coverage 69.20%   69.20%   
 Complexity 3122 3122   
   =
 Files   152  152   
 Lines  9575 9575   
 Branches   2005 2005   
   =
 Hits   6626 6626   
 Misses 2155 2155   
 Partials794  794   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-jxpath]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #86:
URL: https://github.com/apache/commons-jxpath/pull/86

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[GH] (commons-vfs): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-vfs.git has failed.
Run started by GitHub user garydgregory (triggered by garydgregory).

Head commit for run:
b8facee10a2eb3c758cff2320ea261c99ec0bc0c / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump github/codeql-action from 2.21.9 to 2.22.0 (#434)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- 
[Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
Co-authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>

Report URL: https://github.com/apache/commons-vfs/actions/runs/6431371835

With regards,
GitHub Actions via GitBox

Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-imaging]

2023-10-06 Thread via GitHub



codecov-commenter commented on PR #324:
URL: https://github.com/apache/commons-imaging/pull/324#issuecomment-1751140428

   ## 
[Codecov](https://app.codecov.io/gh/apache/commons-imaging/pull/324?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 Report
   > Merging 
[#324](https://app.codecov.io/gh/apache/commons-imaging/pull/324?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (75a9453) into 
[master](https://app.codecov.io/gh/apache/commons-imaging/commit/38b4dae24dcc7abb97bd29c3fe5529b5f1ce9fb6?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
 (38b4dae) will **not change** coverage.
   > The diff coverage is `n/a`.
   
   ```diff
   @@Coverage Diff@@
   ## master #324   +/-   ##
   =
 Coverage 70.89%   70.89%   
 Complexity 3432 3432   
   =
 Files   334  334   
 Lines 1696816968   
 Branches   2607 2607   
   =
 Hits  1203012030   
 Misses 3919 3919   
 Partials   1019 1019   
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD 
build times. [Learn 
more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-imaging]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #324:
URL: https://github.com/apache/commons-imaging/pull/324

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-exec]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #128:
URL: https://github.com/apache/commons-exec/pull/128

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-daemon]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #115:
URL: https://github.com/apache/commons-daemon/pull/115

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

Re: [PR] Bump org.mockito:mockito-core from 4.11.0 to 5.5.0 [commons-configuration]

2023-10-06 Thread via GitHub



dependabot[bot] closed pull request #314: Bump org.mockito:mockito-core from 
4.11.0 to 5.5.0
URL: https://github.com/apache/commons-configuration/pull/314


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump org.mockito:mockito-core from 4.11.0 to 5.6.0 [commons-configuration]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #323:
URL: https://github.com/apache/commons-configuration/pull/323

   Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 
4.11.0 to 5.6.0.
   
   Release notes
   Sourced from https://github.com/mockito/mockito/releases;>org.mockito:mockito-core's 
releases.
   
   v5.6.0
   Changelog generated 
by https://github.com/shipkit/shipkit-changelog;>Shipkit Changelog 
Gradle Plugin
   5.6.0
   
   2023-10-06 - https://github.com/mockito/mockito/compare/v5.5.0...v5.6.0;>22 
commit(s) by Andreas Turban, Stefan M, StevenCurran, Yevhen Lazhyntsev, 
dependabot[bot]
   Use spdx identifier for license name [(https://redirect.github.com/mockito/mockito/issues/3134;>#3134)](https://redirect.github.com/mockito/mockito/pull/3134;>mockito/mockito#3134)
   Fixes https://redirect.github.com/mockito/mockito/issues/1382;>#1382 
Jupiter Captor annotation support [(https://redirect.github.com/mockito/mockito/issues/3133;>#3133)](https://redirect.github.com/mockito/mockito/pull/3133;>mockito/mockito#3133)
   Bump com.gradle.enterprise from 3.15 to 3.15.1 [(https://redirect.github.com/mockito/mockito/issues/3132;>#3132)](https://redirect.github.com/mockito/mockito/pull/3132;>mockito/mockito#3132)
   Bump com.google.googlejavaformat:google-java-format from 1.18.0 to 
1.18.1 [(https://redirect.github.com/mockito/mockito/issues/3131;>#3131)](https://redirect.github.com/mockito/mockito/pull/3131;>mockito/mockito#3131)
