[ANNOUNCE] MyFaces Core v2.2.14 Release

[Paul Nicolucci]

The Apache MyFaces team is pleased to announce the release of MyFaces
Core 2.2.14.

MyFaces Core is a JavaServer(tm) Faces 2.2 implementation as specified by
JSR-344.

JavaServer Faces (JSF) is a Java specification for building
component-based user interfaces for web applications.

MyFaces Core 2.2.14 is available in both binary and source distributions.

* https://myfaces.apache.org/#/core22?id=downloads

MyFaces Core is also available in the central Maven repository under
Group ID "org.apache.myfaces.core".

Release Notes - MyFaces Core - Version 2.2.14 can be found in the
following link:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10600=12348436


Regards,
The MyFaces Team

[GitHub] [myfaces-homepage] bohmber merged pull request #16: fix: improved loading speed

[GitBox]

bohmber merged pull request #16:
URL: https://github.com/apache/myfaces-homepage/pull/16


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] bohmber opened a new pull request #16: fix: improved loading speed

[GitBox]

bohmber opened a new pull request #16:
URL: https://github.com/apache/myfaces-homepage/pull/16


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] pnicolucci merged pull request #15: Update broken 2.2 md5 links to point to sha512

[GitBox]

pnicolucci merged pull request #15:
URL: https://github.com/apache/myfaces-homepage/pull/15


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] pnicolucci opened a new pull request #15: Update broken 2.2 md5 links to point to sha512

[GitBox]

pnicolucci opened a new pull request #15:
URL: https://github.com/apache/myfaces-homepage/pull/15


   Update links



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] pnicolucci merged pull request #14: Small update to config for 2.2.14 site updates

[GitBox]

pnicolucci merged pull request #14:
URL: https://github.com/apache/myfaces-homepage/pull/14


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] pnicolucci opened a new pull request #14: Small update to config for 2.2.14 site updates

[GitBox]

pnicolucci opened a new pull request #14:
URL: https://github.com/apache/myfaces-homepage/pull/14


   Fixing a small issue with the  configuration updates.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #315: chore(deps): bump vdldoc-maven-plugin from 1.0 to 2.0

[GitBox]

bohmber merged pull request #315:
URL: https://github.com/apache/myfaces-tobago/pull/315


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #312: remove popperJs webjar

[GitBox]

bohmber merged pull request #312:
URL: https://github.com/apache/myfaces-tobago/pull/312


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] closed pull request #314: chore(deps): bump jakarta.annotation-api from 1.3.5 to 2.0.0

[GitBox]

dependabot[bot] closed pull request #314:
URL: https://github.com/apache/myfaces-tobago/pull/314


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] commented on pull request #314: chore(deps): bump jakarta.annotation-api from 1.3.5 to 2.0.0

[GitBox]

dependabot[bot] commented on pull request #314:
URL: https://github.com/apache/myfaces-tobago/pull/314#issuecomment-775437115


   Looks like jakarta.annotation:jakarta.annotation-api is no longer being 
updated by Dependabot, so this is no longer needed.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #316: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #316:
URL: https://github.com/apache/myfaces-tobago/pull/316


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #316: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #316:
URL: https://github.com/apache/myfaces-tobago/pull/316


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] pnicolucci merged pull request #13: Update website for 2.2.14 release

[GitBox]

pnicolucci merged pull request #13:
URL: https://github.com/apache/myfaces-homepage/pull/13


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #314: chore(deps): bump jakarta.annotation-api from 1.3.5 to 2.0.0

[GitBox]

dependabot[bot] opened a new pull request #314:
URL: https://github.com/apache/myfaces-tobago/pull/314


   Bumps 
[jakarta.annotation-api](https://github.com/eclipse-ee4j/common-annotations-api)
 from 1.3.5 to 2.0.0.
   
   Commits
   
   https://github.com/eclipse-ee4j/common-annotations-api/commit/8d7a88beaa21a0dbd193e618f568961133237cd3;>8d7a88b
 Prepare release jakarta.annotation:ca-parent:2.0.0
   https://github.com/eclipse-ee4j/common-annotations-api/commit/3c79c0a85b39a5d776df52fcc47bf0fb46eb1f36;>3c79c0a
 Fix spec references in javadoc (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/83;>#83)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/dfc56409e12d13da5af862ee548f6a8419a0c653;>dfc5640
 use jakarta spec names (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/82;>#82)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/5a07f027723d5e2cab7a81ca660e949898fd833b;>5a07f02
 Bring language on the table and types up to Jakarta EE 9 level (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/80;>#80)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/e4067f804e1dc6021144300d05a9f9925c488bca;>e4067f8
 Updated README with correct module name (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/79;>#79)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/67934acfe3438e8fadc8cbbcdf643e4f3c85bacf;>67934ac
 fixed link to image for pdf, (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/78;>#78)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/049fa248facd2e999b35ec3f77f056cf3de5d5c1;>049fa24
 https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/74;>#74:
 Update CONTRIBUTING.md for Specification Project's repositories (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/77;>#77)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/dfb5a5403bdf75d3be1d31381c71cad92e98a207;>dfb5a54
 drop parent pom, (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/76;>#76)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/b623aa86d326676d553fa75016ee64338621c45c;>b623aa8
 add proper JPMS descriptor, upgrade build plugins (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/72;>#72)
   https://github.com/eclipse-ee4j/common-annotations-api/commit/71b1d1c64b20988fa40f64d935d322dca751e430;>71b1d1c
 Jakartified spec (https://github-redirect.dependabot.com/eclipse-ee4j/common-annotations-api/issues/71;>#71)
   Additional commits viewable in https://github.com/eclipse-ee4j/common-annotations-api/compare/1.3.5...2.0.0;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jakarta.annotation:jakarta.annotation-api=maven=1.3.5=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #315: chore(deps): bump vdldoc-maven-plugin from 1.0 to 2.0

[GitBox]

dependabot[bot] opened a new pull request #315:
URL: https://github.com/apache/myfaces-tobago/pull/315


   Bumps [vdldoc-maven-plugin](https://github.com/matinh/vdldoc-maven-plugin) 
from 1.0 to 2.0.
   
   Changelog
   Sourced from https://github.com/matinh/vdldoc-maven-plugin/blob/master/Changes.md;>vdldoc-maven-plugin's
 changelog.
   
   
   2.0 (Release on 2020-08-03)
   
   Updated most maven plugins and some dependencies to recent versions
   Updated Vdldoc to 3.0
   
   
   
   
   
   
   Commits
   
   https://github.com/matinh/vdldoc-maven-plugin/commit/6c3f87ca1415b80ecddaf9bd89a7a8264e6f3c84;>6c3f87c
 prepare for x.y release
   https://github.com/matinh/vdldoc-maven-plugin/commit/b71ef62c5941fcf638506039962ac0dfb696e246;>b71ef62
 added changelog file
   https://github.com/matinh/vdldoc-maven-plugin/commit/bedaa4637edfc1262882429655870ff1c5ee1ee4;>bedaa46
 fix issue https://github-redirect.dependabot.com/matinh/vdldoc-maven-plugin/issues/3;>#3
 - update to vdldoc 3.0
   https://github.com/matinh/vdldoc-maven-plugin/commit/09ce201fa8be3ebee67ed4d224f433fc205a136e;>09ce201
 dependency updates
   https://github.com/matinh/vdldoc-maven-plugin/commit/c0cca65f41e81909e908ed884a70368e93320b8f;>c0cca65
 updated most of the plugins and specified plugin versions that were 
missing
   https://github.com/matinh/vdldoc-maven-plugin/commit/7e6259625214032a5fef4d3d8e7bd166ea699ab3;>7e62596
 - make ITs run again with recent versions of maven (tested with 3.3.9 and 
3.6.3)
   https://github.com/matinh/vdldoc-maven-plugin/commit/7199eb4d1e35cc25da42cdf6a803081809bfd308;>7199eb4
 - added surefire version as recent (2.12.*) versions produce VM crashes
   https://github.com/matinh/vdldoc-maven-plugin/commit/40b92aba4c1287bdaeccf21f4f96311c87abbb96;>40b92ab
 added FAQ for missing multi-module support
   https://github.com/matinh/vdldoc-maven-plugin/commit/790e4aeb08d5e4e7a244e80708536192d6e2045a;>790e4ae
 Merge remote-tracking branch 'origin/master'
   https://github.com/matinh/vdldoc-maven-plugin/commit/dfb3d70e65a9dd70c5bb242bdbf0af0c5f81ba03;>dfb3d70
 Updated to make clear where to find examples
   Additional commits viewable in https://github.com/matinh/vdldoc-maven-plugin/compare/1.0...2.0;>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.matinh.vdldoc:vdldoc-maven-plugin=maven=1.0=2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #313: chore(deps): bump maven-assembly-plugin from 3.1.1 to 3.3.0

[GitBox]

dependabot[bot] opened a new pull request #313:
URL: https://github.com/apache/myfaces-tobago/pull/313


   Bumps 
[maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 
3.1.1 to 3.3.0.
   
