[GitHub] [cocoon] dependabot[bot] commented on pull request #11: Bump spring.version from 4.3.16.RELEASE to 5.2.0.RELEASE in /parent
dependabot[bot] commented on pull request #11: URL: https://github.com/apache/cocoon/pull/11#issuecomment-645049478 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #10: Bump lucene-core from 2.2.0 to 7.1.0 in /parent
asfgit closed pull request #10: URL: https://github.com/apache/cocoon/pull/10 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #10: Bump lucene-core from 2.2.0 to 7.1.0 in /parent
dependabot[bot] commented on pull request #10: URL: https://github.com/apache/cocoon/pull/10#issuecomment-645049472 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #11: Bump spring.version from 4.3.16.RELEASE to 5.2.0.RELEASE in /parent
asfgit closed pull request #11: URL: https://github.com/apache/cocoon/pull/11 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #12: Bump spring-core from 4.3.16.RELEASE to 5.3.18 in /parent
dependabot[bot] opened a new pull request, #12: URL: https://github.com/apache/cocoon/pull/12 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 4.3.16.RELEASE to 5.3.18. Release notes Sourced from https://github.com/spring-projects/spring-framework/releases;>spring-core's releases. v5.3.18 :star: New Features Restrict access to property paths on Class references https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28261;>#28261 Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28233;>#28233 :lady_beetle: Bug Fixes Move off deprecated API in SessionTransactionData https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28234;>#28234 :notebook_with_decorative_cover: Documentation Introduce warnings in documentation of SerializationUtils https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28246;>#28246 Update copyright date in reference manual https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28237;>#28237 @Transactional test does not execute all JPA lifecycle callback methods https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28228;>#28228 :heart: Contributors We'd like to thank all the contributors who worked on this release! https://github.com/izeye;>@izeye https://github.com/quaff;>@quaff v5.3.17 :star: New Features Using DataClassRowMapper causes No property found for column debug messages in logs https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28179;>#28179 Improve diagnostics in SpEL for large array creation https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28145;>#28145 Support custom HTTP status in client-side REST testing support https://github-redirect.dependabot.com/spring-projects/spring-framework/pull/28105;>#28105 AsyncRestTemplate logging too verbose https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28049;>#28049 :lady_beetle: Bug Fixes java.lang.NoClassDefFoundError: org/springframework/cglib/beans/BeanMapEmitter https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28110;>#28110 CronExpression fails to calculate properly next execution when running on the day of winter daylight saving time https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28095;>#28095 Private init/destroy method may be invoked twice https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28083;>#28083 MappingJacksonValue and Jackson2CodecSupport#registerObjectMappersForType do not work together https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28045;>#28045 SpEL fails to recover from error during MIXED mode compilation https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28043;>#28043 When returning a ResponseEntity with a Flux while the function is suspended, it fails to encode the body https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27809;>#27809 :notebook_with_decorative_cover: Documentation Improve documentation for @EnabledIf and @DisabledIf test support https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28157;>#28157 Links to Spring Security are broken in the reference guide https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28135;>#28135 Document that transaction rollback rules may result in unintentional matches https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28125;>#28125 Improve documentation for TestContext events https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27757;>#27757 Clarify behavior for generics support in BeanUtils.copyProperties https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27259;>#27259 :hammer: Dependency Upgrades ... (truncated) Commits https://github.com/spring-projects/spring-framework/commit/707a24c48b21fc35e8be715afc80f020a24a9714;>707a24c Release v5.3.18 https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15;>002546b Refine PropertyDescriptor filtering https://github.com/spring-projects/spring-framework/commit/1627f57f1f77abe17dd607c75476b9e4cb22ffbb;>1627f57 Disable flaky integration tests for now https://github.com/spring-projects/spring-framework/commit/3811cd4c0a0be3aac6e842cf1890610ce986449d;>3811cd4 Introduce warnings in documentation of SerializationUtils https://github.com/spring-projects/spring-framework/commit/d927e3736483c8f1e0c012fa1027a198fc775f66;>d927e37
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #13: Bump spring-core from 4.3.16.RELEASE to 5.3.19 in /parent