   Make MockUtil.getMockMaker() public Mockito API [(https://redirect.github.com/mockito/mockito/issues/3129;>#3129)](https://redirect.github.com/mockito/mockito/pull/3129;>mockito/mockito#3129)
   Make MockUtil.getMockMaker() public or public Mockito API [(https://redirect.github.com/mockito/mockito/issues/3128;>#3128)](https://redirect.github.com/mockito/mockito/issues/3128;>mockito/mockito#3128)
   Bump com.google.googlejavaformat:google-java-format from 1.17.0 to 
1.18.0 [(https://redirect.github.com/mockito/mockito/issues/3126;>#3126)](https://redirect.github.com/mockito/mockito/pull/3126;>mockito/mockito#3126)
   Bump com.diffplug.spotless from 6.21.0 to 6.22.0 [(https://redirect.github.com/mockito/mockito/issues/3125;>#3125)](https://redirect.github.com/mockito/mockito/pull/3125;>mockito/mockito#3125)
   Bump versions.errorprone from 2.21.1 to 2.22.0 [(https://redirect.github.com/mockito/mockito/issues/3122;>#3122)](https://redirect.github.com/mockito/mockito/pull/3122;>mockito/mockito#3122)
   Bump versions.bytebuddy from 1.14.7 to 1.14.8 [(https://redirect.github.com/mockito/mockito/issues/3117;>#3117)](https://redirect.github.com/mockito/mockito/pull/3117;>mockito/mockito#3117)
   Bump com.gradle.enterprise from 3.14.1 to 3.15 [(https://redirect.github.com/mockito/mockito/issues/3115;>#3115)](https://redirect.github.com/mockito/mockito/pull/3115;>mockito/mockito#3115)
   Bump org.eclipse.platform:org.eclipse.osgi from 3.18.400 to 3.18.500 
[(https://redirect.github.com/mockito/mockito/issues/3113;>#3113)](https://redirect.github.com/mockito/mockito/pull/3113;>mockito/mockito#3113)
   Bump com.github.ben-manes.versions from 0.47.0 to 0.48.0 [(https://redirect.github.com/mockito/mockito/issues/3110;>#3110)](https://redirect.github.com/mockito/mockito/pull/3110;>mockito/mockito#3110)
   Bump actions/checkout from 3 to 4 [(https://redirect.github.com/mockito/mockito/issues/3108;>#3108)](https://redirect.github.com/mockito/mockito/pull/3108;>mockito/mockito#3108)
   Bump com.diffplug.spotless from 6.20.0 to 6.21.0 [(https://redirect.github.com/mockito/mockito/issues/3106;>#3106)](https://redirect.github.com/mockito/mockito/pull/3106;>mockito/mockito#3106)
   Bump versions.bytebuddy from 1.14.6 to 1.14.7 [(https://redirect.github.com/mockito/mockito/issues/3105;>#3105)](https://redirect.github.com/mockito/mockito/pull/3105;>mockito/mockito#3105)
   Update Javadoc for ArgumentCaptor [(https://redirect.github.com/mockito/mockito/issues/3103;>#3103)](https://redirect.github.com/mockito/mockito/pull/3103;>mockito/mockito#3103)
   Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.0 to 1.9.10 [(https://redirect.github.com/mockito/mockito/issues/3102;>#3102)](https://redirect.github.com/mockito/mockito/pull/3102;>mockito/mockito#3102)
   Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.0 to 1.9.10 [(https://redirect.github.com/mockito/mockito/issues/3101;>#3101)](https://redirect.github.com/mockito/mockito/pull/3101;>mockito/mockito#3101)
   Bump org.codehaus.groovy:groovy from 3.0.18 to 3.0.19 [(https://redirect.github.com/mockito/mockito/issues/3100;>#3100)](https://redirect.github.com/mockito/mockito/pull/3100;>mockito/mockito#3100)
   Resolve more Gradle Tasks lazily [(https://redirect.github.com/mockito/mockito/issues/3099;>#3099)](https://redirect.github.com/mockito/mockito/pull/3099;>mockito/mockito#3099)
   Added JavaFlightRecorder options for Tests

[GH] (commons-configuration): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-configuration.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump org.mockito:mockito-core from 4.11.0 to 5.6.0

Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 
4.11.0 to 5.6.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 

Report URL: 
https://github.com/apache/commons-configuration/actions/runs/6434350081

With regards,
GitHub Actions via GitBox

[GH] (commons-configuration): Workflow run "Coverage" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Coverage" on commons-configuration.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump org.mockito:mockito-core from 4.11.0 to 5.6.0

Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 
4.11.0 to 5.6.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 

Report URL: 
https://github.com/apache/commons-configuration/actions/runs/6434350083

With regards,
GitHub Actions via GitBox

[GH] (commons-configuration): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-configuration.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump org.mockito:mockito-core from 4.11.0 to 5.6.0

Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 
4.11.0 to 5.6.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 

Report URL: 
https://github.com/apache/commons-configuration/actions/runs/6434349933

With regards,
GitHub Actions via GitBox

[GH] (commons-configuration): Workflow run "Coverage" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Coverage" on commons-configuration.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump org.mockito:mockito-core from 4.11.0 to 5.6.0

Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 
4.11.0 to 5.6.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 

Report URL: 
https://github.com/apache/commons-configuration/actions/runs/6434349935

With regards,
GitHub Actions via GitBox

Re: [PR] Bump org.mockito:mockito-core from 4.11.0 to 5.5.0 [commons-configuration]

2023-10-06 Thread via GitHub



dependabot[bot] commented on PR #314:
URL: 
https://github.com/apache/commons-configuration/pull/314#issuecomment-1751102863

   Superseded by #323.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-lang]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #1118:
URL: https://github.com/apache/commons-lang/pull/1118

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-codec]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #211:
URL: https://github.com/apache/commons-codec/pull/211

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[GH] (commons-lang): Workflow run "Java CI" is working again!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-lang.git has succeeded.
Run started by GitHub user asfgit (triggered by garydgregory).

Head commit for run:
e2426182c81d371e3c1ea3410156528e7c7944b3 / Gary Gregory 
Javadoc

Report URL: https://github.com/apache/commons-lang/actions/runs/6432434044

With regards,
GitHub Actions via GitBox

[GH] (commons-lang): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-lang.git has failed.
Run started by GitHub user asfgit (triggered by asfgit).

Head commit for run:
e2426182c81d371e3c1ea3410156528e7c7944b3 / Gary Gregory 
Javadoc

Report URL: https://github.com/apache/commons-lang/actions/runs/6432434044

With regards,
GitHub Actions via GitBox

[Math] Change on branch "master": Commons » commons-math - Build # 601 - Still Failing!

2023-10-06 Thread Apache Jenkins Server

Commons » commons-math - Build # 601 - Still Failing:

Check console output at 
https://ci-builds.apache.org/job/Commons/job/commons-math/601/ to view the 
results.

Re: [PR] Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 [commons-parent]

2023-10-06 Thread via GitHub



dependabot[bot] commented on PR #316:
URL: https://github.com/apache/commons-parent/pull/316#issuecomment-1750649664

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`. You can also ignore 
all major, minor, or patch releases for a dependency by adding an [`ignore` 
condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore)
 with the desired `update_types` to your config file.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-csv]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #362:
URL: https://github.com/apache/commons-csv/pull/362

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[Math] Change on branch "master": Commons » commons-math - Build # 600 - Still Failing!

2023-10-06 Thread Apache Jenkins Server

Commons » commons-math - Build # 600 - Still Failing:

Check console output at 
https://ci-builds.apache.org/job/Commons/job/commons-math/600/ to view the 
results.

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-jexl]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #201:
URL: https://github.com/apache/commons-jexl/pull/201

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[GH] (commons-net): Workflow run "Java CI" is working again!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-net.git has succeeded.
Run started by GitHub user asfgit (triggered by asfgit).

Head commit for run:
dd8d4ce022c2aa3ced88dfa9a21da96fce4a63aa / Gary Gregory 
Revert "Bump commons-parent from 62 to 63"

This reverts commit 44e7c97080978052f388ac2ba9c388ef148dd2ff.

Report URL: https://github.com/apache/commons-net/actions/runs/6431642018

With regards,
GitHub Actions via GitBox

[GH] (commons-net): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-net.git has failed.
Run started by GitHub user asfgit (triggered by asfgit).

Head commit for run:
7f977bcf04ebcf817c8b56e030136a3ae3f4d4cf / Gary Gregory 
Add slot for the next release.