   Commits
   
   https://github.com/apache/maven-assembly-plugin/commit/5a48193bc2de65428c0c4dd0712ef8321c6d8ceb;>5a48193
 [maven-release-plugin] prepare release maven-assembly-plugin-3.3.0
   https://github.com/apache/maven-assembly-plugin/commit/1dc87ea2823bd71598d0fe2c7e57410b2e68611c;>1dc87ea
 Fix Javadoc error
   https://github.com/apache/maven-assembly-plugin/commit/6e67eeb41c3b647374fc4d2d969673f03ef1bbd3;>6e67eeb
 [MASSEMBLY-765] add property groupIdPath
   https://github.com/apache/maven-assembly-plugin/commit/919d18903deb11975d55adc38e4e864d54e0461e;>919d189
 [MASSEMBLY-765] add property groupIdPath
   https://github.com/apache/maven-assembly-plugin/commit/cfe0355b7213fa67ec01d4a49f00e609e08c0ce2;>cfe0355
 Apply try-with-resources
   https://github.com/apache/maven-assembly-plugin/commit/0a1aaada8a71334e1256587f91792b9807ae1b94;>0a1aaad
 [MASSEMBLY-927] Support for properties mapping on executions of 
maven-assembl...
   https://github.com/apache/maven-assembly-plugin/commit/8054f5097c890e8cc736f706ccc22db69684ddcd;>8054f50
 [MASSEMBLY-879] useDefaultExcludes has no effect in dependencySet/unpack
   https://github.com/apache/maven-assembly-plugin/commit/52a84fed26858323f61ed41bd71e3befd7910ad3;>52a84fe
 [MASSEMBLYE-849] Add nonFilteredFileExtensions to avoid filtering of binary 
f...
   https://github.com/apache/maven-assembly-plugin/commit/2c444621a769aea94554b9b087266f25f058a318;>2c44462
 Replace EasyMock with Mockito
   https://github.com/apache/maven-assembly-plugin/commit/3a58218f0c9ea4b52de5a0bf8a2d7aa0059d546d;>3a58218
 [MASSEMBLY-932] resource filtering skipped for resources in the current 
project
   Additional commits viewable in https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.1...maven-assembly-plugin-3.3.0;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-assembly-plugin=maven=3.1.1=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #309: chore(deps): bump popper.js from 1.14.3 to 2.5.4

[GitBox]

bohmber merged pull request #309:
URL: https://github.com/apache/myfaces-tobago/pull/309


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn opened a new pull request #312: remove popperJs webjar

[GitBox]

henningn opened a new pull request #312:
URL: https://github.com/apache/myfaces-tobago/pull/312


   use popperJs from npm/bootstrap



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-homepage] pnicolucci opened a new pull request #13: Update website for 2.2.14 release

[GitBox]

pnicolucci opened a new pull request #13:
URL: https://github.com/apache/myfaces-homepage/pull/13


   Update website for the MyFaces Core 2.2.14 release.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #310: chore(deps): bump joinfaces.version from 4.3.6 to 4.4.2

[GitBox]

henningn merged pull request #310:
URL: https://github.com/apache/myfaces-tobago/pull/310


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #311: chore(deps): bump findbugs-maven-plugin from 3.0.1 to 3.0.5

[GitBox]

henningn merged pull request #311:
URL: https://github.com/apache/myfaces-tobago/pull/311


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #308: chore(deps): bump versions-maven-plugin from 2.4 to 2.8.1

[GitBox]

henningn merged pull request #308:
URL: https://github.com/apache/myfaces-tobago/pull/308


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #307: chore(deps): bump maven-war-plugin from 3.1.0 to 3.3.1

[GitBox]

henningn merged pull request #307:
URL: https://github.com/apache/myfaces-tobago/pull/307


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #306: Better date orientation

[GitBox]

henningn merged pull request #306:
URL: https://github.com/apache/myfaces-tobago/pull/306


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #311: chore(deps): bump findbugs-maven-plugin from 3.0.1 to 3.0.5

[GitBox]

dependabot[bot] opened a new pull request #311:
URL: https://github.com/apache/myfaces-tobago/pull/311


   Bumps 
[findbugs-maven-plugin](https://github.com/gleclaire/findbugs-maven-plugin) 
from 3.0.1 to 3.0.5.
   
   Commits
   
   https://github.com/gleclaire/findbugs-maven-plugin/commit/4ad8caa52d8f4d9454f9983df195760f6ac71e34;>4ad8caa
 [maven-release-plugin] prepare release findbugs-maven-plugin-3.0.5
   https://github.com/gleclaire/findbugs-maven-plugin/commit/e421d6f4217910201ef1804b12bdbf181520f97b;>e421d6f
 Merge branch 'spotbugs-master'
   https://github.com/gleclaire/findbugs-maven-plugin/commit/f311505263d20594397cba9f347ec0b5d3e789b9;>f311505
 Fix for broken tests
   https://github.com/gleclaire/findbugs-maven-plugin/commit/f9515c7c5399a1afacdb43e84d1927df5dc2fe26;>f9515c7
 Fix for broken tests
   https://github.com/gleclaire/findbugs-maven-plugin/commit/0aa21fe77c873e3e0d6127f8c7c38caa044e6159;>0aa21fe
 [pom] Rework versions to all be properties, remove unnecessary overrides, 
upd...
   https://github.com/gleclaire/findbugs-maven-plugin/commit/e6c7772da99e7bb18f709f61533c7b42deb84157;>e6c7772
 fix tests filter for annotations
   https://github.com/gleclaire/findbugs-maven-plugin/commit/69b0aeba7c863064307044a0177c8e96fac7c210;>69b0aeb
 revert only require localTestSrc property to activate local test source 
usage...
   https://github.com/gleclaire/findbugs-maven-plugin/commit/b33b99241f9aaf556a473ec7ca7fcb0033fc38d7;>b33b992
 only require localTestSrc property to activate local test source usage
   https://github.com/gleclaire/findbugs-maven-plugin/commit/81ea9ab225d67bb30d08c23bd166e0491b096066;>81ea9ab
 Merge branch 'spotbugs-master'
   https://github.com/gleclaire/findbugs-maven-plugin/commit/a8fc375b4984d7eb52e7c450b93f971bedc43e32;>a8fc375
 [pom] Upgrade remote source to use github instead of legacy svn repo
   Additional commits viewable in https://github.com/gleclaire/findbugs-maven-plugin/compare/findbugs-maven-plugin-3.0.1...findbugs-maven-plugin-3.0.5;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.mojo:findbugs-maven-plugin=maven=3.0.1=3.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #310: chore(deps): bump joinfaces.version from 4.3.6 to 4.4.2

[GitBox]

dependabot[bot] opened a new pull request #310:
URL: https://github.com/apache/myfaces-tobago/pull/310


   Bumps `joinfaces.version` from 4.3.6 to 4.4.2.
   Updates `joinfaces-dependencies` from 4.3.6 to 4.4.2
   
   Release notes
   Sourced from https://github.com/joinfaces/joinfaces/releases;>joinfaces-dependencies's 
releases.
   
