[PR] Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.0 [syncope]
dependabot[bot] opened a new pull request, #747: URL: https://github.com/apache/syncope/pull/747 Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.6.1 to 3.7.0. Release notes Sourced from https://github.com/apache/maven-dependency-plugin/releases;>org.apache.maven.plugins:maven-dependency-plugin's releases. 3.7.0 https://issues.apache.org/jira/browse/MDEP-941;>[MDEP-941] - Deprecate dependency:sources in favor of dependency:resolv… (https://redirect.github.com/apache/maven-dependency-plugin/pull/411;>#411) https://github.com/michael-o;>@michael-o https://issues.apache.org/jira/browse/MDEP-838;>[MDEP-838] - Artifact has not been packaged yet error message is not … (https://redirect.github.com/apache/maven-dependency-plugin/pull/412;>#412) https://github.com/michael-o;>@michael-o https://issues.apache.org/jira/browse/MDEP-939;>[MDEP-939] - Lock down classifier in dependency:sources goal (https://redirect.github.com/apache/maven-dependency-plugin/pull/409;>#409) https://github.com/michael-o;>@michael-o Revert Fix sources goal for multimodule projects (https://redirect.github.com/apache/maven-dependency-plugin/pull/408;>#408) https://github.com/michael-o;>@michael-o https://issues.apache.org/jira/browse/MDEP-923;>[MDEP-923] - Move methods in place where are used (https://redirect.github.com/apache/maven-dependency-plugin/pull/407;>#407) https://github.com/slawekjaranowski;>@slawekjaranowski MDEP-938] Correct invalid property name and add deprecated old one (https://redirect.github.com/apache/maven-dependency-plugin/pull/404;>#404) https://github.com/hazendaz;>@hazendaz https://issues.apache.org/jira/browse/MDEP-835;>[MDEP-835] - Add optional dependency for tree IT (https://redirect.github.com/apache/maven-dependency-plugin/pull/403;>#403) https://github.com/slawekjaranowski;>@slawekjaranowski Add missing dependency (https://redirect.github.com/apache/maven-dependency-plugin/pull/401;>#401) https://github.com/michael-o;>@michael-o New features and improvements https://issues.apache.org/jira/browse/MDEP-799;>[MDEP-799] - tree: add optional output type json (https://redirect.github.com/apache/maven-dependency-plugin/pull/391;>#391) https://github.com/LogFlames;>@LogFlames https://issues.apache.org/jira/browse/MDEP-928;>[MDEP-928] - Allow excluding classes from dependency:analyze (https://redirect.github.com/apache/maven-dependency-plugin/pull/393;>#393) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MDEP-924;>[MDEP-924] - Get rid of maven-artifact-transfer from list-classes goal (https://redirect.github.com/apache/maven-dependency-plugin/pull/382;>#382) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MDEP-925;>[MDEP-925] - Require Maven 3.6.3 (https://redirect.github.com/apache/maven-dependency-plugin/pull/381;>#381) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MDEP-922;>[MDEP-922] - dependency:analyze-exclusions - should report issue only in current project (https://redirect.github.com/apache/maven-dependency-plugin/pull/378;>#378) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MDEP-917;>[MDEP-917] - dependency:analyze-exclusions - use Resolver API instead of ProjectBuilder (https://redirect.github.com/apache/maven-dependency-plugin/pull/374;>#374) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MDEP-317;>[MDEP-317] - add mojo to analyze invalid exclusions (https://redirect.github.com/apache/maven-dependency-plugin/pull/362;>#362) https://github.com/vbreivik;>@vbreivik https://issues.apache.org/jira/browse/MDEP-894;>[MDEP-894] - Use @Component only - fix tests (https://redirect.github.com/apache/maven-dependency-plugin/pull/360;>#360) https://github.com/michael-o;>@michael-o Bug Fixes https://issues.apache.org/jira/browse/MDEP-914;>[MDEP-914] - Fix link in collect goal description (https://redirect.github.com/apache/maven-dependency-plugin/pull/380;>#380) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MDEP-895;>[MDEP-895] - dependency:sources fails for multi-module project (https://redirect.github.com/apache/maven-dependency-plugin/pull/349;>#349) https://github.com/jmle;>@jmle https://issues.apache.org/jira/browse/MDEP-771;>[MDEP-771] - Remove broken 404 link (https://redirect.github.com/apache/maven-dependency-plugin/pull/344;>#344) https://github.com/elharo;>@elharo Dependency updates https://issues.apache.org/jira/browse/MDEP-936;>[MDEP-936] - Bump org.apache.maven.shared:maven-dependency-tree from 3.2.1 to 3.3.0
[PR] Bump jakarta.servlet:jakarta.servlet-api from 6.0.0 to 6.1.0 [syncope]
dependabot[bot] opened a new pull request, #746: URL: https://github.com/apache/syncope/pull/746 Bumps [jakarta.servlet:jakarta.servlet-api](https://github.com/eclipse-ee4j/servlet-api) from 6.0.0 to 6.1.0. Commits See full diff in https://github.com/eclipse-ee4j/servlet-api/commits;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jakarta.servlet:jakarta.servlet-api=maven=6.0.0=6.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump io.github.git-commit-id:git-commit-id-maven-plugin from 8.0.2 to 9.0.0 [syncope]
