dependabot[bot] opened a new pull request, #349: URL: https://github.com/apache/struts-examples/pull/349
Bumps `struts2.version` from 6.3.0.2 to 6.4.0. Updates `org.apache.struts:struts2-core` from 6.3.0.2 to 6.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/struts/releases";>org.apache.struts:struts2-core's releases</a>.</em></p> <blockquote> <h2>Struts 6.4.0</h2> <h2>What's Changed</h2> <ul> <li>WW-5341 Ensure exclusion list applies to objects from all ClassLoaders by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/741";>apache/struts#741</a></li> <li>WW-5342 Add option to block use of default package by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/742";>apache/struts#742</a></li> <li>WW-5339 Misc clean up in CompoundRootAccessor and OgnlValueStackTest by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/745";>apache/struts#745</a></li> <li>WW-5340 Preliminary refactor of OgnlUtil by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/746";>apache/struts#746</a></li> <li>[WW-5346] replace BeanManager::createInjectionTarget by <a href="https://github.com/hepptho";><code>@hepptho</code></a> in <a href="https://redirect.github.com/apache/struts/pull/754";>apache/struts#754</a></li> <li>WW-5340 Introducing OGNL Guard by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/747";>apache/struts#747</a></li> <li>WW-5348 Allow overriding of logging behaviour in DefaultAcceptedPatternsChecker by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/757";>apache/struts#757</a></li> <li>[WW-5338] Removes deprecated OgnlTool by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/758";>apache/struts#758</a></li> <li>[WW-5344] Un-deprecates Sitemesh plugin and upgrades Sitmesh to ver 2.5.0 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/759";>apache/struts#759</a></li> <li>WW-5340 Mild refactor StrutsOgnlGuard for easier subclassing by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/760";>apache/struts#760</a></li> <li>WW-5349 Remove Struts core dependency on OGNL VarRefs by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/763";>apache/struts#763</a></li> <li>WW-5354 Ensure ActionSupport fields are not parameter injectable by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/765";>apache/struts#765</a></li> <li>WW-5355 Integrate W-TinyLfu cache and use by default by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/766";>apache/struts#766</a></li> <li>Improved the StrutsUrlDecoder so that charset retrieval is performed only once. by <a href="https://github.com/mygreen";><code>@mygreen</code></a> in <a href="https://redirect.github.com/apache/struts/pull/773";>apache/struts#773</a></li> <li>WW-5358 Expand exclusion lists by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/774";>apache/struts#774</a></li> <li>WW-5350 Refactor SecurityMemberAccess by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/780";>apache/struts#780</a></li> <li>[WW-5333] Refactors AttributeMap by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/779";>apache/struts#779</a></li> <li>WW-5363 Velocity: read chained contexts before ValueStack by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/789";>apache/struts#789</a></li> <li>WW-5350 Implement OGNL Allowlist capability by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/781";>apache/struts#781</a></li> <li>WW-5363 Remove redundant method from VelocityManager by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/793";>apache/struts#793</a></li> <li>WW-5343 Make SecurityMemberAccess an extensible bean by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/791";>apache/struts#791</a></li> <li>WW-5364 Automatically populate OGNL allowlist by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/800";>apache/struts#800</a></li> <li>WW-5339 Add option to block custom OGNL maps by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/806";>apache/struts#806</a></li> <li>[WW-5370] Makes HttpParameters case-insensitive by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/807";>apache/struts#807</a></li> <li>[WW-5371] Modern upload by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/808";>apache/struts#808</a></li> <li>WW-5364 Add missing system allowlist classes by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/815";>apache/struts#815</a></li> <li>[WW-5373] Update JavaDoc CspReportAction.java by <a href="https://github.com/assachs";><code>@assachs</code></a> in <a href="https://redirect.github.com/apache/struts/pull/814";>apache/struts#814</a></li> <li>[WW-5328] Removes deprecated setters by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/811";>apache/struts#811</a></li> <li>[WW-5362] Removes type attribute out of <!-- raw HTML omitted --> tag by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/812";>apache/struts#812</a></li> <li>WW-5378 Add option to NOT fallback to context lookup when finding value on OgnlValueStack by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/821";>apache/struts#821</a></li> <li>WW-5364 Add String.class to system allowlist by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/828";>apache/struts#828</a></li> <li>WW-5381 Introduce RootAccessor interface for extension point by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/823";>apache/struts#823</a></li> <li>WW-5379 Implement alternative mechanism for Velocity directives to obtain ValueStack by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/822";>apache/struts#822</a></li> <li>WW-5352 Repackage ParametersInterceptor and related classes by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/829";>apache/struts#829</a></li> <li>WW-5381 Introduce extension point for CompoundRootAccessor by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/824";>apache/struts#824</a></li> <li>[WW-5383] Updates RegEx to excludes JARs by default by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/830";>apache/struts#830</a></li> <li>WW-5382 Fix stale injections in Dispatcher by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/826";>apache/struts#826</a></li> <li>WW-5381 Introduce extension point for MethodAccessor by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/825";>apache/struts#825</a></li> <li>WW-5352 Refactor ParametersInterceptor by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/831";>apache/struts#831</a></li> <li>[WW-5365] Reverts changes introduced in WW-5192 to allow evaluate the value attribute of Radio tag by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/835";>apache/struts#835</a></li> <li>WW-5352 Clean up OgnlValueStackTest by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/841";>apache/struts#841</a></li> <li>[WW-5387] Fixes remove() signature by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/844";>apache/struts#844</a></li> <li>[WW-5369] Re-define minimal library set by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/847";>apache/struts#847</a></li> <li>[WW-5374] Allows to prepend reportUri with Servlet context by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/845";>apache/struts#845</a></li> <li>[WW-5357] Adds support for disabled attribute to anchor tag by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/848";>apache/struts#848</a></li> <li>WW-5352 Introducing the StrutsParameter annotation by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/832";>apache/struts#832</a></li> <li>[WW-5360] Introduces additional countStr & indexStr to allow to ignore conversion by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/852";>apache/struts#852</a></li> <li>WW-5391 Add interface for VelocityManager extension point by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/867";>apache/struts#867</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/apache/struts/commits";>compare view</a></li> </ul> </details> <br /> Updates `org.apache.struts:struts2-config-browser-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-convention-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-bean-validation-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-junit-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-jfreechart-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-json-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-spring-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-portlet-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-dwr-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-portlet-tiles-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-rest-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-tiles-plugin` from 6.3.0.2 to 6.4.0 Updates `org.apache.struts:struts2-jasperreports-plugin` from 6.3.0.2 to 6.4.0 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