Report URL: https://github.com/apache/commons-net/actions/runs/6431576559

With regards,
GitHub Actions via GitBox

svn commit: r1084343 - /websites/production/commons/content/proper/commons-parent/

2023-10-06 Thread ggregory

Author: ggregory
Date: Fri Oct  6 12:29:57 2023
New Revision: 1084343

Log:
Site checkin for project Apache Commons Parent

Added:
websites/production/commons/content/proper/commons-parent/japicmp.html

websites/production/commons/content/proper/commons-parent/org.apache.commons_commons-parent-63.spdx.json
Removed:

websites/production/commons/content/proper/commons-parent/org.apache.commons_commons-parent-62.spdx.json
Modified:

websites/production/commons/content/proper/commons-parent/changes-report.html
websites/production/commons/content/proper/commons-parent/ci-management.html

websites/production/commons/content/proper/commons-parent/dependency-convergence.html

websites/production/commons/content/proper/commons-parent/dependency-info.html

websites/production/commons/content/proper/commons-parent/dependency-management.html

websites/production/commons/content/proper/commons-parent/distribution-management.html
websites/production/commons/content/proper/commons-parent/index.html

websites/production/commons/content/proper/commons-parent/issue-management.html
websites/production/commons/content/proper/commons-parent/jira-report.html
websites/production/commons/content/proper/commons-parent/mailing-lists.html
websites/production/commons/content/proper/commons-parent/project-info.html

websites/production/commons/content/proper/commons-parent/project-reports.html
websites/production/commons/content/proper/commons-parent/rat-report.html
websites/production/commons/content/proper/commons-parent/scm.html
websites/production/commons/content/proper/commons-parent/summary.html

websites/production/commons/content/proper/commons-parent/surefire-report.html

Modified: 
websites/production/commons/content/proper/commons-parent/changes-report.html
==
--- 
websites/production/commons/content/proper/commons-parent/changes-report.html 
(original)
+++ 
websites/production/commons/content/proper/commons-parent/changes-report.html 
Fri Oct  6 12:29:57 2023
@@ -1,6 +1,6 @@
 
 
 http://www.w3.org/1999/xhtml; xml:lang="en" lang="en">
@@ -8,7 +8,7 @@
 
 
 
-
+
 
 Apache Commons  Apache Commons Parent Release 
Notes
 
@@ -37,8 +37,8 @@
   https://commons.apache.org/proper/commons-parent/;>Apache Commons Parent 

 
 
-  Last Published: 06 September 2023
-| Version: 62
+  Last Published: 06 October 2023
+| Version: 63
   
 
 
@@ -70,7 +70,7 @@
   
 Project Information
 
-   

+   

  
   
 Project Reports
 
@@ -90,6 +90,10 @@
   
 Rat Report
   
+ 
+  
+japicmp
+  

   
  
@@ -143,11 +147,11 @@
 Commons Build Plugin
   
  
-  
+  
 Commons Release Plugin
   
  
-  
+  
 Site Publication
   
  
@@ -210,178 +214,220 @@
 Date
 Description
 
+63
+2023-10-02
+Version 63: Maintenance and update dependencies
+
 62
 2023-09-02
 Version 62: Maintenance and update dependencies
-
+
 61
 2023-08-26
 Version 61: Maintenance and update dependencies
-
+
 60
 2023-08-20
 Version 60: Maintenance and update dependencies
-
+
 59
 2023-07-22
 Version 59: Maintenance and update dependencies
-
+
 58
 2023-05-20
 Version 58: Maintenance and update dependencies
-
+
 57
 2023-04-22
 Version 57: Maintenance and update dependencies
-
+
 56
 2022-12-30
 Version 56: Maintenance and update dependencies
-
+
 55
 2022-12-07
 Version 55: Maintenance and update dependencies
-
+
 54
 2022-09-18
 Version 54: SBOMs, drop JDepend, replace FindBugs with SpotBugs, 
dependency bumps.
-
+
 53
 2022-03-31
 WARNING: checkstyle version has been updated; there are breaking changes 
which may require updates to checkstyle.xml files
-
+
 52
 2020-07-30
 Add support for Java 15.
-
+
 51
 2020-06-23
 Fix incompatibilty issues with Java 7  Add support for Java 13.  Update 
various plugin versions.
-
+
 50
 2019-12-17
 Update site generation.  Updates to commons-skin:4.2, fixes custom 
footer copyright notice and removes redundant site.xml head element.  
Removes jacoco aggregate reports and changes conditional japicmp plugin to 
require Java 8 and activate via opt-in

[GH] (commons-net): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-net.git has failed.
Run started by GitHub user asfgit (triggered by asfgit).