ilgrosso merged PR #745: URL: https://github.com/apache/syncope/pull/745 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.asciidoctor:asciidoctorj-pdf from 2.3.15 to 2.3.17 [syncope]
ilgrosso merged PR #744: URL: https://github.com/apache/syncope/pull/744 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump io.github.git-commit-id:git-commit-id-maven-plugin from 8.0.2 to 9.0.0 [syncope]
dependabot[bot] opened a new pull request, #745: URL: https://github.com/apache/syncope/pull/745 Bumps [io.github.git-commit-id:git-commit-id-maven-plugin](https://github.com/git-commit-id/git-commit-id-maven-plugin) from 8.0.2 to 9.0.0. Release notes Sourced from https://github.com/git-commit-id/git-commit-id-maven-plugin/releases;>io.github.git-commit-id:git-commit-id-maven-plugin's releases. Version 9.0.0 is finally there and includes various https://github.com/git-commit-id/git-commit-id-maven-plugin/issues?q=milestone%3A9.0.0closed=1;>bug-fixes and improvements :-) ⚠️ This is a potentially breaking release. Read the release-notes carefully ⚠️ Potential Breaking changes: The main key-aspects that might cause a breakage when migrating to the new version: https://redirect.github.com/git-commit-id/git-commit-id-maven-plugin/issues/737;>#737 / https://redirect.github.com/git-commit-id/git-commit-id-maven-plugin/issues/710;>#710: Require Maven 3.6.3 ⚠️ New Features / Bug-Fixes: The main key-aspects that have been improved or being worked on are the following: Use javac --release instead of -source -target Delete BigDiffTest bump several maven plugins bump org.apache.maven.plugins:maven-assembly-plugin from 3.7.0 to 3.7.1 bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.0 to 3.2.4 bump maven-plugin-plugin.version from 3.11.0 to 3.12.0 bump org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1 bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.12 bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0 bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.1 bump org.apache.maven.plugins:maven-install-plugin from 3.1.1 to 3.1.2 bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.1 to 3.1.2 bump maven-plugin-plugin.version from 3.12.0 to 3.13.0 bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 bump maven-plugin-plugin.version from 3.13.0 to 3.13.1 bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 bump several dependencies bump commons-io:commons-io from 2.15.1 to 2.16.1 bump org.slf4j:slf4j-simple from 2.0.12 to 2.0.13 (tests) bump org.mockito:mockito-core from 5.11.0 to 5.12.0 (tests) bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (tests) Getting the latest release The plugin is available from Maven Central (https://search.maven.org/search?q=g:io.github.git-commit-id%20AND%20a:git-commit-id-maven-plugin;>see here), so you don't have to configure any additional repositories to use this plugin. All you need to do is to configure it inside your project as dependency: dependency groupIdio.github.git-commit-id/groupId artifactIdgit-commit-id-maven-plugin/artifactId version9.0.0/version /dependency Getting the latest snapshot (build automatically) If you can't wait for the next release, you can also get the latest snapshot version from sonatype, that is being deployed automatically by github actions: pluginRepositories pluginRepository /tr/table ... (truncated) Commits https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/4b52fca34295a314b5c79c1f4de726203e75852b;>4b52fca [maven-release-plugin] prepare release v9.0.0 https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/dab2f12b887963a4d8e2e98f8c45a295a77ecbed;>dab2f12 test with java 22 https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/5321c8f80914744392fc1cc3db2f3af9a66a2259;>5321c8f test with the latest maven versions https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/ae8ebb0d42271cac512865a3011ab8c36e9bb92e;>ae8ebb0 Merge pull request https://redirect.github.com/git-commit-id/git-commit-id-maven-plugin/issues/752;>#752 from git-commit-id/dependabot/maven/org.apache.maven https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/bf4e9c332dc9667959b5996992940628c3703f5c;>bf4e9c3 Merge pull request https://redirect.github.com/git-commit-id/git-commit-id-maven-plugin/issues/751;>#751 from git-commit-id/dependabot/maven/org.apache.maven https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/f950e4a603affd4165946d487c84909a4e3d5e4a;>f950e4a Merge pull request https://redirect.github.com/git-commit-id/git-commit-id-maven-plugin/issues/750;>#750 from git-commit-id/dependabot/maven/maven-plugin-plug... https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/38d38a5a8a6424e7dfe9c99c0877275e409f7155;>38d38a5 Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 https://github.com/git-commit-id/git-commit-id-maven-plugin/commit/6672a85cf03621a07ef8a68fd6d6d42243ce0942;>6672a85
[PR] Bump org.asciidoctor:asciidoctorj-pdf from 2.3.15 to 2.3.17 [syncope]