dependabot[bot] opened a new pull request, #13: URL: https://github.com/apache/cocoon/pull/13 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 4.3.16.RELEASE to 5.3.19. Release notes Sourced from https://github.com/spring-projects/spring-framework/releases;>spring-core's releases. v5.3.19 :star: New Features Remove DNS lookups during websocket connection initiation https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28280;>#28280 Add application/graphql+json Media type and MIME type constants https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28271;>#28271 Fix debug log for no matching acceptableTypes https://github-redirect.dependabot.com/spring-projects/spring-framework/pull/28116;>#28116 Provide support for post-processing a LocalValidatorFactoryBean's validator Configuration without requiring sub-classing https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27956;>#27956 :lady_beetle: Bug Fixes Improve documentation and matching algorithm in data binders https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28333;>#28333 NotWritablePropertyException when attempting to declaratively configure ClassLoader properties https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28269;>#28269 BeanPropertyRowMapper's support for direct column name matches is missing in DataClassRowMapper https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28243;>#28243 AbstractListenerReadPublisher does not call ServletOutputStream::isReady() when reading chunked data across network packets https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28241;>#28241 ResponseEntity objects are accumulated in ConcurrentReferenceHashMap https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28232;>#28232 Lambda proxy generation fix causes BeanNotOfRequiredTypeException https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28209;>#28209 CodeGenerationException thrown when using AnnotationMBeanExporter on JDK 17 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28138;>#28138 :hammer: Dependency Upgrades Upgrade to Reactor 2020.0.18 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28329;>#28329 :heart: Contributors We'd like to thank all the contributors who worked on this release! https://github.com/GatinMI;>@GatinMI v5.3.18 :star: New Features Restrict access to property paths on Class references https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28261;>#28261 Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28233;>#28233 :lady_beetle: Bug Fixes Move off deprecated API in SessionTransactionData https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28234;>#28234 :notebook_with_decorative_cover: Documentation Introduce warnings in documentation of SerializationUtils https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28246;>#28246 Update copyright date in reference manual https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28237;>#28237 @Transactional test does not execute all JPA lifecycle callback methods https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28228;>#28228 :heart: Contributors We'd like to thank all the contributors who worked on this release! https://github.com/izeye;>@izeye https://github.com/quaff;>@quaff ... (truncated) Commits https://github.com/spring-projects/spring-framework/commit/cedb5874b72c3311c8c6e2f03a53537590f2e0dc;>cedb587 Release v5.3.19 https://github.com/spring-projects/spring-framework/commit/a7cf19cec5ebd270f97a194d749e2d5701ad2ab7;>a7cf19c Improve documentation and matching algorithm in data binders https://github.com/spring-projects/spring-framework/commit/0cf7f7bd890504061883c48e382dc23e0c5d4df0;>0cf7f7b Polishing https://github.com/spring-projects/spring-framework/commit/949c3d450c35b676b82a4a56ada997cf9a552f1d;>949c3d4 Align plain accessor check https://github.com/spring-projects/spring-framework/commit/3b4ae7b028799e6b9f33e44ead1d9038d0d55b47;>3b4ae7b TomcatHttpHandlerAdapter continues after 0 bytes https://github.com/spring-projects/spring-framework/commit/8b396985534268c59509f60a1f7d50c47a7d2bbd;>8b39698 Upgrade to Reactor 2020.0.18 https://github.com/spring-projects/spring-framework/commit/6fad00ed222c48f9d845bcea9d5a50dcf7c2a169;>6fad00e Ensure dynamic proxy with AOP introduction includes lambda interfaces
[GitHub] [cocoon] dependabot[bot] commented on pull request #12: Bump spring-core from 4.3.16.RELEASE to 5.3.18 in /parent
dependabot[bot] commented on PR #12: URL: https://github.com/apache/cocoon/pull/12#issuecomment-1107117479 Superseded by #13. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] closed pull request #12: Bump spring-core from 4.3.16.RELEASE to 5.3.18 in /parent
dependabot[bot] closed pull request #12: Bump spring-core from 4.3.16.RELEASE to 5.3.18 in /parent URL: https://github.com/apache/cocoon/pull/12 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #14: Bump spring-core from 4.3.16.RELEASE to 5.2.22.RELEASE in /parent
dependabot[bot] opened a new pull request, #14: URL: https://github.com/apache/cocoon/pull/14 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 4.3.16.RELEASE to 5.2.22.RELEASE. Release notes Sourced from https://github.com/spring-projects/spring-framework/releases;>spring-core's releases. v5.2.22.RELEASE :star: New Features Refine CachedIntrospectionResults property introspection https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28446;>#28446 :lady_beetle: Bug Fixes Ignore invalid STOMP frame https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28444;>#28444 v5.2.21.RELEASE :star: New Features Remove DNS lookups during websocket connection initiation https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28281;>#28281 :lady_beetle: Bug Fixes Improve documentation and matching algorithm in data binders https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28334;>#28334 CodeGenerationException thrown when using AnnotationMBeanExporter on JDK 17 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28279;>#28279 ResponseEntity objects are accumulated in ConcurrentReferenceHashMap https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28273;>#28273 NotWritablePropertyException when attempting to declaratively configure ClassLoader properties https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28272;>#28272 v5.2.20.RELEASE :star: New Features Restrict access to property paths on Class references https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28262;>#28262 Improve diagnostics in SpEL for large array creation https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28257;>#28257 v5.2.19.RELEASE :star: New Features Declare serialVersionUID on DefaultAopProxyFactory https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27785;>#27785 