   4.4.2
   :hammer: Dependency Upgrades
   
   update spring boot to 2.4.2 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/849;>#849
   Update to Spring Boot 2.4.0-M2 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/827;>#827
   update myfaces to 2.3.7 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/850;>#850
   update admintemplate to 1.1.1 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/851;>#851
   udpate classgraph to 4.8.98 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/852;>#852
   update guava to 30.1 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/856;>#856
   update gradle to 6.8 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/857;>#857
   update spotbugs gradle plugin to 4.6.0 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/855;>#855
   update asciidoctor to 3.3.0 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/854;>#854
   update gradle-lint-plugin to 16.17.0 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/853;>#853
   
   :heart: Contributors
   We'd like to thank all the contributors who worked on this release!
   
   https://github.com/larsgrefer;>@larsgrefer
   https://github.com/persapiens;>@persapiens
   
   4.4.0-rc1
   No release notes provided.
   4.4.0-m3
   No release notes provided.
   4.3.8
   :hammer: Dependency Upgrades
   
   Update build.gradle https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/864;>#864
   Update build.gradle https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/863;>#863
   Update build.gradle https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/862;>#862
   Update build.gradle https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/861;>#861
   Update build.gradle https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/860;>#860
   Update gradle-wrapper.properties https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/859;>#859
   update spring boot to 2.3.8 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/858;>#858
   
   :heart: Contributors
   We'd like to thank all the contributors who worked on this release!
   
   https://github.com/persapiens;>@persapiens
   
   
   
   
   Commits
   
   https://github.com/joinfaces/joinfaces/commit/8080fc53c3b7b2d35238f7c6e804168fbfead4e6;>8080fc5
 Merge pull request https://github-redirect.dependabot.com/joinfaces/joinfaces/issues/857;>#857
 from persapiens/gradle-6.8
   https://github.com/joinfaces/joinfaces/commit/55feda5eceec7f14baceec882bf59285ebfa092d;>55feda5
 update gradle to 6.8
   https://github.com/joinfaces/joinfaces/commit/0eee5995a9acf756fd3c882e405db947ac678b6b;>0eee599
 Merge pull request https://github-redirect.dependabot.com/joinfaces/joinfaces/issues/856;>#856
 from persapiens/guava-30.1
   https://github.com/joinfaces/joinfaces/commit/be4d63ab1c04ffe14f0f86755947b4dd80878cd8;>be4d63a
 update guava to 30.1
   https://github.com/joinfaces/joinfaces/commit/b6d52b724d53373c2de5bb7e4341b73d12efbdbc;>b6d52b7
 Merge pull request https://github-redirect.dependabot.com/joinfaces/joinfaces/issues/855;>#855
 from persapiens/spotbugs-plugin-4.6.0
   https://github.com/joinfaces/joinfaces/commit/3ead3feb139a01a4b387b69ca13ee46d9d536bbc;>3ead3fe
 update spotbugs gradle plugin to 4.6.0
   https://github.com/joinfaces/joinfaces/commit/81775c303c85f45cc2e5f3e841a2054c65a637a7;>81775c3
 Merge pull request https://github-redirect.dependabot.com/joinfaces/joinfaces/issues/854;>#854
 from persapiens/asciidoctor-3.3.0
   https://github.com/joinfaces/joinfaces/commit/327827eeaadb0c7901706432d4ed899132464403;>327827e
 update asciidoctor to 3.3.0
   https://github.com/joinfaces/joinfaces/commit/ff41bdfeebb95812223becad292b5beac75e9cb9;>ff41bdf
 Merge pull request https://github-redirect.dependabot.com/joinfaces/joinfaces/issues/853;>#853
 from persapiens/gradle-lint-plugin-16.17.0
   https://github.com/joinfaces/joinfaces/commit/196d82d42f121702960bb13b3a2225f6db0d585f;>196d82d
 update gradle-lint-plugin to 16.17.0
   Additional commits viewable in https://github.com/joinfaces/joinfaces/compare/4.3.6...4.4.2;>compare 
view
   
   
   
   
   Updates `joinfaces-maven-plugin` from 4.3.6 to 4.4.2
   
   Release notes
   Sourced from https://github.com/joinfaces/joinfaces/releases;>joinfaces-maven-plugin's 
releases.
   
   4.4.2
   :hammer: Dependency Upgrades
   
   update spring boot to 2.4.2 https://github-redirect.dependabot.com/joinfaces/joinfaces/pull/849;>#849
   Update to Spring Boot 2.4.0-M2 

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #309: chore(deps): bump popper.js from 1.14.3 to 2.5.4

[GitBox]

dependabot[bot] opened a new pull request #309:
URL: https://github.com/apache/myfaces-tobago/pull/309


   Bumps [popper.js](https://github.com/webjars/popper.js) from 1.14.3 to 2.5.4.
   
   Commits
   
   https://github.com/webjars/popper.js/commit/647454e6d3ff90068c6a9b31584e8a2c92673ba9;>647454e
 [maven-release-plugin] prepare release popper.js-2.5.4
   https://github.com/webjars/popper.js/commit/0a280116680bc4aca10d425b85e9f01a8c9e97f4;>0a28011
 bump to 2.5.4
   https://github.com/webjars/popper.js/commit/f5bc3a61a8a9cacece8447ce6626379d96fff861;>f5bc3a6
 [maven-release-plugin] prepare for next development iteration
   https://github.com/webjars/popper.js/commit/4cb71dd728bda9e834415f7913a0e5bd34faa573;>4cb71dd
 [maven-release-plugin] prepare release popper.js-2.5.2
   https://github.com/webjars/popper.js/commit/7bc005cc8441afc37454d36fe13ffeca5895f99a;>7bc005c
 bump to 2.5.2 - fixes https://github-redirect.dependabot.com/webjars/popper.js/issues/12;>#12
   https://github.com/webjars/popper.js/commit/08050715c4fe0981d520eaed1c302fd7eaefd3b4;>0805071
 [maven-release-plugin] prepare for next development iteration
   https://github.com/webjars/popper.js/commit/48c421fb45c619a22b9455cd9f4fb2113ed95f9c;>48c421f
 [maven-release-plugin] prepare release popper.js-2.0.2
   https://github.com/webjars/popper.js/commit/29b50f30509b206c21588b40720a43c9a0765b20;>29b50f3
 bump to 2.0.2 - fixes https://github-redirect.dependabot.com/webjars/popper.js/issues/10;>#10
   https://github.com/webjars/popper.js/commit/400f830bdad72b3969bb1f8c05a9384062feb521;>400f830
 [maven-release-plugin] prepare for next development iteration
   https://github.com/webjars/popper.js/commit/2b661ed32370696732079cabb331eb6a35b68318;>2b661ed
 [maven-release-plugin] prepare release popper.js-1.16.0
   Additional commits viewable in https://github.com/webjars/popper.js/compare/popper.js-1.14.3...popper.js-2.5.4;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.webjars:popper.js=maven=1.14.3=2.5.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #307: chore(deps): bump maven-war-plugin from 3.1.0 to 3.3.1

[GitBox]

dependabot[bot] opened a new pull request #307:
URL: https://github.com/apache/myfaces-tobago/pull/307


   Bumps [maven-war-plugin](https://github.com/apache/maven-war-plugin) from 
3.1.0 to 3.3.1.
   