dependabot[bot] opened a new pull request, #744: URL: https://github.com/apache/syncope/pull/744 Bumps [org.asciidoctor:asciidoctorj-pdf](https://github.com/asciidoctor/asciidoctorj-pdf) from 2.3.15 to 2.3.17. Release notes Sourced from https://github.com/asciidoctor/asciidoctorj-pdf/releases;>org.asciidoctor:asciidoctorj-pdf's releases. v2.3.17 What's Changed Upgrade to asciidoctor-pdf 2.3.17 by https://github.com/robertpanzer;>@robertpanzer in https://redirect.github.com/asciidoctor/asciidoctorj-pdf/pull/104;>asciidoctor/asciidoctorj-pdf#104 Full Changelog: https://github.com/asciidoctor/asciidoctorj-pdf/compare/v2.3.15...v2.3.17;>https://github.com/asciidoctor/asciidoctorj-pdf/compare/v2.3.15...v2.3.17 Commits https://github.com/asciidoctor/asciidoctorj-pdf/commit/c2bf3adc3f03966ea8c83b467125e61380ee8261;>c2bf3ad Merge pull request https://redirect.github.com/asciidoctor/asciidoctorj-pdf/issues/104;>#104 from robertpanzer/asciidoctor-2.3.17 https://github.com/asciidoctor/asciidoctorj-pdf/commit/a15fc1f0a3b658cb27031063d8805512d8ac;>a15fc1f Use macos-13 for ci build https://github.com/asciidoctor/asciidoctorj-pdf/commit/4bb576dae41db3e35f8e3f97140e7b9f69a416a5;>4bb576d Upgrade to asciidoctor-pdf 2.3.17 See full diff in https://github.com/asciidoctor/asciidoctorj-pdf/compare/v2.3.15...v2.3.17;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.asciidoctor:asciidoctorj-pdf=maven=2.3.15=2.3.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SYNCOPE-1804] Enabling integration tests (with some hopefully temporary exclusions) [syncope]
ilgrosso merged PR #743: URL: https://github.com/apache/syncope/pull/743 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SYNCOPE-1804] Enabling integration tests (with some hopefully temporary exclusions) [syncope]
github-advanced-security[bot] commented on code in PR #743: URL: https://github.com/apache/syncope/pull/743#discussion_r1633139486 ## common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/AnyOperations.java: ## @@ -494,17 +494,16 @@ } // 1. relationships -anyObjectUR.getRelationships(). -forEach(relPatch -> { -if (relPatch.getRelationshipTO() == null) { -LOG.warn("Invalid {} specified: {}", RelationshipUR.class.getName(), relPatch); -} else { - result.getRelationships().remove(relPatch.getRelationshipTO()); -if (relPatch.getOperation() == PatchOperation.ADD_REPLACE) { - result.getRelationships().add(relPatch.getRelationshipTO()); -} -} -}); +anyObjectUR.getRelationships().forEach(relPatch -> { +if (relPatch.getRelationshipTO() == null) { +LOG.warn("Invalid {} specified: {}", RelationshipUR.class.getName(), relPatch); Review Comment: ## Use of default toString() Default toString(): RelationshipUR inherits toString() from Object, and so is not suitable for printing. [Show more details](https://github.com/apache/syncope/security/code-scanning/1604) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] [SYNCOPE-1804] Enabling integration tests (with some hopefully temporary exclusions) [syncope]
ilgrosso opened a new pull request, #743: URL: https://github.com/apache/syncope/pull/743 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump wicket-bootstrap.version from 7.0.4 to 7.0.5 [syncope]
ilgrosso merged PR #742: URL: https://github.com/apache/syncope/pull/742 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump wicket-bootstrap.version from 7.0.4 to 7.0.5 [syncope]
dependabot[bot] opened a new pull request, #742: URL: https://github.com/apache/syncope/pull/742 Bumps `wicket-bootstrap.version` from 7.0.4 to 7.0.5. Updates `de.agilecoders.wicket:wicket-bootstrap-core` from 7.0.4 to 7.0.5 Commits https://github.com/martin-g/wicket-bootstrap/commit/c852cabf257f5d221f92e6746f0791d369334f09;>c852cab [maven-release-plugin] prepare release bootstrap-parent-7.0.5 https://github.com/martin-g/wicket-bootstrap/commit/22d2334587b3ef2bf60b12b87cf5e7f17800723a;>22d2334 Refactoring/1090 upgrade jscookie webjars (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1091;>#1091) https://github.com/martin-g/wicket-bootstrap/commit/ccdd7cb0949b4d670177b02e9b03f3d7605449cd;>ccdd7cb [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/l0rdn1kk0n/wicket-bootstrap/compare/bootstrap-parent-7.0.4...bootstrap-parent-7.0.5;>compare view Updates `de.agilecoders.wicket:wicket-bootstrap-extensions` from 7.0.4 to 7.0.5 Commits https://github.com/martin-g/wicket-bootstrap/commit/c852cabf257f5d221f92e6746f0791d369334f09;>c852cab [maven-release-plugin] prepare release bootstrap-parent-7.0.5 https://github.com/martin-g/wicket-bootstrap/commit/22d2334587b3ef2bf60b12b87cf5e7f17800723a;>22d2334 Refactoring/1090 upgrade jscookie webjars (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1091;>#1091) https://github.com/martin-g/wicket-bootstrap/commit/ccdd7cb0949b4d670177b02e9b03f3d7605449cd;>ccdd7cb [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/l0rdn1kk0n/wicket-bootstrap/compare/bootstrap-parent-7.0.4...bootstrap-parent-7.0.5;>compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.opensearch.client:opensearch-java from 2.10.3 to 2.10.4 [syncope]
ilgrosso merged PR #740: URL: https://github.com/apache/syncope/pull/740 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.3 to 9.40 [syncope]