Head commit for run:
44e7c97080978052f388ac2ba9c388ef148dd2ff / Gary Gregory 
Bump commons-parent from 62 to 63

Report URL: https://github.com/apache/commons-net/actions/runs/6431615259

With regards,
GitHub Actions via GitBox

[PR] Bump org.ow2.asm:asm-util from 9.5 to 9.6 [commons-pool]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #252:
URL: https://github.com/apache/commons-pool/pull/252

   Bumps org.ow2.asm:asm-util from 9.5 to 9.6.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.ow2.asm:asm-util=maven=9.5=9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-pool]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #251:
URL: https://github.com/apache/commons-pool/pull/251

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.9 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

[PR] Bump org.ow2.asm:asm from 9.5 to 9.6 [commons-jexl]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #200:
URL: https://github.com/apache/commons-jexl/pull/200

   Bumps org.ow2.asm:asm from 9.5 to 9.6.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.ow2.asm:asm=maven=9.5=9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GH] (commons-parent): Workflow run "Java CI" is working again!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-parent.git has succeeded.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
a44a3482116a90fccc233bc585028fa4cd33545e / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4

Bumps 
[com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) 
from 10.12.3 to 10.12.4.
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- 
[Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.3...checkstyle-10.12.4)

---
updated-dependencies:
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 

Report URL: https://github.com/apache/commons-parent/actions/runs/6431296690

With regards,
GitHub Actions via GitBox

[GH] (commons-parent): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-parent.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
4ee184d5f9f226eb418a37043bdfbf29dcdd8082 / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump biz.aQute.bnd:biz.aQute.bndlib from 6.4.1 to 7.0.0

Bumps [biz.aQute.bnd:biz.aQute.bndlib](https://github.com/bndtools/bnd) from 
6.4.1 to 7.0.0.
- [Release notes](https://github.com/bndtools/bnd/releases)
- 
[Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/compare/6.4.1...7.0.0)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:biz.aQute.bndlib
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 

Report URL: https://github.com/apache/commons-parent/actions/runs/6431294888

With regards,
GitHub Actions via GitBox

[GH] (commons-parent): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-parent.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
4ee184d5f9f226eb418a37043bdfbf29dcdd8082 / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump biz.aQute.bnd:biz.aQute.bndlib from 6.4.1 to 7.0.0

Bumps [biz.aQute.bnd:biz.aQute.bndlib](https://github.com/bndtools/bnd) from 
6.4.1 to 7.0.0.
- [Release notes](https://github.com/bndtools/bnd/releases)
- 
[Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/compare/6.4.1...7.0.0)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:biz.aQute.bndlib
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 

Report URL: https://github.com/apache/commons-parent/actions/runs/6431294767

With regards,
GitHub Actions via GitBox

[PR] Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 [commons-parent]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #316:
URL: https://github.com/apache/commons-parent/pull/316

   Bumps 
[com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) 
from 10.12.3 to 10.12.4.
   
   Release notes
   Sourced from https://github.com/checkstyle/checkstyle/releases;>com.puppycrawl.tools:checkstyle's
 releases.
   
   checkstyle-10.12.4
   Checkstyle 10.12.4 - https://checkstyle.org/releasenotes.html#Release_10.12.4;>https://checkstyle.org/releasenotes.html#Release_10.12.4
   Bug fixes:
   https://redirect.github.com/checkstyle/checkstyle/issues/13745;>#13745
 - MissingDeprecated shows unclear message on not closed html tag
   
   
   
   
   Commits
   
   https://github.com/checkstyle/checkstyle/commit/9921e5350146ba8469f9adbdbc07492fd8eddf7a;>9921e53
 [maven-release-plugin] prepare release checkstyle-10.12.4
   https://github.com/checkstyle/checkstyle/commit/4f5e01f9fb331deb0eb1c43a1dedf402c29a37bb;>4f5e01f
 doc: release notes for 10.12.4