   Commits
   
   https://github.com/apache/maven-war-plugin/commit/e417f592349337713157bd25444c5a96ecbca9bd;>e417f59
 [maven-release-plugin] prepare release maven-war-plugin-3.3.1
   https://github.com/apache/maven-war-plugin/commit/062f6d49bf629d9246c999548727a97e7b150ca5;>062f6d4
 [MWAR-433] add outdatedCheckPath parameter with WEB-INF/lib/ default
   https://github.com/apache/maven-war-plugin/commit/14d5d4687f62759ff518eb50589a573cb4e92af7;>14d5d46
 removed unused import
   https://github.com/apache/maven-war-plugin/commit/6434336ae3e62032e0b2026d13bca1739e2d3477;>6434336
 clear up deprecations and resource leaks (https://github-redirect.dependabot.com/apache/maven-war-plugin/issues/13;>#13)
   https://github.com/apache/maven-war-plugin/commit/16198710a54cc367f21294a6e81777426007f05c;>1619871
 [MWAR-436] use outputTimestamp for jar created by archiveClasses
   https://github.com/apache/maven-war-plugin/commit/c748932df170c98082c64c9d152e2169322a7f62;>c748932
 refactor outdated resource management internal API
   https://github.com/apache/maven-war-plugin/commit/6e4a16a2197ee4467aaf2021d6c996b9e8981991;>6e4a16a
 [MWAR-434] remove jar created by archiveClasses from outdated files
   https://github.com/apache/maven-war-plugin/commit/45a820192170358c50882665b41e205f2b3855b4;>45a8201
 [MWAR-45] add an IT testing archiveClasses result
   https://github.com/apache/maven-war-plugin/commit/88fe0eae58e46021f49859b74b2842192ae36115;>88fe0ea
 [MWAR-434] add debug message when deleting resource expected outdated
   https://github.com/apache/maven-war-plugin/commit/9c2163ec4b29867202af70d5f56293b3111ecdaa;>9c2163e
 update dependencies: commons-io, plexus-interpolation, and plexus-archiver (https://github-redirect.dependabot.com/apache/maven-war-plugin/issues/12;>#12)
   Additional commits viewable in https://github.com/apache/maven-war-plugin/compare/maven-war-plugin-3.1.0...maven-war-plugin-3.3.1;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-war-plugin=maven=3.1.0=3.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #308: chore(deps): bump versions-maven-plugin from 2.4 to 2.8.1

[GitBox]

dependabot[bot] opened a new pull request #308:
URL: https://github.com/apache/myfaces-tobago/pull/308


   Bumps 
[versions-maven-plugin](https://github.com/mojohaus/versions-maven-plugin) from 
2.4 to 2.8.1.
   
   Release notes
   Sourced from https://github.com/mojohaus/versions-maven-plugin/releases;>versions-maven-plugin's
 releases.
   
   2.8.1
   :star: New Features
   
   Remove cobertura-maven-plugin  https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/409;>#409
   Removed plexus-i18n https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/405;>#405
   Fixes https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/82;>#82
 ensure version change affects only the current directory (and child 
directories), not the parent or sibling directories https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/pull/400;>#400
   Fixes https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/321;>#321
 fail the build when parsing XML of child modules fails due to invalid XML https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/pull/399;>#399
   Upgrade GitHub Actions https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/398;>#398
   Ensure display output is order, only order at point of printing https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/pull/394;>#394
   use-latest-versions ignores dependencies with versions defined as 
properties https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/340;>#340
   make build reproducible https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/424;>#424
   
   :beetle: Bug Fixes
   
   Downgrade commons-lang3 to 3.8.1 to keep JDK7 promise https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/411;>#411
   Warning if plugin is executed in parallel https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/373;>#373
   display-plugin-updates fails if non-local parent is present in POM https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/422;>#422
   
   :hammer: Dependency Upgrades
   
   Upgrade maven-invoker-plugin to 3.2.1 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/420;>#420
   Upgrade modello-maven-plugin from 1.9.1 to 1.11 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/410;>#410
   Upgrade plugin version for versions-maven-plugin from 2.4 to 2.7 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/408;>#408
   Upgrade doxia from 1.7 to 1.9.1 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/407;>#407
   Upgrade wagon from 2.12 to 3.4.0 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/406;>#406
   Upgrade plexus-interactivity-api from 1.0-alpha-6 to 1.0 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/404;>#404
   Upgrade plexus-container-default from 1.7.1 to 2.1.0 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/403;>#403
   Upgrade hamcrest-library from 1.3 to hamcrest-core 2.2 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/402;>#402
   Upgrade mockito 1.9.5 to 2.28.2 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/401;>#401
   Upgrade woodstox-core-asl from 4.2.0 to 4.4.1 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/397;>#397
   Upgrade maven-common-artifact-filters to 3.1.0 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/389;>#389
   Upgrade plexus-utils to 3.3.0 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/388;>#388
   commons-lang3 v3.9 https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/pull/380;>#380
   
   :heart: Contributors
   We'd like to thank all the contributors who worked on this release!
   
   https://github.com/stefanseifert;>@stefanseifert
   https://github.com/nhojpatrick;>@nhojpatrick
   
   
   
   
   Changelog
   Sourced from https://github.com/mojohaus/versions-maven-plugin/blob/master/ReleaseNotes.md;>versions-maven-plugin's
 changelog.
   
   Release Notes
   2.6
   
   
   [Pull Request https://github-redirect.dependabot.com/mojohaus/versions-maven-plugin/issues/252;>#252][pull-252]
   Thanks to Edward Maxwell-Lyte mailto:2248005+edwardml...@users.noreply.github.com;>2248005+edwardml...@users.noreply.github.com
   Minor spelling corrections
   
   
   [Fixed Issue 157][issue-157]
   Document the end of versioning limitations in Maven 3.x
   There may remain good reasons for defining custom versioning rules to
   let versions-maven-plugin apply, but at least not the old Maven 2.x
   limitation
   
   
   [Fixed Issue 256][issue-256]
   if initial and new version are equals, just display initial
   this means this 

Re: [RESULTS][VOTE] Release of MyFaces Core 2.2.14

[Paul Nicolucci]

The results are 7 +1 votes.

Binding Votes:
Thomas Andraschko
Paul Nicolucci
Bernd Bohmann
Bill Lucy
Udo Schnurpfeil
Werner Punz

Non Binding Votes:
Volodymyr Siedlecki

I'll continue on with the final release steps.

Thanks,

Paul Nicolucci

On Fri, Feb 5, 2021 at 11:14 AM Volodymyr Siedlecki <
volodymyr.siedle...@ibm.com> wrote:

> +1
>
> Vlad
>
>
> - Original message -
> From: Werner Punz 
> To: MyFaces Development 
> Cc:
> Subject: [EXTERNAL] Re: [VOTE] Release of MyFaces Core 2.2.14
> Date: Fri, Feb 5, 2021 6:57 AM
>
> +1
>
> Werner
>
>
> Am Fr., 5. Feb. 2021 um 10:47 Uhr schrieb Udo Schnurpfeil <
> lof...@apache.org>:
>
> +1
>
> Regards,
>
> Udo
> Am 04.02.21 um 14:39 schrieb Bill Lucy:
>
> +1, thanks Paul
>
> Regards,
> Bill
>
> On Thu, Feb 4, 2021 at 8:30 AM Bernd Bohmann 
> wrote:
>
> Here is my +1
>
> Regards
>
> Bernd
>
> On Thu, Feb 4, 2021 at 2:18 PM Thomas Andraschko <
> andraschko.tho...@gmail.com> wrote:
>
> +1
> could someone also take care of 2.3-next-M5?
>
>   Virenfrei. www.avast.com
> 
>
> Am Do., 4. Feb. 2021 um 13:47 Uhr schrieb Paul Nicolucci <
> pnicolu...@gmail.com>:
>
> Hi,
>
> I was running the needed tasks to get the 2.2.14 release of Apache
> MyFaces core out.
>
> Please note that this vote concerns all of the following parts:
>1. Maven artifact group "org.apache.myfaces.core" v2.2.14  [1]
>
> The artifacts were deployed on nexus repo [1] for binary and source
> packages.
>
> The release notes could be found at [4].
>
> Also the japicmp tool (similar to clirr) does not show binary
> incompatibilities with myfaces-api.
> See the attached "results.html" for the output of the japicmp tool.
>
> I would also like to note that there was no TCK execution as I could not
> find any instructions.
>
> Please take a look at the "2.2.14" artifacts and vote! (see [3])
>
> Please note: This vote is "majority approval" with a minimum of three +1
> votes (see [2]).
>
> 
> [ ] +1 for community members who have reviewed the bits
> [ ] +0
> [ ] -1 for fatal flaws that should cause these bits not to be released,
> and why..
> 
>
> Thanks,
> Paul Nicolucci
>
> [1]
> https://repository.apache.org/content/repositories/orgapachemyfaces-1181/org/apache/myfaces/core/
> 
> [2] http://www.apache.org/foundation/voting.html#ReleaseVotes
> 
> [3]
> https://repository.apache.org/content/repositories/orgapachemyfaces-1181/org/apache/myfaces/core/myfaces-core-assembly/
> 
> [4]
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10600=12348436
> 
>
>
>
>