ilgrosso merged PR #741: URL: https://github.com/apache/syncope/pull/741 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.3 to 9.40 [syncope]
dependabot[bot] opened a new pull request, #741: URL: https://github.com/apache/syncope/pull/741 Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.39.3 to 9.40. Changelog Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's changelog. version 1.0 (2012-03-01) First version based on the OpenInfoCard JWT, JWS and JWE code base. version 1.1 (2012-03-06) Introduces type-safe enumeration of the JSON Web Algorithms (JWA). Refactors the JWT class. version 1.2 (2012-03-08) Moves JWS and JWE code into separate classes. version 1.3 (2012-03-09) Switches to Apache Commons Codec for Base64URL encoding and decoding Consolidates the crypto utilities within the package. Introduces a JWT content serialiser class. version 1.4 (2012-03-09) Refactoring of JWT class and JUnit tests. version 1.5 (2012-03-18) Switches to JSON Smart for JSON serialisation and parsing. Introduces claims set class with JSON objects, string, Base64URL and byte array views. version 1.6 (2012-03-20) Creates class for representing, serialising and parsing JSON Web Keys (JWK). Introduces separate class for representing JWT headers. version 1.7 (2012-04-01) Introduces separate classes for plain, JWS and JWE headers. Introduces separate classes for plain, signed and encrypted JWTs. Removes the JWTContent class. Removes password-based (PE820) encryption support. version 1.8 (2012-04-03) Adds support for the ZIP JWE header parameter. Removes unsupported algorithms from the JWA enumeration. version 1.9 (2012-04-03) Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod(). version 1.9.1 (2012-04-03) Upgrades JSON Smart JAR to 1.1.1. version 1.10 (2012-04-14) Introduces serialize() method to base abstract JWT class. version 1.11 (2012-05-13) JWT.serialize() throws checked JWTException instead of ... (truncated) Commits https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/493fc200e4df03dc8fb1272baa27471affb52119;>493fc20 [maven-release-plugin] prepare for next development iteration https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2c6d225d80e335220cb51ffb64bc853bf4672640;>2c6d225 New JWTClaimsSet.Builder.serializeNullClaims(boolean) method, fixes JWTClaims... https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2af7c016f8c6a6295a75e93a460e6ff57a579cad;>2af7c01 [maven-release-plugin] prepare release 9.40 See full diff in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.40..9.39.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.39.3=9.40)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe,
[PR] Bump org.opensearch.client:opensearch-java from 2.10.3 to 2.10.4 [syncope]
dependabot[bot] opened a new pull request, #740: URL: https://github.com/apache/syncope/pull/740 Bumps [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) from 2.10.3 to 2.10.4. Release notes Sourced from https://github.com/opensearch-project/opensearch-java/releases;>org.opensearch.client:opensearch-java's releases. v2.10.4 What's Changed [Backport] [2.x] ApacheHttpClient5Transport requires Apache Commons Logging dependency (https://redirect.github.com/opensearch-project/opensearch-java/issues/1003;>#1003) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/1004;>opensearch-project/opensearch-java#1004 [Backport 2.x] Recreate or wrap exceptions thrown by async transport implementations to preserve caller stack traces by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/1006;>opensearch-project/opensearch-java#1006 [Backport 2.x] Add text embedding processor by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/1010;>opensearch-project/opensearch-java#1010 [Backport] [2.10.4] Modify to not use URLEncodedUtils (https://redirect.github.com/opensearch-project/opensearch-java/issues/999;>#999) (https://redirect.github.com/opensearch-project/opensearch-java/issues/1012;>#1012) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/1013;>opensearch-project/opensearch-java#1013 Full Changelog: https://github.com/opensearch-project/opensearch-java/compare/v2.10.3...v2.10.4;>https://github.com/opensearch-project/opensearch-java/compare/v2.10.3...v2.10.4 Changelog Sourced from https://github.com/opensearch-project/opensearch-java/blob/v2.10.4/CHANGELOG.md;>org.opensearch.client:opensearch-java's changelog. [2.10.4] - 06/05/2024 Added Added support for https://opensearch.org/docs/latest/ingest-pipelines/processors/text-embedding/;>text embedding processor (https://redirect.github.com/opensearch-project/opensearch-java/pull/1007;>#1007) Dependencies Changed Deprecated Removed Fixed ApacheHttpClient5Transport requires Apache Commons Logging dependency (https://redirect.github.com/opensearch-project/opensearch-java/pull/1003;>#1003) Preserve caller information in stack traces when synchronous callers use asynchronous transports (https://redirect.github.com/opensearch-project/opensearch-java/pull/656;>#656) Fix