dependabot[bot] opened a new pull request, #2124: URL: https://github.com/apache/activemq/pull/2124
Bumps `shiro-version` from 2.2.0 to 2.2.1. Updates `org.apache.shiro:shiro-core` from 2.2.0 to 2.2.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/shiro/releases";>org.apache.shiro:shiro-core's releases</a>.</em></p> <blockquote> <h2>Apache Shiro 2.2.1</h2> <h2>Bug fixes</h2> <ul> <li>chore(jacoco): added exclusion for weld client proxy by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2769";>apache/shiro#2769</a></li> </ul> <h2>Security Improvements</h2> <ul> <li><a href="https://redirect.github.com/apache/shiro/issues/2704";>#2704</a> <a href="https://redirect.github.com/apache/shiro/issues/2710";>#2710</a> Fixed Session fixation-related regressions by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2711";>apache/shiro#2711</a></li> <li><a href="https://redirect.github.com/apache/shiro/issues/2758";>#2758</a> Deprecate RandomSessionIdGenerator due to insufficient entropy by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2770";>apache/shiro#2770</a></li> <li><a href="https://github.com/apache/shiro/commit/bd278bcc360938161abb7c4740c8e1c4a1e44831";>enh(jakarta-ee): strip out the host part of the referer header</a></li> <li><a href="https://github.com/apache/shiro/commit/9063406e70acbb90a6d1c1f3c69e01b8893bd1dd";>Using Rdn.escapeValues()</a></li> </ul> <h2>Improvements</h2> <ul> <li>Switch pre-commit to ASF approved prek-action by <a href="https://github.com/jbampton";><code>@jbampton</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2705";>apache/shiro#2705</a></li> <li>Add AGENTS.md + SECURITY.md linking the project's security model by <a href="https://github.com/potiuk";><code>@potiuk</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2702";>apache/shiro#2702</a></li> <li>[CI] Add pre-commit hook to validate the CITATION file; Add missing required field <code>message</code> by <a href="https://github.com/jbampton";><code>@jbampton</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2717";>apache/shiro#2717</a></li> <li>[CI] Add hook to validate dependabot.yml with pre-commit by <a href="https://github.com/jbampton";><code>@jbampton</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2716";>apache/shiro#2716</a></li> <li>chore: add branch protection rules by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2701";>apache/shiro#2701</a></li> <li><a href="https://github.com/apache/shiro/commit/2a1c4da29ca5767c4fcea6cd2551d556e3806272";>chore: removed branch protection from main, update github ruleset to include additional branches</a></li> <li>[CI] Pin to sha all pre-commit hooks and clean up by <a href="https://github.com/jbampton";><code>@jbampton</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2730";>apache/shiro#2730</a></li> <li>Configure EditorConfig for more file types by <a href="https://github.com/jbampton";><code>@jbampton</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2747";>apache/shiro#2747</a></li> <li>Update and expand the CITATION file by <a href="https://github.com/jbampton";><code>@jbampton</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2766";>apache/shiro#2766</a></li> <li><a href="https://redirect.github.com/apache/shiro/issues/2760";>#2760</a> chore: update shiro.doap file with more recent versions and maintainers by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/2768";>apache/shiro#2768</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/potiuk";><code>@potiuk</code></a> made their first contribution in <a href="https://redirect.github.com/apache/shiro/pull/2702";>apache/shiro#2702</a></li> </ul> <h2>Dependency Updates</h2> <ul> <li>chore(deps): bump <a href="https://github.com/zizmorcore/zizmor-pre-commit";>https://github.com/zizmorcore/zizmor-pre-commit</a> from v1.24.1 to 1.25.2 in the pre-commit-hooks group by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2709";>apache/shiro#2709</a></li> <li>chore(deps): bump org.apache:apache from 37 to 38 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2700";>apache/shiro#2700</a></li> <li>chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.6 to 0.25.7 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2699";>apache/shiro#2699</a></li> <li>chore(deps): bump slf4j.version from 2.0.17 to 2.0.18 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2694";>apache/shiro#2694</a></li> <li>chore(deps): bump log4j.version from 2.25.4 to 2.26.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2697";>apache/shiro#2697</a></li> <li>chore(deps): bump org.apache.johnzon:johnzon-jsonb from 1.2.22 to 1.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2698";>apache/shiro#2698</a></li> <li>chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.10 to 3.6.11 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2729";>apache/shiro#2729</a></li> <li>chore(deps): bump org.apache.cxf:cxf-bom from 3.6.10 to 3.6.11 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2728";>apache/shiro#2728</a></li> <li>chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.7 to 0.26.