   https://github.com/checkstyle/checkstyle/commit/35da727b92bbc24d331cdba1578d65c8444b9b43;>35da727
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13745;>#13745:
 MissingDeprecated shows unclear message on not closed html tag
   https://github.com/checkstyle/checkstyle/commit/83788d6ff5fb659f8590906557c46b79a018f21e;>83788d6
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13809;>#13809:
 Kill mutation in pitest-api profile
   https://github.com/checkstyle/checkstyle/commit/56af76110fd2b6acee4e47db63b7bd4511dc6c15;>56af761
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13672;>#13672:
 Kill mutation using utility class
   https://github.com/checkstyle/checkstyle/commit/351bbc1ecf4cdcf158b5295c2b2f1c602cdbfc8a;>351bbc1
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13672;>#13672:
 Kill mutation in Common Profile
   https://github.com/checkstyle/checkstyle/commit/afd0c2d992d56ece05342521d1ca4da312831625;>afd0c2d
 dependency: bump commons-io:commons-io from 2.13.0 to 2.14.0
   https://github.com/checkstyle/checkstyle/commit/a69c482f5be6e5f9b5c192b76cd3019e081c0363;>a69c482
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13666;>#13666:
 final fix for ordering of properties in modules
   https://github.com/checkstyle/checkstyle/commit/2ab52c61a6634c2c01cb7b5750867902d12c58df;>2ab52c6
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13345;>#13345:
 Enable Test Cases for MethodNameCheckExamplesTest
   https://github.com/checkstyle/checkstyle/commit/ee804d013a168e2902a7256b08b17da8c5baa70a;>ee804d0
 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13672;>#13672:
 Kill mutation for ImportControlLoader
   Additional commits viewable in https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.3...checkstyle-10.12.4;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.puppycrawl.tools:checkstyle=maven=10.12.3=10.12.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific

[PR] Bump biz.aQute.bnd:biz.aQute.bndlib from 6.4.1 to 7.0.0 [commons-parent]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #315:
URL: https://github.com/apache/commons-parent/pull/315

   Bumps [biz.aQute.bnd:biz.aQute.bndlib](https://github.com/bndtools/bnd) from 
6.4.1 to 7.0.0.
   
   Commits
   
   https://github.com/bndtools/bnd/commit/b82dc867a7920edfcf32cb2cfa408795f4af6aea;>b82dc86
 build: Build Release 7.0.0
   https://github.com/bndtools/bnd/commit/7fddd3ee8a3f80a26321e5c7d1895c2b1b66c43a;>7fddd3e
 build: Build Release 7.0.0.RC3
   https://github.com/bndtools/bnd/commit/5f700d220c86687c2243494c803b8996f9dc125e;>5f700d2
 Handle the internal refactoring packages moving bundles
   https://github.com/bndtools/bnd/commit/b764ee87b3135848574820e3ba9ff2265c8d615b;>b764ee8
 build: Build Release 7.0.0.RC2
   https://github.com/bndtools/bnd/commit/1b4ca76fb8b5794aeaf5a6001ec9bb8f0ae8e66f;>1b4ca76
 Removes Require-Capability for osgi.service AnyService
   https://github.com/bndtools/bnd/commit/d185adeb2be9b300dc2171970cc2c149ab9277dd;>d185ade
 Fix MojoExecutionException in m2e plugin when using maven-jar-plugin 3.x
   https://github.com/bndtools/bnd/commit/709285cfa06c1c5265e69bd22697ca70bbd280b6;>709285c
 build: Build Release 7.0.0.RC1
   https://github.com/bndtools/bnd/commit/7d05252afba47a32747e161e32a4149f42efab59;>7d05252
 Merge pull request https://redirect.github.com/bndtools/bnd/issues/5765;>#5765 from 
DataInMotion/5761
   https://github.com/bndtools/bnd/commit/40e21c37b3f1faa74a54181026468e9dd4d0a7b4;>40e21c3
 Merge pull request https://redirect.github.com/bndtools/bnd/issues/5769;>#5769 from 
bndtools/dependabot/github_actions/actions/uplo...
   https://github.com/bndtools/bnd/commit/daca980a43f13c198922cbf88fe10e2c957cb0d7;>daca980
 build(deps): Bump actions/upload-artifact from 3.1.2 to 3.1.3
   Additional commits viewable in https://github.com/bndtools/bnd/compare/6.4.1...7.0.0;>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=biz.aQute.bnd:biz.aQute.bndlib=maven=6.4.1=7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

svn commit: r1084342 - in /websites/production/commons/content/proper/commons-net: ./ apidocs/ apidocs/legal/ apidocs/org/apache/commons/net/ apidocs/org/apache/commons/net/bsd/ apidocs/org/apache/com

2023-10-06 Thread ggregory

Author: ggregory
Date: Fri Oct  6 11:58:26 2023
New Revision: 1084342

Log:
Site checkin for project Apache Commons Net


[This commit notification would consist of 417 parts, 
which exceeds the limit of 50 ones, so it was shortened to the summary.]