java.lang.NoSuchMethodError: org.apache.http.client.utils.URLEncodedUtils.formatSegments w/o httpclient (https://redirect.github.com/opensearch-project/opensearch-java/pull/999;>#999) Security Commits https://github.com/opensearch-project/opensearch-java/commit/f29a574a6662c85ff4bca59cf9cf77700731bcea;>f29a574 Prepare 2.10.4 release (https://redirect.github.com/opensearch-project/opensearch-java/issues/1014;>#1014) https://github.com/opensearch-project/opensearch-java/commit/19988008994344b56b59c8b34323ead3bfd7a23f;>1998800 Modify to not use URLEncodedUtils (https://redirect.github.com/opensearch-project/opensearch-java/issues/999;>#999) (https://redirect.github.com/opensearch-project/opensearch-java/issues/1012;>#1012) (https://redirect.github.com/opensearch-project/opensearch-java/issues/1013;>#1013) https://github.com/opensearch-project/opensearch-java/commit/2c690250128ac9a8c64eb585660d5edba5663bbf;>2c69025 Add text embedding processor (https://redirect.github.com/opensearch-project/opensearch-java/issues/1007;>#1007) (https://redirect.github.com/opensearch-project/opensearch-java/issues/1010;>#1010) https://github.com/opensearch-project/opensearch-java/commit/4f017907bc7d3e39459a24c29275c3c51b207deb;>4f01790 Recreate or wrap exceptions thrown by async transport implementations to pres... https://github.com/opensearch-project/opensearch-java/commit/c5a84c1af315a98af73b8441eab23115d4b9cb65;>c5a84c1 ApacheHttpClient5Transport requires Apache Commons Logging dependency (https://redirect.github.com/opensearch-project/opensearch-java/issues/1003;>#1003)... https://github.com/opensearch-project/opensearch-java/commit/ad8a5a4d5b7808a2e8798451f0eb0a97621b2906;>ad8a5a4 Finalize 2.10.3 release (https://redirect.github.com/opensearch-project/opensearch-java/issues/994;>#994) See full diff in https://github.com/opensearch-project/opensearch-java/compare/v2.10.3...v2.10.4;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.opensearch.client:opensearch-java=maven=2.10.3=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Re: [PR] Bump co.elastic.clients:elasticsearch-java from 8.13.4 to 8.14.0 [syncope]
dependabot[bot] closed pull request #737: Bump co.elastic.clients:elasticsearch-java from 8.13.4 to 8.14.0 URL: https://github.com/apache/syncope/pull/737 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 [syncope]
dependabot[bot] commented on PR #739: URL: https://github.com/apache/syncope/pull/739#issuecomment-2151452950 Looks like org.apache.maven.plugins:maven-checkstyle-plugin is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 [syncope]
ilgrosso commented on PR #739: URL: https://github.com/apache/syncope/pull/739#issuecomment-2151452537 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump co.elastic.clients:elasticsearch-java from 8.13.4 to 8.14.0 [syncope]
dependabot[bot] commented on PR #737: URL: https://github.com/apache/syncope/pull/737#issuecomment-2151453009 Looks like co.elastic.clients:elasticsearch-java is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 [syncope]
dependabot[bot] closed pull request #739: Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 URL: https://github.com/apache/syncope/pull/739 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump co.elastic.clients:elasticsearch-java from 8.13.4 to 8.14.0 [syncope]
ilgrosso commented on PR #737: URL: https://github.com/apache/syncope/pull/737#issuecomment-2151452604 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.glassfish:jakarta.faces from 4.0.7 to 4.1.0 [syncope]
ilgrosso merged PR #738: URL: https://github.com/apache/syncope/pull/738 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 [syncope]
dependabot[bot] opened a new pull request, #739: URL: https://github.com/apache/syncope/pull/739 Bumps [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.3.1 to 3.4.0. Commits https://github.com/apache/maven-checkstyle-plugin/commit/3af735f04cc3d6dd5e785d626043ecbe46a63395;>3af735f [maven-release-plugin] prepare release maven-checkstyle-plugin-3.4.0 https://github.com/apache/maven-checkstyle-plugin/commit/e72bd83039bdee65126e36eebe58a175cbd39fc5;>e72bd83 [MCHECKSTYLE-448] Upgrade to Parent 42 and Maven 3.6.3 https://github.com/apache/maven-checkstyle-plugin/commit/61def027fbe275572c496cd0ba7429b47e209258;>61def02 Add missing dependencies https://github.com/apache/maven-checkstyle-plugin/commit/142304a4d93d41a2f95e5f577387ca9de004807a;>142304a [MCHECKSTYLE-450] Checkstyle rule link format results in 404 https://github.com/apache/maven-checkstyle-plugin/commit/1ad603398fb3e8db919dcd6c15338ecce9ad;>1ad6033 [MCHECKSTYLE-449] Add support for SARIF output format https://github.com/apache/maven-checkstyle-plugin/commit/a29a2943756552b5fc2a27ec36085de323d43d66;>a29a294 Bump maven-gh-actions-shared to v4 https://github.com/apache/maven-checkstyle-plugin/commit/cf708a3f8ceea2226b506b5c351b31c971afc52b;>cf708a3 [MCHECKSTYLE-447] Bump org.codehaus.plexus:plexus-resources from 1.1.0 to 1.3... https://github.com/apache/maven-checkstyle-plugin/commit/34fcf3ea87a91bbe1a7511a6f393ca59066a30a9;>34fcf3e Bump org.codehaus.mojo:build-helper-maven-plugin from 3.4.0 to 3.5.0 (https://redirect.github.com/apache/maven-checkstyle-plugin/issues/127;>#127) https://github.com/apache/maven-checkstyle-plugin/commit/05df96b987b69b6137faccfe57108378752614a9;>05df96b Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.14.0 (https://redirect.github.com/apache/maven-checkstyle-plugin/issues/128;>#128) https://github.com/apache/maven-checkstyle-plugin/commit/6521c2995ef17ddfacb654c6e5bc1bd8f5b65bd0;>6521c29 Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 (https://redirect.github.com/apache/maven-checkstyle-plugin/issues/131;>#131) Additional commits viewable in https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.3.1...maven-checkstyle-plugin-3.4.