Use ByteArrayDecoder in DefaultClientResponse::createException https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27667;>#27667 :lady_beetle: Bug Fixes ProxyFactoryBean getObject called before setInterceptorNames, silently creating an invalid proxy [SPR-7582] https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27817;>#27817 Possible NPE in Spring MVC LogFormatUtils https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27783;>#27783 UndertowHeadersAdapter's remove() method violates Map contract https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27593;>#27593 Fix assertion failure messages in DefaultDataBuffer.checkIndex() https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27577;>#27577 :notebook_with_decorative_cover: Documentation Lazy annotation throws exception if non-required bean does not exist https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27660;>#27660 Incorrect Javadoc in [NamedParameter]JdbcOperations.queryForObject methods regarding exceptions https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27581;>#27581 DefaultResponseErrorHandler update javadoc comment https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27571;>#27571 :hammer: Dependency Upgrades Upgrade to Reactor Dysprosium-SR25 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27635;>#27635 Upgrade to Log4j2 2.16.0 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27825;>#27825 ... (truncated) Commits https://github.com/spring-projects/spring-framework/commit/8f4c17273499280394c6824d179e25702c8992f4;>8f4c172 Release v5.2.22.RELEASE https://github.com/spring-projects/spring-framework/commit/9f238c997d914cf9162dac9801a2f56dae359a3f;>9f238c9 Polishing https://github.com/spring-projects/spring-framework/commit/50177b1ad3485bd44239b1756f6c14607476fcf2;>50177b1 Refine CachedIntrospectionResults property introspection https://github.com/spring-projects/spring-framework/commit/159a99bbafdd6c01871228113d7042c3f83f360f;>159a99b Ignore invalid STOMP frame https://github.com/spring-projects/spring-framework/commit/41e158c93de4c62bf3d8aa768592ded42b08f9ef;>41e158c Next development version (v5.2.22.BUILD-SNAPSHOT) https://github.com/spring-projects/spring-framework/commit/833e750175349ab4fd502109a8b41af77e25cdea;>833e750 Improve documentation and matching algorithm in data binders https://github.com/spring-projects/spring-framework/commit/d70054d6864c78a300210490a0fb3af0e1f1b84f;>d70054d Upgrade to Log4j2 2.17.2
[GitHub] [cocoon] dependabot[bot] commented on pull request #13: Bump spring-core from 4.3.16.RELEASE to 5.3.19 in /parent
dependabot[bot] commented on PR #13: URL: https://github.com/apache/cocoon/pull/13#issuecomment-1136776244 Superseded by #14. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] closed pull request #13: Bump spring-core from 4.3.16.RELEASE to 5.3.19 in /parent
dependabot[bot] closed pull request #13: Bump spring-core from 4.3.16.RELEASE to 5.3.19 in /parent URL: https://github.com/apache/cocoon/pull/13 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #24: Bump xalan from 2.7.1 to 2.7.2 in /jail/cocoon3
dependabot[bot] opened a new pull request, #24: URL: https://github.com/apache/cocoon/pull/24 Bumps xalan from 2.7.1 to 2.7.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xalan:xalan=maven=2.7.1=2.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #25: Bump xalan from 2.7.1 to 2.7.2 in /parent
dependabot[bot] opened a new pull request, #25: URL: https://github.com/apache/cocoon/pull/25 Bumps xalan from 2.7.1 to 2.7.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xalan:xalan=maven=2.7.1=2.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #21: Bump fop from 0.95-1 to 2.2 in /parent
dependabot[bot] opened a new pull request, #21: URL: https://github.com/apache/cocoon/pull/21 Bumps fop from 0.95-1 to 2.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlgraphics:fop=maven=0.95-1=2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #20: Bump fop from 1.1 to 2.2 in /jail/cocoon3
dependabot[bot] opened a new pull request, #20: URL: https://github.com/apache/cocoon/pull/20 Bumps fop from 1.1 to 2.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlgraphics:fop=maven=1.1=2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #22: Bump commons-jelly from 1.0 to 1.0.1 in /parent
dependabot[bot] opened a new pull request, #22: URL: https://github.com/apache/cocoon/pull/22 Bumps commons-jelly from 1.0 to 1.0.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-jelly:commons-jelly=maven=1.0=1.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #26: Bump acegi-security from 1.0.4 to 1.0.7 in /parent
dependabot[bot] opened a new pull request, #26: URL: https://github.com/apache/cocoon/pull/26 Bumps acegi-security from 1.0.4 to 1.0.7. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.acegisecurity:acegi-security=maven=1.0.4=1.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #19: Bump poi from 3.2-FINAL to 4.1.1 in /parent
dependabot[bot] opened a new pull request, #19: URL: https://github.com/apache/cocoon/pull/19 Bumps poi from 3.2-FINAL to 4.1.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.poi:poi=maven=3.2-FINAL=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #23: Bump jackrabbit-core from 1.4.1 to 2.1.0 in /parent
dependabot[bot] opened a new pull request, #23: URL: https://github.com/apache/cocoon/pull/23 Bumps jackrabbit-core from 1.4.1 to 2.1.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.jackrabbit:jackrabbit-core=maven=1.4.1=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #17: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/sitemaptags2daisy
dependabot[bot] opened a new pull request, #17: URL: https://github.com/apache/cocoon/pull/17 Bumps xercesImpl from 2.6.2 to 2.12.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xerces:xercesImpl=maven=2.6.2=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #16: Bump xercesImpl from 2.9.1 to 2.12.2 in /parent