[GitHub] [myfaces-tobago] henningn opened a new pull request #306: Better date orientation

[GitBox]

henningn opened a new pull request #306:
URL: https://github.com/apache/myfaces-tobago/pull/306


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #305: fix: file upload demo page

[GitBox]

henningn merged pull request #305:
URL: https://github.com/apache/myfaces-tobago/pull/305


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #286: chore(deps): bump webcomponents__custom-elements from 1.2.1 to 1.4.2

[GitBox]

bohmber merged pull request #286:
URL: https://github.com/apache/myfaces-tobago/pull/286


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn opened a new pull request #305: fix: file upload demo page

[GitBox]

henningn opened a new pull request #305:
URL: https://github.com/apache/myfaces-tobago/pull/305


   Sheet was too wide.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #304: Fix link group style

[GitBox]

henningn merged pull request #304:
URL: https://github.com/apache/myfaces-tobago/pull/304


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] henningn opened a new pull request #304: Fix link group style

[GitBox]

henningn opened a new pull request #304:
URL: https://github.com/apache/myfaces-tobago/pull/304


   * remove outdated comment
   * fix different appearance of a.tobago-link and button.tobago-link
   * this also fixes (accidentally)
   ** button.tobago-link size (because of invisible border)
   ** disabled button.tobago-link text-color was brighten up (because of 
opacity < 1)
   * add a manual test example
   * rebuild-theme



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (MYFACES-4377) Disable the parsing of external general entities and external parameter entities in XML parsing code

[Thomas Andraschko (Jira)]

 [ 
https://issues.apache.org/jira/browse/MYFACES-4377?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Thomas Andraschko resolved MYFACES-4377.

Resolution: Fixed

> Disable the parsing of external general entities and external parameter 
> entities in XML parsing code
> 
>
> Key: MYFACES-4377
> URL: https://issues.apache.org/jira/browse/MYFACES-4377
> Project: MyFaces Core
>  Issue Type: Improvement
>  Components: General
>Affects Versions: 2.3-next-M4, 4.0.0-RC1
>Reporter: Bernd Bohmann
>Assignee: Bernd Bohmann
>Priority: Major
> Fix For: 2.3-next-M5, 4.0.0-RC1
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (MYFACES-4376) Update Cryptographic algorithm in StateUtils to a stronger version

[Thomas Andraschko (Jira)]

 [ 
https://issues.apache.org/jira/browse/MYFACES-4376?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Thomas Andraschko resolved MYFACES-4376.

Resolution: Fixed

> Update Cryptographic algorithm in StateUtils to a stronger version
> --
>
> Key: MYFACES-4376
> URL: https://issues.apache.org/jira/browse/MYFACES-4376
> Project: MyFaces Core
>  Issue Type: Improvement
>  Components: General
>Affects Versions: 3.0.0-RC1, 2.3-next-M4, 4.0.0-RC1
>Reporter: Bernd Bohmann
>Assignee: Bernd Bohmann
>Priority: Major
> Fix For: 2.3-next-M5, 2.3.8, 3.0.0, 2.2.14
>
>
> Change the parameters
> org.apache.myfaces.ALGORITHM  from DES to AES
> and
> org.apache.MAC_ALGORITHM  from HmacSHA1 to HmacSHA256 
> DES and HmacSHA1 are considered to be weak
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (MYFACES-4377) Disable the parsing of external general entities and external parameter entities in XML parsing code

[Thomas Andraschko (Jira)]

[ 
https://issues.apache.org/jira/browse/MYFACES-4377?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281135#comment-17281135
 ] 

Thomas Andraschko commented on MYFACES-4377:


[~bommel] we already commited it? can you please add the "fix versions" and 
resolve this issue?

> Disable the parsing of external general entities and external parameter 
> entities in XML parsing code
> 
>
> Key: MYFACES-4377
> URL: https://issues.apache.org/jira/browse/MYFACES-4377
> Project: MyFaces Core
>  Issue Type: Improvement
>  Components: General
>Affects Versions: 2.3-next-M4, 4.0.0-RC1
>Reporter: Bernd Bohmann
>Assignee: Bernd Bohmann
>Priority: Major
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [myfaces] bohmber merged pull request #174: Bump actions/cache from v2 to v2.1.4

[GitBox]

bohmber merged pull request #174:
URL: https://github.com/apache/myfaces/pull/174


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces] dependabot[bot] opened a new pull request #174: Bump actions/cache from v2 to v2.1.4

[GitBox]

dependabot[bot] opened a new pull request #174:
URL: https://github.com/apache/myfaces/pull/174


   Bumps [actions/cache](https://github.com/actions/cache) from v2 to v2.1.4.
   
   Release notes
   Sourced from https://github.com/actions/cache/releases;>actions/cache's 
releases.
   
   v2.1.4
   
   Make caching more verbose https://github-redirect.dependabot.com/actions/toolkit/pull/650;>#650
   Use GNU tar on macOS if available https://github-redirect.dependabot.com/actions/toolkit/pull/701;>#701
   
   
   
   
   Commits
   
   https://github.com/actions/cache/commit/26968a09c0ea4f3e233fdddbafd1166051a095f6;>26968a0
 Make save/restore logs akin (https://github-redirect.dependabot.com/actions/cache/issues/509;>#509)
   https://github.com/actions/cache/commit/aeaf731ae27476fbdef0ec9028b91f8b07b22c5d;>aeaf731
 Use @actions/cache version 1.0.6 (https://github-redirect.dependabot.com/actions/cache/issues/525;>#525)
   https://github.com/actions/cache/commit/56a8a2f77583e58fcda120d0902eccfbc7b220bf;>56a8a2f
 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/514;>#514 
from eregon/recommend-setup-ruby-bundler-cache
   https://github.com/actions/cache/commit/1bfe3accb30cbecd1eb79cdba246c3a7fc899cdf;>1bfe3ac
 Recommend ruby/setup-ruby's bundler-cache: true option
   https://github.com/actions/cache/commit/354332455a7a9ae5492723ca9d4d082484e173bc;>3543324
 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/434;>#434 
from DanielHabenicht/patch-1
   https://github.com/actions/cache/commit/3303695afa44b4dd4776286c04fc1fbffe1ae68c;>3303695
 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/507;>#507 
from odin-delrio/patch-1
   https://github.com/actions/cache/commit/e64ab303d144824d683711d5c78723c915ff952b;>e64ab30
 Improved gradle cache key calculation example
   https://github.com/actions/cache/commit/26c48dce83c8127f120594ca7290654e35acfa03;>26c48dc
 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/506;>#506 
from actions/cache-matrix-example
   https://github.com/actions/cache/commit/72f66cfa6dcadd8440e1382d36b556a7a43a52bc;>72f66cf
 Added a cache example when using matrix
   https://github.com/actions/cache/commit/9f3a4d3e65eb0e37d28bc055c0d1a91eac6d76fe;>9f3a4d3
 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/443;>#443 
from guilleijo/pipenv-example
   Additional commits viewable in https://github.com/actions/cache/compare/v2...26968a09c0ea4f3e233fdddbafd1166051a095f6;>compare
 view
   
   
   
   
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #303: chore(deps): bump maven-remote-resources-plugin from 1.5 to 1.7.0

[GitBox]

bohmber merged pull request #303:
URL: https://github.com/apache/myfaces-tobago/pull/303


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #300: chore(deps): bump cargo-maven2-plugin from 1.4.13 to 1.8.5

[GitBox]

bohmber merged pull request #300:
URL: https://github.com/apache/myfaces-tobago/pull/300


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #302: chore(deps): bump weld-servlet-shaded from 3.1.5.SP1 to 3.1.6.Final

[GitBox]

bohmber merged pull request #302:
URL: https://github.com/apache/myfaces-tobago/pull/302


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #301: chore(deps-dev): bump junit-jupiter-api from 5.7.0 to 5.7.1

[GitBox]

bohmber merged pull request #301:
URL: https://github.com/apache/myfaces-tobago/pull/301


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #303: chore(deps): bump maven-remote-resources-plugin from 1.5 to 1.7.0

[GitBox]

dependabot[bot] opened a new pull request #303:
URL: https://github.com/apache/myfaces-tobago/pull/303


   Bumps 
[maven-remote-resources-plugin](https://github.com/apache/maven-remote-resources-plugin)
 from 1.5 to 1.7.0.
   