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-checkstyle-plugin=maven=3.3.1=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump co.elastic.clients:elasticsearch-java from 8.13.4 to 8.14.0 [syncope]
dependabot[bot] opened a new pull request, #737: URL: https://github.com/apache/syncope/pull/737 Bumps [co.elastic.clients:elasticsearch-java](https://github.com/elastic/elasticsearch-java) from 8.13.4 to 8.14.0. Commits https://github.com/elastic/elasticsearch-java/commit/ccae93f2120c99921cd377aefb088937378a039f;>ccae93f node info unit test https://github.com/elastic/elasticsearch-java/commit/131c604190e01a364f7acb4bd2efd204f20947f0;>131c604 FIxes from spec 2597 (https://redirect.github.com/elastic/elasticsearch-java/issues/825;>#825) https://github.com/elastic/elasticsearch-java/commit/5452149500bfacee21a11e1acdd462524d67c25d;>5452149 [codegen] update to latest generator https://github.com/elastic/elasticsearch-java/commit/f80ab0524de9eb75d244e75a2450f3135a4a6de8;>f80ab05 [codegen] update to latest api spec https://github.com/elastic/elasticsearch-java/commit/de2329210aa3b962e0f905e805a1ee7ac35abd91;>de23292 Dependencies update (https://redirect.github.com/elastic/elasticsearch-java/issues/805;>#805) (https://redirect.github.com/elastic/elasticsearch-java/issues/823;>#823) https://github.com/elastic/elasticsearch-java/commit/ae7d7e6fc0254b027c68938a2172183a7755fe6e;>ae7d7e6 reference to examples in asciidocs (https://redirect.github.com/elastic/elasticsearch-java/issues/819;>#819) (https://redirect.github.com/elastic/elasticsearch-java/issues/821;>#821) https://github.com/elastic/elasticsearch-java/commit/4b56ca424158ad1a1a5187bf486c4c52303b66e0;>4b56ca4 [codegen] update to latest api spec https://github.com/elastic/elasticsearch-java/commit/aa306fbf2ac9351370e4515daddab4c400f6c7e6;>aa306fb Fixes from spec 2552 (https://redirect.github.com/elastic/elasticsearch-java/issues/816;>#816) https://github.com/elastic/elasticsearch-java/commit/444ffd8cdae2bd7a120cc4cfbb27c83e5a9dca1f;>444ffd8 Revert Add EQ|QL version support with its default value (https://redirect.github.com/elastic/elasticsearch-java/issues/791;>#791) (https://redirect.github.com/elastic/elasticsearch-java/issues/792;>#792) https://github.com/elastic/elasticsearch-java/commit/f0c2440966cac55f6aa6557ba05bd55bccbff3e0;>f0c2440 [codegen] update to latest api spec Additional commits viewable in https://github.com/elastic/elasticsearch-java/compare/v8.13.4...v8.14.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=co.elastic.clients:elasticsearch-java=maven=8.13.4=8.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.glassfish:jakarta.faces from 4.0.7 to 4.1.0 [syncope]
dependabot[bot] opened a new pull request, #738: URL: https://github.com/apache/syncope/pull/738 Bumps org.glassfish:jakarta.faces from 4.0.7 to 4.1.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.glassfish:jakarta.faces=maven=4.0.7=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 [syncope]
ilgrosso merged PR #735: URL: https://github.com/apache/syncope/pull/735 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump wicket-bootstrap.version from 7.0.3 to 7.0.4 [syncope]
ilgrosso merged PR #736: URL: https://github.com/apache/syncope/pull/736 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump wicket-bootstrap.version from 7.0.3 to 7.0.4 [syncope]
dependabot[bot] opened a new pull request, #736: URL: https://github.com/apache/syncope/pull/736 Bumps `wicket-bootstrap.version` from 7.0.3 to 7.0.4. Updates `de.agilecoders.wicket:wicket-bootstrap-core` from 7.0.3 to 7.0.4 Commits https://github.com/martin-g/wicket-bootstrap/commit/cc0c6a8e896e9b95518116de4ad964963161a524;>cc0c6a8 [maven-release-plugin] prepare release bootstrap-parent-7.0.4 https://github.com/martin-g/wicket-bootstrap/commit/4778fb9e21e6bd67874fcb850c125cf94ceead8b;>4778fb9 Version up/downgrades https://github.com/martin-g/wicket-bootstrap/commit/d0138c78f8b8b1327ab3bb7c4b3a65cab2382ef6;>d0138c7 Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1089;>#1089) https://github.com/martin-g/wicket-bootstrap/commit/30904f5e35d8c704f0cdcfeafca1ccad28d3382e;>30904f5 Bump wicket.version from 10.0.0 to 10.1.0 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1088;>#1088) https://github.com/martin-g/wicket-bootstrap/commit/8eebaf6792d94093ea5ef4a294838a624f46a8fd;>8eebaf6 