dependabot[bot] opened a new pull request, #16: URL: https://github.com/apache/cocoon/pull/16 Bumps xercesImpl from 2.9.1 to 2.12.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xerces:xercesImpl=maven=2.9.1=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #18: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/cocoon-sitemaptags2daisy-plugin
dependabot[bot] opened a new pull request, #18: URL: https://github.com/apache/cocoon/pull/18 Bumps xercesImpl from 2.6.2 to 2.12.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xerces:xercesImpl=maven=2.6.2=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #15: Bump jetty from 6.1.6 to 6.1.23 in /parent
dependabot[bot] opened a new pull request, #15: URL: https://github.com/apache/cocoon/pull/15 Bumps jetty from 6.1.6 to 6.1.23. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.mortbay.jetty:jetty=maven=6.1.6=6.1.23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #27: Bump activemq-core from 5.1.0 to 5.6.0 in /parent
dependabot[bot] opened a new pull request, #27: URL: https://github.com/apache/cocoon/pull/27 Bumps activemq-core from 5.1.0 to 5.6.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.activemq:activemq-core=maven=5.1.0=5.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #28: Bump jettison from 1.3.3 to 1.5.1 in /jail/cocoon3
dependabot[bot] opened a new pull request, #28: URL: https://github.com/apache/cocoon/pull/28 Bumps [jettison](https://github.com/jettison-json/jettison) from 1.3.3 to 1.5.1. Release notes Sourced from https://github.com/jettison-json/jettison/releases;>jettison's releases. Jettison 1.5.1 What's Changed Stack Overflow fix on malformed JSON by https://github.com/coheigea;>@coheigea in https://github-redirect.dependabot.com/jettison-json/jettison/pull/48;>jettison-json/jettison#48 Prevent infinite loop when a /* comment is not terminated by https://github.com/coheigea;>@coheigea in https://github-redirect.dependabot.com/jettison-json/jettison/pull/49;>jettison-json/jettison#49 Full Changelog: https://github.com/jettison-json/jettison/compare/jettison-1.5.0...jettison-1.5.1;>https://github.com/jettison-json/jettison/compare/jettison-1.5.0...jettison-1.5.1 Commits https://github.com/jettison-json/jettison/commit/bdb3982aaea184c2143e41981e33877c2fd66292;>bdb3982 [maven-release-plugin] prepare release jettison-1.5.1 https://github.com/jettison-json/jettison/commit/1268b7558bad9b989687009a094466b64d4da533;>1268b75 Prevent infinite loop when a /* comment is not terminated https://github.com/jettison-json/jettison/commit/cff9f2814ec8ae573e38f38abed039311bb7bfda;>cff9f28 Create codeql-analysis.yml https://github.com/jettison-json/jettison/commit/395f8625bcf688743872c8e7f59360d372e77811;>395f862 Stack Overflow fix on malformed JSON https://github.com/jettison-json/jettison/commit/a5d2223bafd4c5ec37723533fa5c4066ead4eaaa;>a5d2223 [maven-release-plugin] prepare for next development iteration https://github.com/jettison-json/jettison/commit/e1bf5293d10af3ebfcd8763eb51a20a659b9047c;>e1bf529 [maven-release-plugin] prepare release jettison-1.5.0 https://github.com/jettison-json/jettison/commit/9ccf9d00fbae12fd10863c5b78d22bac6e5b87e4;>9ccf9d0 Update some deps/plugin versions https://github.com/jettison-json/jettison/commit/cfc7382c4dab4e207d2db2f0a70f60ce565e477d;>cfc7382 Performance improvement https://github.com/jettison-json/jettison/commit/d3714681f61581810680df8e45858a4d30a602da;>d371468 Use BigDecimal instead of Double to avoid loss of precision https://github.com/jettison-json/jettison/commit/23a64eedf97e29b6562de8c3b024af414df9b900;>23a64ee Avoid NullPointerException when used with Axis2 1.5 Additional commits viewable in https://github.com/jettison-json/jettison/compare/jettison-1.3.3...jettison-1.5.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.jettison:jettison=maven=1.3.3=1.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #41: Bump jettison from 1.3.3 to 1.5.2 in /jail/cocoon3
dependabot[bot] opened a new pull request, #41: URL: https://github.com/apache/cocoon/pull/41 Bumps [jettison](https://github.com/jettison-json/jettison) from 1.3.3 to 1.5.2. Release notes Sourced from https://github.com/jettison-json/jettison/releases;>jettison's releases. Jettison 1.5.2 What's Changed Bump woodstox-core from 6.2.8 to 6.4.0 by https://github.com/dependabot;>@dependabot in https://github-redirect.dependabot.com/jettison-json/jettison/pull/51;>jettison-json/jettison#51 Fixing StackOverflow error by https://github.com/coheigea;>@coheigea in https://github-redirect.dependabot.com/jettison-json/jettison/pull/53;>jettison-json/jettison#53 Full Changelog: https://github.com/jettison-json/jettison/compare/jettison-1.5.1...jettison-1.5.2;>https://github.com/jettison-json/jettison/compare/jettison-1.5.1...jettison-1.5.2 Jettison 1.5.1 What's Changed Stack Overflow fix on malformed JSON by https://github.com/coheigea;>@coheigea in https://github-redirect.dependabot.com/jettison-json/jettison/pull/48;>jettison-json/jettison#48 Prevent infinite loop when a /* comment is not terminated by https://github.com/coheigea;>@coheigea in https://github-redirect.dependabot.com/jettison-json/jettison/pull/49;>jettison-json/jettison#49 Full Changelog: https://github.com/jettison-json/jettison/compare/jettison-1.5.0...jettison-1.5.1;>https://github.com/jettison-json/jettison/compare/jettison-1.5.0...jettison-1.5.1 Commits https://github.com/jettison-json/jettison/commit/6dc73a07ac47c7e3b4c7d041761fbc11aee2eb50;>6dc73a0 [maven-release-plugin] prepare release jettison-1.5.2 https://github.com/jettison-json/jettison/commit/19ae19ff57d00dbfa6f6c3af4fc4cb14fb5ca2df;>19ae19f Fixing StackOverflow error https://github.com/jettison-json/jettison/commit/325b51b36982b5ddfb10d76d2809ec422e9de0b1;>325b51b Bump woodstox-core from 6.2.8 to 6.4.0 https://github.com/jettison-json/jettison/commit/81d3786242c3c7f68eead911b432a81c7f24fa0b;>81d3786 [maven-release-plugin] prepare for next development iteration https://github.com/jettison-json/jettison/commit/bdb3982aaea184c2143e41981e33877c2fd66292;>bdb3982 [maven-release-plugin] prepare release jettison-1.5.1 https://github.com/jettison-json/jettison/commit/1268b7558bad9b989687009a094466b64d4da533;>1268b75 Prevent infinite loop when a /* comment is not terminated https://github.com/jettison-json/jettison/commit/cff9f2814ec8ae573e38f38abed039311bb7bfda;>cff9f28 Create codeql-analysis.yml https://github.com/jettison-json/jettison/commit/395f8625bcf688743872c8e7f59360d372e77811;>395f862 Stack Overflow fix on malformed JSON https://github.com/jettison-json/jettison/commit/a5d2223bafd4c5ec37723533fa5c4066ead4eaaa;>a5d2223 [maven-release-plugin] prepare for next development iteration https://github.com/jettison-json/jettison/commit/e1bf5293d10af3ebfcd8763eb51a20a659b9047c;>e1bf529 [maven-release-plugin] prepare release jettison-1.5.0 Additional commits viewable in https://github.com/jettison-json/jettison/compare/jettison-1.3.3...jettison-1.5.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.jettison:jettison=maven=1.3.3=1.5.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it
[GitHub] [cocoon] asfgit closed pull request #41: Bump jettison from 1.3.3 to 1.5.2 in /jail/cocoon3
asfgit closed pull request #41: Bump jettison from 1.3.3 to 1.5.2 in /jail/cocoon3 URL: https://github.com/apache/cocoon/pull/41 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #41: Bump jettison from 1.3.3 to 1.5.2 in /jail/cocoon3
dependabot[bot] commented on PR #41: URL: https://github.com/apache/cocoon/pull/41#issuecomment-1373999194 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #39: Bump spring-web from 4.3.16.RELEASE to 6.0.0 in /parent
dependabot[bot] opened a new pull request, #39: URL: https://github.com/apache/cocoon/pull/39 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 4.3.16.RELEASE to 6.0.0. Release notes Sourced from https://github.com/spring-projects/spring-framework/releases;>spring-web's releases. v6.0.0 See https://github.com/spring-projects/spring-framework/wiki/What%27s-New-in-Spring-Framework-6.x;>What's New in Spring Framework 6.x and https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-6.x;>Upgrading to Spring Framework 6.x for upgrade instructions and details of new features. :star: New Features Avoid direct URL construction and URL equality checks https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29486;>#29486 Simplify creating RFC 7807 responses from functional endpoints https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29462;>#29462 Allow test classes to provide runtime hints via declarative mechanisms https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29455;>#29455 :notebook_with_decorative_cover: Documentation Align javadoc of DefaultParameterNameDiscoverer with its behavior https://github-redirect.dependabot.com/spring-projects/spring-framework/pull/29494;>#29494 Document AOT support in the TestContext framework https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29482;>#29482 Document Ahead of Time processing in the reference guide https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29350;>#29350 :hammer: Dependency Upgrades Upgrade to Reactor 2022.0.0 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29465;>#29465 :heart: Contributors Thank you to all the contributors who worked on this release: https://github.com/ophiuhus;>@ophiuhus and https://github.com/wilkinsona;>@wilkinsona v6.0.0-RC4 :star: New Features Introduce DataFieldMaxValueIncrementer for SQL Server sequences https://github-redirect.dependabot.com/spring-projects/spring-framework/pull/29447;>#29447 Introduce findAllAnnotationsOnBean variant on ListableBeanFactory https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29446;>#29446 Introduce support for Jakarta WebSocket 2.1 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29436;>#29436 Allow @ControllerAdvice in WebFlux to handle exceptions before a handler is selected https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/22991;>#22991 :lady_beetle: Bug Fixes Bean with unresolved generics do not use fallback algorithms with AOT https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29454;>#29454 TomcatRequestUpgradeStrategy is not compatible with Tomcat 10.1 https://github-redirect.dependabot.com/spring-projects/spring-framework/pull/29434;>#29434 Autowiring of a generic type produced by a factory bean fails after AOT processing https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29385;>#29385 :notebook_with_decorative_cover: Documentation Reference PDF containing full docs not available https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28451;>#28451 :hammer: Dependency Upgrades Revisit Servlet API baseline: Servlet 6.0 in the build, Servlet 5.0 compatibility at runtime https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29435;>#29435 Upgrade to Context Propagation 1.0.0 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29442;>#29442 Upgrade to Jackson 2.14.0 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29351;>#29351 Upgrade to Micrometer 1.10.0 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/29441;>#29441 ... (truncated) Commits https://github.com/spring-projects/spring-framework/commit/5a30a43b753a971ac8bf4005a8ccddeaff439d7e;>5a30a43 Release v6.0.0 https://github.com/spring-projects/spring-framework/commit/42856bab164dd0b9d92dbb1cd42acce66d491ffa;>42856ba Add milestone repo for optional Netty 5 support https://github.com/spring-projects/spring-framework/commit/9be6cea012b2c5ac55e862329ccb9103e978f3d2;>9be6cea Polishing deprecated methods https://github.com/spring-projects/spring-framework/commit/37b439182e4aacf48b33d9c1ad3201a2ef5a6f13;>37b4391 Align javadoc of DefaultParameterNameDiscoverer with its behavior https://github.com/spring-projects/spring-framework/commit/09a58a55bf7882f24352c0bb2ecf742c14c22cc3;>09a58a5 Polish https://github.com/spring-projects/spring-framework/commit/10f4ad1a44a7031b84a9f43578a5d37135ad21da;>10f4ad1 Assert fixed in