   Commits
   
   https://github.com/apache/maven-remote-resources-plugin/commit/e81f39260da526852df71bea509158b8614b32cc;>e81f392
 [maven-release-plugin] prepare release maven-remote-resources-plugin-1.7.0
   https://github.com/apache/maven-remote-resources-plugin/commit/331f9ada62b1f4fb922ce00a3d8864f9cae2f19d;>331f9ad
 fix code formatting
   https://github.com/apache/maven-remote-resources-plugin/commit/33022e15c1f6212443bd9d10367f07b666fb69b6;>33022e1
 [MRRESOURCES-114] use reproducible project.build.outputTimestamp
   https://github.com/apache/maven-remote-resources-plugin/commit/09f77658d4041d82ae946e8bada4c92c59772568;>09f7765
 Corrected small grammar mistake in usage.apt.vm
   https://github.com/apache/maven-remote-resources-plugin/commit/df37e43faecf42fc7e2c6da327145e69943d7e39;>df37e43
 Adjust test for Jenkins on Windows
   https://github.com/apache/maven-remote-resources-plugin/commit/ba044a9492add0b47a06332aeb0e09376d82744a;>ba044a9
 [MRRESOURCES-112] Require Java 7
   https://github.com/apache/maven-remote-resources-plugin/commit/a67d69c081ccbe60c669e20771f108a6456d7770;>a67d69c
 added README.md
   https://github.com/apache/maven-remote-resources-plugin/commit/aa416d5293a9e1d2d3c8f8ae45fbc32417854c46;>aa416d5
 [maven-release-plugin] prepare for next development iteration
   https://github.com/apache/maven-remote-resources-plugin/commit/ce78dc0b33480e14cd4c19e5581da5a243f4b922;>ce78dc0
 [maven-release-plugin] prepare release maven-remote-resources-plugin-1.6.0
   https://github.com/apache/maven-remote-resources-plugin/commit/7e2a84eba512d4852af2014fe2e91cd639a77132;>7e2a84e
 fixed rendering issue
   Additional commits viewable in https://github.com/apache/maven-remote-resources-plugin/compare/maven-remote-resources-plugin-1.5...maven-remote-resources-plugin-1.7.0;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-remote-resources-plugin=maven=1.5=1.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #297: chore(deps): bump guava from 29.0-jre to 30.1-jre

[GitBox]

bohmber merged pull request #297:
URL: https://github.com/apache/myfaces-tobago/pull/297


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #302: chore(deps): bump weld-servlet-shaded from 3.1.5.SP1 to 3.1.6.Final

[GitBox]

dependabot[bot] opened a new pull request #302:
URL: https://github.com/apache/myfaces-tobago/pull/302


   Bumps weld-servlet-shaded from 3.1.5.SP1 to 3.1.6.Final.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jboss.weld.servlet:weld-servlet-shaded=maven=3.1.5.SP1=3.1.6.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #253: chore(deps): bump dependency-check-maven from 5.2.4 to 6.1.0

[GitBox]

bohmber merged pull request #253:
URL: https://github.com/apache/myfaces-tobago/pull/253


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #301: chore(deps-dev): bump junit-jupiter-api from 5.7.0 to 5.7.1

[GitBox]

dependabot[bot] opened a new pull request #301:
URL: https://github.com/apache/myfaces-tobago/pull/301


   Bumps [junit-jupiter-api](https://github.com/junit-team/junit5) from 5.7.0 
to 5.7.1.
   
   Release notes
   Sourced from https://github.com/junit-team/junit5/releases;>junit-jupiter-api's 
releases.
   
   JUnit 5.7.1 = Platform 1.7.1 + Jupiter 5.7.1 + Vintage 5.7.1
   See http://junit.org/junit5/docs/5.7.1/release-notes/;>Release 
Notes.
   
   
   
   Commits
   
   https://github.com/junit-team/junit5/commit/b5227801590b3a0758c46a4890e6784f7b04649c;>b522780
 Release 5.7.1
   https://github.com/junit-team/junit5/commit/f8c6d4ab7919781ea7401eac2caeac55c5d99d59;>f8c6d4a
 Finalize release notes for 5.7.1
   https://github.com/junit-team/junit5/commit/8b3d5aa0885f1e0a38283de71c7431a77f234cde;>8b3d5aa
 Fix container failure XML reporting (https://github-redirect.dependabot.com/junit-team/junit5/issues/2542;>#2542)
   https://github.com/junit-team/junit5/commit/b394ef08ad2493494032ef9179cbd050e21a614c;>b394ef0
 Use jOOX to test XML reports
   https://github.com/junit-team/junit5/commit/2b7d5b12c19da96eebd37e11ef90df4ebfc0fbed;>2b7d5b1
 Use Java 9 collection factory methods
   https://github.com/junit-team/junit5/commit/5c42adb2b44b3532f5e8563d19d044597e4d8c4f;>5c42adb
 Fix typos
   https://github.com/junit-team/junit5/commit/beddaf450158fd81bf0da9400efb5e1d25eedba9;>beddaf4
 Remove unnecessary throws clause
   https://github.com/junit-team/junit5/commit/85ee2126196c403dab7e05b904a84c05bf58f0db;>85ee212
 Simplify assertions
   https://github.com/junit-team/junit5/commit/c704713e51ddfc3e2a7f811db939702a4350fb65;>c704713
 Fix assertion
   https://github.com/junit-team/junit5/commit/7d6edad19aedae80ce5484dc8677390baac768f8;>7d6edad
 Convert field to local variable
   Additional commits viewable in https://github.com/junit-team/junit5/compare/r5.7.0...r5.7.1;>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.junit.jupiter:junit-jupiter-api=maven=5.7.0=5.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #299: chore(deps): bump maven-jar-plugin from 3.0.2 to 3.2.0

[GitBox]

bohmber merged pull request #299:
URL: https://github.com/apache/myfaces-tobago/pull/299


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #300: chore(deps): bump cargo-maven2-plugin from 1.4.13 to 1.8.5

[GitBox]

dependabot[bot] opened a new pull request #300:
URL: https://github.com/apache/myfaces-tobago/pull/300


   Bumps cargo-maven2-plugin from 1.4.13 to 1.8.5.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.cargo:cargo-maven2-plugin=maven=1.4.13=1.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #294: chore(deps): bump httpcore from 4.4.13 to 4.4.14

[GitBox]

bohmber merged pull request #294:
URL: https://github.com/apache/myfaces-tobago/pull/294


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] closed pull request #285: chore(deps): bump maven-enforcer-plugin from 3.0.0-M1 to 3.0.0-M3

[GitBox]

dependabot[bot] closed pull request #285:
URL: https://github.com/apache/myfaces-tobago/pull/285


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] commented on pull request #285: chore(deps): bump maven-enforcer-plugin from 3.0.0-M1 to 3.0.0-M3

[GitBox]

dependabot[bot] commented on pull request #285:
URL: https://github.com/apache/myfaces-tobago/pull/285#issuecomment-775000655


   Looks like org.apache.maven.plugins:maven-enforcer-plugin is no longer being 
updated by Dependabot, so this is no longer needed.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #299: chore(deps): bump maven-jar-plugin from 3.0.2 to 3.2.0

[GitBox]

dependabot[bot] opened a new pull request #299:
URL: https://github.com/apache/myfaces-tobago/pull/299


   Bumps [maven-jar-plugin](https://github.com/apache/maven-jar-plugin) from 
3.0.2 to 3.2.0.
   