Bump org.webjars:jquery-ui from 1.13.2 to 1.13.3 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1087;>#1087) https://github.com/martin-g/wicket-bootstrap/commit/23d7ea01fd8036511a53b66444278b556fefb902;>23d7ea0 Update wicket-source from 7.0 to 9.0 https://github.com/martin-g/wicket-bootstrap/commit/21ce2b30904152f2407028658cc2dd642c337ebb;>21ce2b3 Bump jetty.version from 11.0.20 to 11.0.21 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1085;>#1085) https://github.com/martin-g/wicket-bootstrap/commit/7ddaef9d0aaa2688e37cd94208911d031d962820;>7ddaef9 Bump commons-logging:commons-logging from 1.3.1 to 1.3.2 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1086;>#1086) https://github.com/martin-g/wicket-bootstrap/commit/07b9b3e7727aa456641433110f8b75605fbde327;>07b9b3e Bump org.mockito:mockito-core from 5.11.0 to 5.12.0 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1084;>#1084) https://github.com/martin-g/wicket-bootstrap/commit/de063bddd7e7897bc6d6dd15644bd6eef3d578c3;>de063bd Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.1 to 3.1.2 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1083;>#1083) Additional commits viewable in https://github.com/l0rdn1kk0n/wicket-bootstrap/compare/bootstrap-parent-7.0.3...bootstrap-parent-7.0.4;>compare view Updates `de.agilecoders.wicket:wicket-bootstrap-extensions` from 7.0.3 to 7.0.4 Commits https://github.com/martin-g/wicket-bootstrap/commit/cc0c6a8e896e9b95518116de4ad964963161a524;>cc0c6a8 [maven-release-plugin] prepare release bootstrap-parent-7.0.4 https://github.com/martin-g/wicket-bootstrap/commit/4778fb9e21e6bd67874fcb850c125cf94ceead8b;>4778fb9 Version up/downgrades https://github.com/martin-g/wicket-bootstrap/commit/d0138c78f8b8b1327ab3bb7c4b3a65cab2382ef6;>d0138c7 Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1089;>#1089) https://github.com/martin-g/wicket-bootstrap/commit/30904f5e35d8c704f0cdcfeafca1ccad28d3382e;>30904f5 Bump wicket.version from 10.0.0 to 10.1.0 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1088;>#1088) https://github.com/martin-g/wicket-bootstrap/commit/8eebaf6792d94093ea5ef4a294838a624f46a8fd;>8eebaf6 Bump org.webjars:jquery-ui from 1.13.2 to 1.13.3 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1087;>#1087) https://github.com/martin-g/wicket-bootstrap/commit/23d7ea01fd8036511a53b66444278b556fefb902;>23d7ea0 Update wicket-source from 7.0 to 9.0 https://github.com/martin-g/wicket-bootstrap/commit/21ce2b30904152f2407028658cc2dd642c337ebb;>21ce2b3 Bump jetty.version from 11.0.20 to 11.0.21 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1085;>#1085) https://github.com/martin-g/wicket-bootstrap/commit/7ddaef9d0aaa2688e37cd94208911d031d962820;>7ddaef9 Bump commons-logging:commons-logging from 1.3.1 to 1.3.2 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1086;>#1086) https://github.com/martin-g/wicket-bootstrap/commit/07b9b3e7727aa456641433110f8b75605fbde327;>07b9b3e Bump org.mockito:mockito-core from 5.11.0 to 5.12.0 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1084;>#1084) https://github.com/martin-g/wicket-bootstrap/commit/de063bddd7e7897bc6d6dd15644bd6eef3d578c3;>de063bd Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.1 to 3.1.2 (https://redirect.github.com/l0rdn1kk0n/wicket-bootstrap/issues/1083;>#1083) Additional commits viewable in https://github.com/l0rdn1kk0n/wicket-bootstrap/compare/bootstrap-parent-7.0.3...bootstrap-parent-7.0.4;>compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself.
[PR] Bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 [syncope]
dependabot[bot] opened a new pull request, #735: URL: https://github.com/apache/syncope/pull/735 Bumps [org.apache.maven.plugins:maven-jxr-plugin](https://github.com/apache/maven-jxr) from 3.3.2 to 3.4.0. Commits https://github.com/apache/maven-jxr/commit/d1639af40a7cb9bd4366004acf11a7e85dd45137;>d1639af [maven-release-plugin] prepare release jxr-3.4.0 https://github.com/apache/maven-jxr/commit/2d507e044e8ae424d760c005d781bcb719a0d37b;>2d507e0 [JXR-191] Upgrade to Parent 42 and Maven 3.6.3 https://github.com/apache/maven-jxr/commit/e58908ad7ad2a3c3ea539bcc1ba5b2a6c554834f;>e58908a Fix misformatted plugin documentation https://github.com/apache/maven-jxr/commit/bbab74728b4e0c5bd3a9b515a6cafb8e9bca;>bbab747 Bump commons-io:commons-io from 2.16.0 to 2.16.1 (https://redirect.github.com/apache/maven-jxr/issues/110;>#110) https://github.com/apache/maven-jxr/commit/c287dff70a2c9ca4ca2e0bdb8dc7e76e5b25e4c6;>c287dff [JXR-190] Bump commons-io:commons-io from 2.15.1 to 2.16.0 (https://redirect.github.com/apache/maven-jxr/issues/109;>#109) https://github.com/apache/maven-jxr/commit/0b2a8bd4b5ca776592f62048a2c8a34aa8bfb2b2;>0b2a8bd Bump apache/maven-gh-actions-shared from 3 to 4 https://github.com/apache/maven-jxr/commit/0fba2396ca1221a8e72e08809958dc3b74e6b952;>0fba239 Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.14.0 (https://redirect.github.com/apache/maven-jxr/issues/103;>#103) https://github.com/apache/maven-jxr/commit/86465086f8409d915b47d015c9bf2baf5697b6ba;>8646508 Bump commons-io:commons-io from 2.14.0 to 2.15.1 (https://redirect.github.com/apache/maven-jxr/issues/105;>#105) https://github.com/apache/maven-jxr/commit/2463573e010d852bd0358a8bf4fe35d04b658015;>2463573 [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/apache/maven-jxr/compare/jxr-3.3.2...jxr-3.4.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-jxr-plugin=maven=3.3.2=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.sonarsource.scanner.maven:sonar-maven-plugin from 3.11.0.3922 to 4.0.0.4121 [syncope]