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #40: Bump spring-beans from 4.3.16.RELEASE to 5.2.20.RELEASE in /parent
dependabot[bot] opened a new pull request, #40: URL: https://github.com/apache/cocoon/pull/40 Bumps [spring-beans](https://github.com/spring-projects/spring-framework) from 4.3.16.RELEASE to 5.2.20.RELEASE. Release notes Sourced from https://github.com/spring-projects/spring-framework/releases;>spring-beans's releases. v5.2.20.RELEASE :star: New Features Restrict access to property paths on Class references https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28262;>#28262 Improve diagnostics in SpEL for large array creation https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28257;>#28257 v5.2.19.RELEASE :star: New Features Declare serialVersionUID on DefaultAopProxyFactory https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27785;>#27785 Use ByteArrayDecoder in DefaultClientResponse::createException https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27667;>#27667 :lady_beetle: Bug Fixes ProxyFactoryBean getObject called before setInterceptorNames, silently creating an invalid proxy [SPR-7582] https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27817;>#27817 Possible NPE in Spring MVC LogFormatUtils https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27783;>#27783 UndertowHeadersAdapter's remove() method violates Map contract https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27593;>#27593 Fix assertion failure messages in DefaultDataBuffer.checkIndex() https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27577;>#27577 :notebook_with_decorative_cover: Documentation Lazy annotation throws exception if non-required bean does not exist https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27660;>#27660 Incorrect Javadoc in [NamedParameter]JdbcOperations.queryForObject methods regarding exceptions https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27581;>#27581 DefaultResponseErrorHandler update javadoc comment https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27571;>#27571 :hammer: Dependency Upgrades Upgrade to Reactor Dysprosium-SR25 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27635;>#27635 Upgrade to Log4j2 2.16.0 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27825;>#27825 v5.2.18.RELEASE :star: New Features Enhance DefaultResponseErrorHandler to allow logging complete error response body https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27558;>#27558 DefaultMessageListenerContainer does not log an error/warning when consumer tasks have been rejected https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27457;>#27457 :lady_beetle: Bug Fixes Performance impact of con.getContentLengthLong() in AbstractFileResolvingResource.isReadable() downloading huge jars to check component length https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27549;>#27549 Performance impact of ResourceUrlEncodingFilter on HttpServletResponse#encodeURL https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27548;>#27548 Avoid duplicate JCacheOperationSource bean registration in https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27547;>#27547 Non-escaped closing curly brace in RegEx results in initialization error on Android https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27502;>#27502 Proxy generation with Java 17 fails with Cannot invoke Object.getClass() because cause is null https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27498;>#27498 ConcurrentReferenceHashMap's entrySet violates the Map contract https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27455;>#27455 :hammer: Dependency Upgrades Upgrade to Reactor Dysprosium-SR24 https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27526;>#27526 v5.2.17.RELEASE ... (truncated) Commits https://github.com/spring-projects/spring-framework/commit/cfa701b8726f06528e9d408b1b94f333f70da45f;>cfa701b Release v5.2.20.RELEASE https://github.com/spring-projects/spring-framework/commit/996f701a1916d10202c1d0d281f06ab1f2e1117e;>996f701 Refine PropertyDescriptor filtering https://github.com/spring-projects/spring-framework/commit/90cfde985ef08e8372ffefda2156f8091f65efe6;>90cfde9 Improve diagnostics in SpEL for large array creation https://github.com/spring-projects/spring-framework/commit/94f52bc94f885fe97201b93bc1c92f35e7b0afa9;>94f52bc Upgrade to Artifactory
[GitHub] [cocoon] dependabot[bot] commented on pull request #28: Bump jettison from 1.3.3 to 1.5.1 in /jail/cocoon3
dependabot[bot] commented on PR #28: URL: https://github.com/apache/cocoon/pull/28#issuecomment-1356882103 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #24: Bump xalan from 2.7.1 to 2.7.2 in /jail/cocoon3
dependabot[bot] commented on PR #24: URL: https://github.com/apache/cocoon/pull/24#issuecomment-1356882104 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #20: Bump fop from 1.1 to 2.2 in /jail/cocoon3
dependabot[bot] commented on PR #20: URL: https://github.com/apache/cocoon/pull/20#issuecomment-1356882096 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #24: Bump xalan from 2.7.1 to 2.7.2 in /jail/cocoon3
asfgit closed pull request #24: Bump xalan from 2.7.1 to 2.7.2 in /jail/cocoon3 URL: https://github.com/apache/cocoon/pull/24 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #22: Bump commons-jelly from 1.0 to 1.0.1 in /parent
asfgit closed pull request #22: Bump commons-jelly from 1.0 to 1.0.1 in /parent URL: https://github.com/apache/cocoon/pull/22 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #31: Bump commons-collections from 3.2.1 to 3.2.2 in /parent
asfgit closed pull request #31: Bump commons-collections from 3.2.1 to 3.2.2 in /parent URL: https://github.com/apache/cocoon/pull/31 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #20: Bump fop from 1.1 to 2.2 in /jail/cocoon3
asfgit closed pull request #20: Bump fop from 1.1 to 2.2 in /jail/cocoon3 URL: https://github.com/apache/cocoon/pull/20 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #28: Bump jettison from 1.3.3 to 1.5.1 in /jail/cocoon3