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2727";>apache/shiro#2727</a></li> <li>chore(deps): bump org.omnifaces:omnifaces from 3.14.20 to 3.14.21 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2725";>apache/shiro#2725</a></li> <li>chore(deps): bump org.apache.commons:commons-configuration2 from 2.15.0 to 2.15.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2724";>apache/shiro#2724</a></li> <li>chore(deps): bump the github-actions-dependencies group with 3 updates by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2723";>apache/shiro#2723</a></li> <li>chore(deps-dev): bump arquillian.core.version from 1.10.1.Final to 1.10.2.Final by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2722";>apache/shiro#2722</a></li> <li>chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.10 to 3.6.11 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2721";>apache/shiro#2721</a></li> <li>chore(deps): bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2748";>apache/shiro#2748</a></li> <li>chore(deps): bump ch.qos.logback:logback-core from 1.5.32 to 1.5.34 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2749";>apache/shiro#2749</a></li> <li>chore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.14 to 0.8.15 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2765";>apache/shiro#2765</a></li> <li>chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2756";>apache/shiro#2756</a></li> <li>chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.1 to 5.0.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2753";>apache/shiro#2753</a></li> <li>chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.6 to 3.3.7 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2750";>apache/shiro#2750</a></li> <li>chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.26.0 to 0.26.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2751";>apache/shiro#2751</a></li> <li>chore(deps): bump bytebuddy.version from 1.18.8 to 1.18.10 by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/apache/shiro/pull/2752";>apache/shiro#2752</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/apache/shiro/compare/shiro-root-2.2.0...shiro-root-2.2.1";>https://github.com/apache/shiro/compare/shiro-root-2.2.0...shiro-root-2.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/shiro/commit/9182c1df7b1363f8095fbe3d1ac728d0354bf8c1";><code>9182c1d</code></a> [maven-release-plugin] prepare release shiro-root-2.2.1</li> <li><a href="https://github.com/apache/shiro/commit/744128df61c5f6342b891d4ef53f79858f1d6398";><code>744128d</code></a> Deprecate RandomSessionIdGenerator due to insufficient entropy (<a href="https://redirect.github.com/apache/shiro/issues/2770";>#2770</a>)</li> <li><a href="https://github.com/apache/shiro/commit/e384e9d4c8e2f4fa6661cd631d84e8c48b091680";><code>e384e9d</code></a> chore(jacoco): added exclusion for weld client proxy (<a href="https://redirect.github.com/apache/shiro/issues/2769";>#2769</a>)</li> <li><a href="https://github.com/apache/shiro/commit/eed8ab006e12633810889678024d865c62422b3f";><code>eed8ab0</code></a> chore: update shiro.doap file with more recent versions and maintainers (<a href="https://redirect.github.com/apache/shiro/issues/2768";>#2768</a>)</li> <li><a href="https://github.com/apache/shiro/commit/049952468f7b36553ebd99d913597d0db3917395";><code>0499524</code></a> chore(deps): bump bytebuddy.version from 1.18.8 to 1.18.10 (<a href="https://redirect.github.com/apache/shiro/issues/2752";>#2752</a>)</li> <li><a href="https://github.com/apache/shiro/commit/bc928d0e4c434f888df72b12775b1ce2e468dd52";><code>bc928d0</code></a> Update and expand the CITATION file (<a href="https://redirect.github.com/apache/shiro/issues/2766";>#2766</a>)</li> <li><a href="https://github.com/apache/shiro/commit/dd5d0966dccc033c92d09080d7218fe714754717";><code>dd5d096</code></a> Configure EditorConfig for more file types (<a href="https://redirect.github.com/apache/shiro/issues/2747";>#2747</a>)</li> <li><a href="https://github.com/apache/shiro/commit/3b54e7132583cf903a08064e3a0a5b2552f1e6f7";><code>3b54e71</code></a> [CI] Pin to sha all pre-commit hooks and clean up (<a href="https://redirect.github.com/apache/shiro/issues/2730";>#2730</a>)</li> <li><a href="https://github.com/apache/shiro/commit/5da6b13e1e4ecd3aed65898c2e1fbe2fe1a6c706";><code>5da6b13</code></a> chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin (<a href="https://redirect.github.com/apache/shiro/issues/2751";>#2751</a>)</li> <li><a href="https://github.com/apache/shiro/commit/169f55a79342123038a3d208bca0a5cfa8cc8c8a";><code>169f55a</code></a> chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom (<a href="https://redirect.github.com/apache/shiro/issues/2750";>#2750</a>)</li> <li>Additional commits viewable in <a href="https://github.com/apache/shiro/compare/shiro-root-2.2.0...shiro-root-2.2.1";>compare view</a></li> </ul> </details> <br /> Updates `org.apache.shiro:shiro-spring` from 2.2.0 to 2.2.1 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information, visit: https://activemq.apache.org/contact