   Commits
   
   https://github.com/apache/maven-jar-plugin/commit/d91fff882f19b0ba9ba90aceca53447cada824ab;>d91fff8
 [maven-release-plugin] prepare release maven-jar-plugin-3.2.0
   https://github.com/apache/maven-jar-plugin/commit/64c5e6530b4712cd95501fffb2de6bb1a202cd89;>64c5e65
 MJAR-263 make output jars reproducible like m-source-p
   https://github.com/apache/maven-jar-plugin/commit/80f58a84aacff6e671f5a601d62a3a3800b507dc;>80f58a8
 [maven-release-plugin] prepare for next development iteration
   https://github.com/apache/maven-jar-plugin/commit/783d893461888533f64893c7e999f3b6c1608b0f;>783d893
 [maven-release-plugin] prepare release maven-jar-plugin-3.1.2
   https://github.com/apache/maven-jar-plugin/commit/8164b8a7372501f5f81a00b5d011a19410107b46;>8164b8a
 [MJAR-259] - Archiving to jar is very slow
   https://github.com/apache/maven-jar-plugin/commit/78dbb2918fcb2086fe5601eb95bb294bcc274639;>78dbb29
 [MJAR-238] Allow setting of module main class
   https://github.com/apache/maven-jar-plugin/commit/13d5a9ec187d813262d88a52f1ac0b8ca7d790d5;>13d5a9e
 removing MockArtifact, not used
   https://github.com/apache/maven-jar-plugin/commit/660cb854c104f92e6816285ba52b15e260fd2a26;>660cb85
 (doc) fix broken link
   https://github.com/apache/maven-jar-plugin/commit/bc84ec046173efccd2694da66923c1821822ede3;>bc84ec0
 [maven-release-plugin] prepare for next development iteration
   https://github.com/apache/maven-jar-plugin/commit/e07216551316bc4cbbc7ae31c41bd494612b8c23;>e072165
 [maven-release-plugin] prepare release maven-jar-plugin-3.1.1
   Additional commits viewable in https://github.com/apache/maven-jar-plugin/compare/maven-jar-plugin-3.0.2...maven-jar-plugin-3.2.0;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-jar-plugin=maven=3.0.2=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #298: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #298:
URL: https://github.com/apache/myfaces-tobago/pull/298


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #298: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #298:
URL: https://github.com/apache/myfaces-tobago/pull/298


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #297: chore(deps): bump guava from 29.0-jre to 30.1-jre

[GitBox]

dependabot[bot] opened a new pull request #297:
URL: https://github.com/apache/myfaces-tobago/pull/297


   Bumps [guava](https://github.com/google/guava) from 29.0-jre to 30.1-jre.
   
   Release notes
   Sourced from https://github.com/google/guava/releases;>guava's releases.
   
   30.1
   Maven
   dependency
 groupIdcom.google.guava/groupId
 artifactIdguava/artifactId
 version30.1-jre/version
 !-- or, for Android: --
 version30.1-android/version
   /dependency
   
   Javadoc
   
   http://guava.dev/releases/30.1-jre/api/docs/;>30.1-jre
   http://guava.dev/releases/30.1-android/api/docs/;>30.1-android
   
   JDiff
   
   http://guava.dev/releases/30.1-jre/api/diffs/;>30.1-jre vs. 
30.0-jre
   http://guava.dev/releases/30.1-android/api/diffs/;>30.1-android 
vs. 30.0-android
   http://guava.dev/releases/30.1-android/api/androiddiffs/;>30.1-android 
vs. 30.1-jre
   
   Changelog
   
   If you use guava-android in an Android project (as opposed to from a 
Java VM), you will need to https://developer.android.com/studio/write/java8-support.html#supported_features;>enable
 desugaring of Java 8 language features if you have not already 
done so. (And if you are releasing an Android library, then anyone who 
uses that library will also have to enable desugaring.) We expect for nearly 
all Android projects to have already enabled desugaring. But if this causes 
problems for you, please let us know on [issue https://github-redirect.dependabot.com/google/guava/issues/5358;>#5358](https://github-redirect.dependabot.com/google/guava/issues/5358;>google/guava#5358).
 The purpose of this change is to detect potential problems for users now so 
that we can plan to use Java 8 language features in our implementation later 
this year.
   Introduced a warning log message when running guava-android 
under a Java 7 VM. (Android VMs are unaffected, aside from the need to use 
desugaring, described in the previous bullet.) This warning is not 
guaranteed to be logged when running under Java 7, so please don't 
rely on it as your only warning about future problems. If the warning 
itself causes you trouble, you can eliminate it by silencing the 
logger for com.google.common.base.MoreObjects$ToStringHelper 
(which is used only for this warning). This warning prepares for https://github-redirect.dependabot.com/google/guava/issues/5269;>removing 
support for Java 7 in 2021. Please report any problems. We have tried to 
make the warning as safe as possible, but anytime a common library logs, there 
is the potential for https://stackoverflow.com/a/41017717/28465;>NullPointerException
 or even https://stackoverflow.com/a/48009613/284
 65">deadlock. (To be clear, Guava will not log under Java 8 or 
Android, but it may log under Java 7.) (dc52e6e385)
   base: Deprecated 
StandardSystemProperty.JAVA_EXT_DIRS. We do not plan to remove the 
API, but note that, under recent versions of Java, that property always has a 
value of null. (38abf07772)
   net: Added HttpHeaders constants for 
Origin-Isolation and X-Request-ID. (a48fb4f724, 
8319d201cd)
   reflect: Added ClassInfo.isTopLevel(). 
(410627262b)
   util.concurrent: Added 
ClosingFuture.submitAsync(AsyncClosingCallable). (c5e2d8d5cb)
   
   30.0
   Maven
   dependency
 groupIdcom.google.guava/groupId
 artifactIdguava/artifactId
 version30.0-jre/version
 !-- or, for Android: --
 version30.0-android/version
   /dependency
   
   Javadoc
   
   http://guava.dev/releases/30.0-jre/api/docs/;>30.0-jre
   http://guava.dev/releases/30.0-android/api/docs/;>30.0-android
   
   
   
   ... (truncated)
   
   
   Commits
   
   See full diff in https://github.com/google/guava/commits;>compare view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.guava:guava=maven=29.0-jre=30.1-jre)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same 

[GitHub] [myfaces-tobago] dependabot[bot] closed pull request #290: chore(deps): bump weld-servlet-shaded from 3.1.5.SP1 to 4.0.0.Final

[GitBox]

dependabot[bot] closed pull request #290:
URL: https://github.com/apache/myfaces-tobago/pull/290


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] commented on pull request #290: chore(deps): bump weld-servlet-shaded from 3.1.5.SP1 to 4.0.0.Final

[GitBox]

dependabot[bot] commented on pull request #290:
URL: https://github.com/apache/myfaces-tobago/pull/290#issuecomment-774997994


   Looks like org.jboss.weld.servlet:weld-servlet-shaded is no longer being 
updated by Dependabot, so this is no longer needed.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #296: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #296:
URL: https://github.com/apache/myfaces-tobago/pull/296


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #296: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #296:
URL: https://github.com/apache/myfaces-tobago/pull/296


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #295: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #295:
URL: https://github.com/apache/myfaces-tobago/pull/295


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #295: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #295:
URL: https://github.com/apache/myfaces-tobago/pull/295


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #294: chore(deps): bump httpcore from 4.4.13 to 4.4.14

[GitBox]

dependabot[bot] opened a new pull request #294:
URL: https://github.com/apache/myfaces-tobago/pull/294


   Bumps httpcore from 4.4.13 to 4.4.14.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.httpcomponents:httpcore=maven=4.4.13=4.4.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] commented on pull request #292: chore(deps): bump jetty-maven-plugin from 10.0.0 to 11.0.0

[GitBox]

dependabot[bot] commented on pull request #292:
URL: https://github.com/apache/myfaces-tobago/pull/292#issuecomment-774991269


   Looks like org.eclipse.jetty:jetty-maven-plugin is no longer being updated 
by Dependabot, so this is no longer needed.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #293: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #293:
URL: https://github.com/apache/myfaces-tobago/pull/293


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] closed pull request #292: chore(deps): bump jetty-maven-plugin from 10.0.0 to 11.0.0

[GitBox]

dependabot[bot] closed pull request #292:
URL: https://github.com/apache/myfaces-tobago/pull/292


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #293: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #293:
URL: https://github.com/apache/myfaces-tobago/pull/293


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #292: chore(deps): bump jetty-maven-plugin from 10.0.0 to 11.0.0

[GitBox]

dependabot[bot] opened a new pull request #292:
URL: https://github.com/apache/myfaces-tobago/pull/292


   Bumps [jetty-maven-plugin](https://github.com/eclipse/jetty.project) from 
10.0.0 to 11.0.0.
   