asfgit closed pull request #28: Bump jettison from 1.3.3 to 1.5.1 in /jail/cocoon3 URL: https://github.com/apache/cocoon/pull/28 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #23: Bump jackrabbit-core from 1.4.1 to 2.1.0 in /parent
dependabot[bot] commented on PR #23: URL: https://github.com/apache/cocoon/pull/23#issuecomment-1356882118 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #21: Bump fop from 0.95-1 to 2.2 in /parent
asfgit closed pull request #21: Bump fop from 0.95-1 to 2.2 in /parent URL: https://github.com/apache/cocoon/pull/21 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #39: Bump spring-web from 4.3.16.RELEASE to 6.0.0 in /parent
asfgit closed pull request #39: Bump spring-web from 4.3.16.RELEASE to 6.0.0 in /parent URL: https://github.com/apache/cocoon/pull/39 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #14: Bump spring-core from 4.3.16.RELEASE to 5.2.22.RELEASE in /parent
dependabot[bot] commented on PR #14: URL: https://github.com/apache/cocoon/pull/14#issuecomment-1356882128 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #25: Bump xalan from 2.7.1 to 2.7.2 in /parent
asfgit closed pull request #25: Bump xalan from 2.7.1 to 2.7.2 in /parent URL: https://github.com/apache/cocoon/pull/25 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #14: Bump spring-core from 4.3.16.RELEASE to 5.2.22.RELEASE in /parent
asfgit closed pull request #14: Bump spring-core from 4.3.16.RELEASE to 5.2.22.RELEASE in /parent URL: https://github.com/apache/cocoon/pull/14 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #21: Bump fop from 0.95-1 to 2.2 in /parent
dependabot[bot] commented on PR #21: URL: https://github.com/apache/cocoon/pull/21#issuecomment-1356882123 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #22: Bump commons-jelly from 1.0 to 1.0.1 in /parent
dependabot[bot] commented on PR #22: URL: https://github.com/apache/cocoon/pull/22#issuecomment-1356882108 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #26: Bump acegi-security from 1.0.4 to 1.0.7 in /parent
asfgit closed pull request #26: Bump acegi-security from 1.0.4 to 1.0.7 in /parent URL: https://github.com/apache/cocoon/pull/26 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #31: Bump commons-collections from 3.2.1 to 3.2.2 in /parent
dependabot[bot] commented on PR #31: URL: https://github.com/apache/cocoon/pull/31#issuecomment-1356882105 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #26: Bump acegi-security from 1.0.4 to 1.0.7 in /parent
dependabot[bot] commented on PR #26: URL: https://github.com/apache/cocoon/pull/26#issuecomment-1356882112 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #19: Bump poi from 3.2-FINAL to 4.1.1 in /parent
asfgit closed pull request #19: Bump poi from 3.2-FINAL to 4.1.1 in /parent URL: https://github.com/apache/cocoon/pull/19 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #27: Bump activemq-core from 5.1.0 to 5.6.0 in /parent
dependabot[bot] commented on PR #27: URL: https://github.com/apache/cocoon/pull/27#issuecomment-1356882114 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #19: Bump poi from 3.2-FINAL to 4.1.1 in /parent
dependabot[bot] commented on PR #19: URL: https://github.com/apache/cocoon/pull/19#issuecomment-1356882120 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #40: Bump spring-beans from 4.3.16.RELEASE to 5.2.20.RELEASE in /parent
asfgit closed pull request #40: Bump spring-beans from 4.3.16.RELEASE to 5.2.20.RELEASE in /parent URL: https://github.com/apache/cocoon/pull/40 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #15: Bump jetty from 6.1.6 to 6.1.23 in /parent
asfgit closed pull request #15: Bump jetty from 6.1.6 to 6.1.23 in /parent URL: https://github.com/apache/cocoon/pull/15 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #27: Bump activemq-core from 5.1.0 to 5.6.0 in /parent
asfgit closed pull request #27: Bump activemq-core from 5.1.0 to 5.6.0 in /parent URL: https://github.com/apache/cocoon/pull/27 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #23: Bump jackrabbit-core from 1.4.1 to 2.1.0 in /parent
asfgit closed pull request #23: Bump jackrabbit-core from 1.4.1 to 2.1.0 in /parent URL: https://github.com/apache/cocoon/pull/23 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #15: Bump jetty from 6.1.6 to 6.1.23 in /parent
dependabot[bot] commented on PR #15: URL: https://github.com/apache/cocoon/pull/15#issuecomment-1356882126 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #40: Bump spring-beans from 4.3.16.RELEASE to 5.2.20.RELEASE in /parent
dependabot[bot] commented on PR #40: URL: https://github.com/apache/cocoon/pull/40#issuecomment-1356882127 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #16: Bump xercesImpl from 2.9.1 to 2.12.2 in /parent
asfgit closed pull request #16: Bump xercesImpl from 2.9.1 to 2.12.2 in /parent URL: https://github.com/apache/cocoon/pull/16 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #18: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/cocoon-sitemaptags2daisy-plugin
dependabot[bot] commented on PR #18: URL: https://github.com/apache/cocoon/pull/18#issuecomment-1356882140 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #39: Bump spring-web from 4.3.16.RELEASE to 6.0.0 in /parent
dependabot[bot] commented on PR #39: URL: https://github.com/apache/cocoon/pull/39#issuecomment-1356882131 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #16: Bump xercesImpl from 2.9.1 to 2.12.2 in /parent
dependabot[bot] commented on PR #16: URL: https://github.com/apache/cocoon/pull/16#issuecomment-1356882135 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #25: Bump xalan from 2.7.1 to 2.7.2 in /parent
dependabot[bot] commented on PR #25: URL: https://github.com/apache/cocoon/pull/25#issuecomment-1356882133 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #30: Bump commons-collections from 3.1 to 3.2.2 in /tools/cocoon-sitemaptags2daisy-plugin