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-parent]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #314:
URL: https://github.com/apache/commons-parent/pull/314

   Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
   
   Commits
   
   https://github.com/github/codeql-action/commit/2cb752a87e96af96708ab57187ab6372ee1973ab;>2cb752a
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1924;>#1924 
from github/update-v2.22.0-3f7850a17
   https://github.com/github/codeql-action/commit/e50f53baa18da7571fefe4e56edeba46be9f183b;>e50f53b
 Add changelog note for tracing Go 1.21
   https://github.com/github/codeql-action/commit/0a65c007f6b702f7d53f89a44248406aae709942;>0a65c00
 Update changelog for v2.22.0
   https://github.com/github/codeql-action/commit/3f7850a17964ee76fbc058c4cf3360bfd6840486;>3f7850a
 Improve downloading log message (https://redirect.github.com/github/codeql-action/issues/1920;>#1920)
   https://github.com/github/codeql-action/commit/27235304e07da3d62be5a72ef5df0f30d8a4e137;>2723530
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1923;>#1923 
from github/henrymercer/fix-resolve-environment-aliases
   https://github.com/github/codeql-action/commit/8f0e8b0890952ad94f9d4f1a44170b0f27723054;>8f0e8b0
 Tweak language parsing to improve clarity
   https://github.com/github/codeql-action/commit/f243294ab74b285a547a838884ca660a740ce2a6;>f243294
 Extend PR check to test resolve-environment works with language 
alias
   https://github.com/github/codeql-action/commit/1ea6a10947dbce58fd4e0ff685cdec23e7f50145;>1ea6a10
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1909;>#1909 
from github/mbg/go-1.21-workaround
   https://github.com/github/codeql-action/commit/e26ed57a228512338332f937ef0f121a739d548c;>e26ed57
 Defer language aliasing to CLI when appropriate
   https://github.com/github/codeql-action/commit/0ac7669167fa236dc2e1eec93d82674b1a265327;>0ac7669
 Fix using resolve-environment Action with language aliases
   Additional commits viewable in https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action=github_actions=2.21.9=2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump github/codeql-action from 2.21.8 to 2.21.9 [commons-skin]

2023-10-06 Thread via GitHub



dependabot[bot] closed pull request #83: Bump github/codeql-action from 2.21.8 
to 2.21.9
URL: https://github.com/apache/commons-skin/pull/83


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.8 to 2.22.0 [commons-skin]

2023-10-06 Thread via GitHub

dependabot[bot] opened a new pull request, #85:
URL: https://github.com/apache/commons-skin/pull/85

Bumps [github/codeql-action](https://github.com/github/codeql-action) from
2.21.8 to 2.22.0.

Changelog
Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's
changelog.

CodeQL Action Changelog
See the https://github.com/github/codeql-action/releases;>releases page for
the relevant changes to the CodeQL CLI and language packs.
[UNRELEASED]

2.21.9 - 27 Sep 2023

2.21.8 - 19 Sep 2023

2.21.7 - 14 Sep 2023

Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882

2.21.6 - 13 Sep 2023

2.21.5 - 28 Aug 2023

2.21.4 - 14 Aug 2023

Update default CodeQL bundle version to 2.14.2.

[GH] (commons-vfs): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-vfs.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
5661c39a808d2b5c368ac90b7e2713194703efe9 / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump github/codeql-action from 2.21.9 to 2.22.0

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- 
[Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 

Report URL: https://github.com/apache/commons-vfs/actions/runs/6430803621

With regards,
GitHub Actions via GitBox

Re: [PR] Bump github/codeql-action from 2.21.8 to 2.21.9 [commons-skin]

2023-10-06 Thread via GitHub



dependabot[bot] commented on PR #83:
URL: https://github.com/apache/commons-skin/pull/83#issuecomment-1750454314

   Superseded by #85.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GH] (commons-vfs): Workflow run "Java CI" failed!

2023-10-06 Thread GitBox



The GitHub Actions job "Java CI" on commons-vfs.git has failed.
Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).