   Release notes
   Sourced from https://github.com/eclipse/jetty.project/releases;>jetty-maven-plugin's 
releases.
   
   11.0.0
   Eclipse Jetty 11.x Highlights
   
   Jetty 11.x has a minimum Java requirement of Java 11.
   Jetty 11.x modules are proper JPMS modules with 
module-info.class.
   Jetty 11.x supports the following technology specs (from the Jakarta EE 
9 effort):
   
   jakarta.servlet - 5.0.0
   jakarta.servlet.jsp - 3.0.0
   jakarta.servlet.jsp.jstl - 2.0.0
   jakarta.el - 4.0.0
   jakarta.websocket - 2.0.0
   
   
   Jetty 11.x is the first major version of Jetty to support the 
jakarta.servlet namespace.
   Use Jetty 10.x for the older (now outdated) javax.servlet 
namespace.
   
   Important Changes
   
   Classic jetty logging facade has been replaced with slf4j-api usage
   There is no longer a jetty-distribution, use 
jetty-home with a proper ${jetty.base} instead.
   See: https://www.eclipse.org/jetty/documentation/10.0.0/operations-guide/index.html#og-begin-arch;>Operations
 Guide: Architecture
   
   New demo jetty-start module exists to replace the old 
demo-base functionality.
   
   
   Remove jetty-all uber artifact
   Managing Configuration within a WebAppContext 
has a new API.
   (They are now self ordering and do not require knowledge of Jetty internals 
to use successfully)
   Complete WebSocket refactoring, those using the Jetty APIs or 
embedded-jetty will need to update their code.
   
   Support for WebSocket over HTTP/2 (client and server)
   
   
   Jetty HttpClient has been improved.
   
   Supports dynamic protocol upgrade (http/2 and http/1.1).
   
   
   Session management has been refactored as well.
   
   Changelog
   
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5715;>#5715
 - Fix problems caused by upgrade to jstl version.
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5701;>#5701
 - Bump jakarta.servlet.jsp-api from 3.0.0-M1 to 3.0.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5700;>#5700
 - Bump jakarta.servlet.jsp.jstl-api from 2.0.0-RC1 to 2.0.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5626;>#5626
 - Bump maven-resources-plugin from 3.1.0 to 3.2.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5608;>#5608
 - Bump maven-project-info-reports-plugin from 3.0.0 to 3.1.1
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5585;>#5585
 - Bump jakarta.annotation-api from 2.0.0-RC1 to 2.0.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5550;>#5550
 - Bump maven-source-plugin from 3.0.1 to 3.2.1
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5549;>#5549
 - Bump hazelcast.version from 4.0.1 to 4.0.3
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5548;>#5548
 - Bump geronimo-interceptor_1.2_spec from 1.1 to 1.2
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5506;>#5506
 - Bump weld-servlet-core from 4.0.0.Beta1 to 4.0.0.Beta5
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5473;>#5473
 - Bump appassembler-maven-plugin from 2.0.0 to 2.1.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5472;>#5472
 - Bump jna from 5.5.0 to 5.6.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5470;>#5470
 - Bump mail-api.version from 2.0.0-RC4 to 2.0.0-RC6
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5423;>#5423
 - Bump jakarta.servlet-api from 5.0.0-M1 to 5.0.0
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/5380;>#5380
 - Bump maven-war-plugin from 3.2.3 to 3.3.1
   https://github-redirect.dependabot.com/eclipse/jetty.project/issues/4568;>#4568
 - Use jakarta.* namespace for new Jakarta EE 9 Big 
Bang artifacts
   
   11.0.0.beta3
   Changes
   
   
   ... (truncated)
   
   
   Commits
   
   https://github.com/eclipse/jetty.project/commit/432f896d7a4555fcc81f38108757ea0aca8788e6;>432f896
 Updating to version 11.0.0
   https://github.com/eclipse/jetty.project/commit/cc9b41cf17b80285b8d86d847130acbab1d77ced;>cc9b41c
 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x
   https://github.com/eclipse/jetty.project/commit/a3c116f8a0b406a657939997f04ab4bedd05d204;>a3c116f
 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x
   https://github.com/eclipse/jetty.project/commit/cf9a807d6762f3ceb899d4936c18805aab88b456;>cf9a807
 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x
   https://github.com/eclipse/jetty.project/commit/bd269f72e46253bd10490fd6d2ef251a9069ceb3;>bd269f7
 merge jetty-10.0.x into jetty-11.0.x
   

[GitHub] [myfaces-tobago] bohmber merged pull request #291: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #291:
URL: https://github.com/apache/myfaces-tobago/pull/291


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] commented on pull request #289: chore(deps): bump jakarta.json from 1.1.6 to 2.0.0

[GitBox]

dependabot[bot] commented on pull request #289:
URL: https://github.com/apache/myfaces-tobago/pull/289#issuecomment-774987989


   Looks like org.glassfish:jakarta.json is no longer being updated by 
Dependabot, so this is no longer needed.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] closed pull request #289: chore(deps): bump jakarta.json from 1.1.6 to 2.0.0

[GitBox]

dependabot[bot] closed pull request #289:
URL: https://github.com/apache/myfaces-tobago/pull/289


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #291: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #291:
URL: https://github.com/apache/myfaces-tobago/pull/291


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #290: chore(deps): bump weld-servlet-shaded from 3.1.5.SP1 to 4.0.0.Final

[GitBox]

dependabot[bot] opened a new pull request #290:
URL: https://github.com/apache/myfaces-tobago/pull/290


   Bumps weld-servlet-shaded from 3.1.5.SP1 to 4.0.0.Final.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jboss.weld.servlet:weld-servlet-shaded=maven=3.1.5.SP1=4.0.0.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #263: chore(deps): bump validation-api from 1.1.0.Final to 2.0.1.Final

[GitBox]

bohmber merged pull request #263:
URL: https://github.com/apache/myfaces-tobago/pull/263


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #289: chore(deps): bump jakarta.json from 1.1.6 to 2.0.0

[GitBox]

dependabot[bot] opened a new pull request #289:
URL: https://github.com/apache/myfaces-tobago/pull/289


   Bumps [jakarta.json](https://github.com/eclipse-ee4j/jsonp) from 1.1.6 to 
2.0.0.
   
   Release notes
   Sourced from https://github.com/eclipse-ee4j/jsonp/releases;>jakarta.json's 
releases.
   
   Jakarta JSON Processing 2.0.0
   The 2.0.0 release is the first release under the 
jakarta.json.* namespace.
   
   
   
   Commits
   
   See full diff in https://github.com/eclipse-ee4j/jsonp/commits/2.0.0;>compare view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.glassfish:jakarta.json=maven=1.1.6=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #287: chore(deps): bump hibernate-validator from 6.1.6.Final to 6.2.0.Final

[GitBox]

bohmber merged pull request #287:
URL: https://github.com/apache/myfaces-tobago/pull/287


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber merged pull request #288: chore(deps): improved dependabot config

[GitBox]

bohmber merged pull request #288:
URL: https://github.com/apache/myfaces-tobago/pull/288


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [myfaces-tobago] bohmber opened a new pull request #288: chore(deps): improved dependabot config

[GitBox]

bohmber opened a new pull request #288:
URL: https://github.com/apache/myfaces-tobago/pull/288


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org