asfgit closed pull request #30: Bump commons-collections from 3.1 to 3.2.2 in /tools/cocoon-sitemaptags2daisy-plugin URL: https://github.com/apache/cocoon/pull/30 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #18: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/cocoon-sitemaptags2daisy-plugin
asfgit closed pull request #18: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/cocoon-sitemaptags2daisy-plugin URL: https://github.com/apache/cocoon/pull/18 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #30: Bump commons-collections from 3.1 to 3.2.2 in /tools/cocoon-sitemaptags2daisy-plugin
dependabot[bot] commented on PR #30: URL: https://github.com/apache/cocoon/pull/30#issuecomment-1356882136 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #29: Bump commons-collections from 3.1 to 3.2.2 in /tools/sitemaptags2daisy
asfgit closed pull request #29: Bump commons-collections from 3.1 to 3.2.2 in /tools/sitemaptags2daisy URL: https://github.com/apache/cocoon/pull/29 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #29: Bump commons-collections from 3.1 to 3.2.2 in /tools/sitemaptags2daisy
dependabot[bot] commented on PR #29: URL: https://github.com/apache/cocoon/pull/29#issuecomment-1356882144 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] asfgit closed pull request #17: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/sitemaptags2daisy
asfgit closed pull request #17: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/sitemaptags2daisy URL: https://github.com/apache/cocoon/pull/17 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] commented on pull request #17: Bump xercesImpl from 2.6.2 to 2.12.2 in /tools/sitemaptags2daisy
dependabot[bot] commented on PR #17: URL: https://github.com/apache/cocoon/pull/17#issuecomment-1356882149 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] jpuerto opened a new pull request, #35: Exclude old SLF4J API dependency from JCR that causes errors on spring context initialization.
jpuerto opened a new pull request, #35: URL: https://github.com/apache/cocoon/pull/35 ``` org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'javax.jcr.Repository': Initialization of bean failed; nested exception is java.lang.IllegalAccessError: tried to access field org.slf4j.impl.StaticLoggerBinder.SINGLETON from class org.slf4j.LoggerFactory at org.apache.cocoon.jcr.source.JCRSourceTestCase.setUp(JCRSourceTestCase.java:76) Caused by: java.lang.IllegalAccessError: tried to access field org.slf4j.impl.StaticLoggerBinder.SINGLETON from class org.slf4j.LoggerFactory at org.apache.cocoon.jcr.source.JCRSourceTestCase.setUp(JCRSourceTestCase.java:76) ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] jpuerto opened a new pull request, #34: Deprecate imageop and captcha blocks.
jpuerto opened a new pull request, #34: URL: https://github.com/apache/cocoon/pull/34 It depends on old Java image support. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] tcurdt commented on pull request #36: Update xsp block to java 8 and fix minor bugs
tcurdt commented on PR #36: URL: https://github.com/apache/cocoon/pull/36#issuecomment-1328134580 Looking good to me. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] tcurdt commented on pull request #34: Deprecate imageop and captcha blocks.
tcurdt commented on PR #34: URL: https://github.com/apache/cocoon/pull/34#issuecomment-1328135092 Looks OK. Does this maybe needs somewhere else some addition to the docs? Or maybe add another comment mentioning it as deprecation? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] tcurdt commented on pull request #35: Exclude old SLF4J API dependency from JCR that causes errors on spring context initialization.
tcurdt commented on PR #35: URL: https://github.com/apache/cocoon/pull/35#issuecomment-1328134784 Odd. But if that makes it work... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] tcurdt commented on pull request #33: Adds new method DataSource.getParentLogger() introduced in Java 1.7.
tcurdt commented on PR #33: URL: https://github.com/apache/cocoon/pull/33#issuecomment-1328135187 Looks OK. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] tcurdt commented on pull request #32: Fix SQL injection vulnerability for DatabaseCookieAuthenticatorAction.
tcurdt commented on PR #32: URL: https://github.com/apache/cocoon/pull/32#issuecomment-1328135343 Looking good. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] jpuerto opened a new pull request, #32: Fix SQL injection vulnerability.
jpuerto opened a new pull request, #32: URL: https://github.com/apache/cocoon/pull/32 Fix for SQL injection vulnerability by using PreparedStatement with parameters instead of raw query build and run. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #29: Bump commons-collections from 3.1 to 3.2.2 in /tools/sitemaptags2daisy
dependabot[bot] opened a new pull request, #29: URL: https://github.com/apache/cocoon/pull/29 Bumps commons-collections from 3.1 to 3.2.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-collections:commons-collections=maven=3.1=3.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #30: Bump commons-collections from 3.1 to 3.2.2 in /tools/cocoon-sitemaptags2daisy-plugin
dependabot[bot] opened a new pull request, #30: URL: https://github.com/apache/cocoon/pull/30 Bumps commons-collections from 3.1 to 3.2.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-collections:commons-collections=maven=3.1=3.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [cocoon] dependabot[bot] opened a new pull request, #31: Bump commons-collections from 3.2.1 to 3.2.2 in /parent
dependabot[bot] opened a new pull request, #31: URL: https://github.com/apache/cocoon/pull/31 Bumps commons-collections from 3.2.1 to 3.2.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-collections:commons-collections=maven=3.2.1=3.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/cocoon/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cocoon.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org