Head commit for run:
5661c39a808d2b5c368ac90b7e2713194703efe9 / dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
Bump github/codeql-action from 2.21.9 to 2.22.0

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- 
[Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 

Report URL: https://github.com/apache/commons-vfs/actions/runs/6430803518

With regards,
GitHub Actions via GitBox

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-crypto]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #252:
URL: https://github.com/apache/commons-crypto/pull/252

   Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
   
   Commits
   
   https://github.com/github/codeql-action/commit/2cb752a87e96af96708ab57187ab6372ee1973ab;>2cb752a
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1924;>#1924 
from github/update-v2.22.0-3f7850a17
   https://github.com/github/codeql-action/commit/e50f53baa18da7571fefe4e56edeba46be9f183b;>e50f53b
 Add changelog note for tracing Go 1.21
   https://github.com/github/codeql-action/commit/0a65c007f6b702f7d53f89a44248406aae709942;>0a65c00
 Update changelog for v2.22.0
   https://github.com/github/codeql-action/commit/3f7850a17964ee76fbc058c4cf3360bfd6840486;>3f7850a
 Improve downloading log message (https://redirect.github.com/github/codeql-action/issues/1920;>#1920)
   https://github.com/github/codeql-action/commit/27235304e07da3d62be5a72ef5df0f30d8a4e137;>2723530
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1923;>#1923 
from github/henrymercer/fix-resolve-environment-aliases
   https://github.com/github/codeql-action/commit/8f0e8b0890952ad94f9d4f1a44170b0f27723054;>8f0e8b0
 Tweak language parsing to improve clarity
   https://github.com/github/codeql-action/commit/f243294ab74b285a547a838884ca660a740ce2a6;>f243294
 Extend PR check to test resolve-environment works with language 
alias
   https://github.com/github/codeql-action/commit/1ea6a10947dbce58fd4e0ff685cdec23e7f50145;>1ea6a10
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1909;>#1909 
from github/mbg/go-1.21-workaround
   https://github.com/github/codeql-action/commit/e26ed57a228512338332f937ef0f121a739d548c;>e26ed57
 Defer language aliasing to CLI when appropriate
   https://github.com/github/codeql-action/commit/0ac7669167fa236dc2e1eec93d82674b1a265327;>0ac7669
 Fix using resolve-environment Action with language aliases
   Additional commits viewable in https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action=github_actions=2.21.9=2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-vfs]

2023-10-06 Thread via GitHub



dependabot[bot] opened a new pull request, #434:
URL: https://github.com/apache/commons-vfs/pull/434

   Bumps [github/codeql-action](https://github.com/github/codeql-action) from 
2.21.9 to 2.22.0.
   
   Commits
   
   https://github.com/github/codeql-action/commit/2cb752a87e96af96708ab57187ab6372ee1973ab;>2cb752a
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1924;>#1924 
from github/update-v2.22.0-3f7850a17
   https://github.com/github/codeql-action/commit/e50f53baa18da7571fefe4e56edeba46be9f183b;>e50f53b
 Add changelog note for tracing Go 1.21
   https://github.com/github/codeql-action/commit/0a65c007f6b702f7d53f89a44248406aae709942;>0a65c00
 Update changelog for v2.22.0
   https://github.com/github/codeql-action/commit/3f7850a17964ee76fbc058c4cf3360bfd6840486;>3f7850a
 Improve downloading log message (https://redirect.github.com/github/codeql-action/issues/1920;>#1920)
   https://github.com/github/codeql-action/commit/27235304e07da3d62be5a72ef5df0f30d8a4e137;>2723530
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1923;>#1923 
from github/henrymercer/fix-resolve-environment-aliases
   https://github.com/github/codeql-action/commit/8f0e8b0890952ad94f9d4f1a44170b0f27723054;>8f0e8b0
 Tweak language parsing to improve clarity
   https://github.com/github/codeql-action/commit/f243294ab74b285a547a838884ca660a740ce2a6;>f243294
 Extend PR check to test resolve-environment works with language 
alias
   https://github.com/github/codeql-action/commit/1ea6a10947dbce58fd4e0ff685cdec23e7f50145;>1ea6a10
 Merge pull request https://redirect.github.com/github/codeql-action/issues/1909;>#1909 
from github/mbg/go-1.21-workaround
   https://github.com/github/codeql-action/commit/e26ed57a228512338332f937ef0f121a739d548c;>e26ed57
 Defer language aliasing to CLI when appropriate
   https://github.com/github/codeql-action/commit/0ac7669167fa236dc2e1eec93d82674b1a265327;>0ac7669
 Fix using resolve-environment Action with language aliases
   Additional commits viewable in https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action=github_actions=2.21.9=2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

60 matches

Mail list logo