ilgrosso merged PR #731: URL: https://github.com/apache/syncope/pull/731 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 [syncope]
ilgrosso merged PR #732: URL: https://github.com/apache/syncope/pull/732 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.webjars:swagger-ui from 5.17.11 to 5.17.14 [syncope]
ilgrosso merged PR #733: URL: https://github.com/apache/syncope/pull/733 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.icegreen:greenmail from 2.1.0-alpha-4 to 2.1.0-rc-1 [syncope]
ilgrosso merged PR #734: URL: https://github.com/apache/syncope/pull/734 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.icegreen:greenmail from 2.1.0-alpha-4 to 2.1.0-rc-1 [syncope]
dependabot[bot] opened a new pull request, #734: URL: https://github.com/apache/syncope/pull/734 Bumps [com.icegreen:greenmail](https://github.com/greenmail-mail-test/greenmail) from 2.1.0-alpha-4 to 2.1.0-rc-1. Release notes Sourced from https://github.com/greenmail-mail-test/greenmail/releases;>com.icegreen:greenmail's releases. release-2.1.0-rc-1 This is the latest https://github.com/greenmail-mail-test/greenmail/issues?q=is%3Aclosed+milestone%3A2.1.0-rc-1;>2.1.0-rc-1 preview release of GreenMail 2.1 based on Jakarta Mail 2.1 / Jakarta EE 10 Use https://repo1.maven.org/maven2/com/icegreen/greenmail/2.1.0-rc-1/;>Maven Central GAV coordinates com.icegreen:greenmail:2.1.0-rc-1 or see https://greenmail-mail-test.github.io/greenmail/#download;>download instructions What's Changed Breaking changes IMAP Content-Type differs POP3 and IMAP (conten-type is not upper-cased anymore) https://redirect.github.com/greenmail-mail-test/greenmail/issues/706;>#706 Bugfixes Handle input stream body fetch edge case by https://github.com/abdulaziz1928;>@abdulaziz1928 in https://redirect.github.com/greenmail-mail-test/greenmail/pull/724;>greenmail-mail-test/greenmail#724 Do not preload hidden files and files in hidden folders https://redirect.github.com/greenmail-mail-test/greenmail/issues/682;>#682 by https://github.com/An1s9n;>@An1s9n in htps://redirect.github.com/greenmail-mail-test/greenmail/pull/683 Dependency updates Bump spring.version from 5.3.32 to 5.3.36 https://redirect.github.com/greenmail-mail-test/greenmail/issues/698;>#698, https://redirect.github.com/greenmail-mail-test/greenmail/issues/707;>#707, https://redirect.github.com/greenmail-mail-test/greenmail/issues/721;>#721, https://redirect.github.com/greenmail-mail-test/greenmail/issues/723;>#723 Bump jetty.version from 11.0.19 to 11.0.21 https://redirect.github.com/greenmail-mail-test/greenmail/issues/677;>#677, https://redirect.github.com/greenmail-mail-test/greenmail/issues/722;>#722 Bump docker base image azul/zulu-openjdk from 11.0.21-jre to 11.0.23-jre in /greenmail-docker/standalone https://redirect.github.com/greenmail-mail-test/greenmail/issues/681;>#681, https://redirect.github.com/greenmail-mail-test/greenmail/issues/710;>#710 Bump jakarta.mail:jakarta.mail-api from 2.1.2 to 2.1.3 https://redirect.github.com/greenmail-mail-test/greenmail/issues/693;>#693 Bump jakarta.activation:jakarta.activation-api from 2.1.2 to 2.1.3 https://redirect.github.com/greenmail-mail-test/greenmail/issues/691;>#691 Bump org.eclipse.angus:angus-activation from 2.0.1 to 2.0.2 https://redirect.github.com/greenmail-mail-test/greenmail/issues/692;>#692 Bump org.eclipse.angus:jakarta.mail from 2.0.2 to 2.0.3 https://redirect.github.com/greenmail-mail-test/greenmail/issues/694;>#694 Bump junit5.version from 5.10.1 to 5.10.2 https://redirect.github.com/greenmail-mail-test/greenmail/issues/679;>#679 New Contributors https://github.com/An1s9n;>@An1s9n made their first contribution in https://redirect.github.com/greenmail-mail-test/greenmail/pull/683;>greenmail-mail-test/greenmail#683 https://github.com/abdulaziz1928;>@abdulaziz1928 made their first contribution in https://redirect.github.com/greenmail-mail-test/greenmail/pull/724;>greenmail-mail-test/greenmail#724 Full Changelog: https://github.com/greenmail-mail-test/greenmail/compare/release-2.1.0-alpha-4...release-2.1.0-rc-1;>https://github.com/greenmail-mail-test/greenmail/compare/release-2.1.0-alpha-4...release-2.1.0-rc-1 Commits https://github.com/greenmail-mail-test/greenmail/commit/3cf5f30ecb0437ad55d65de2544add0fce73123e;>3cf5f30 [maven-release-plugin] prepare release release-2.1.0-rc-1 https://github.com/greenmail-mail-test/greenmail/commit/e9afb35e1daa6a5417b28d30f765b5ddcce2b0a3;>e9afb35 Updating docs for 2.1.0-rc-1 release https://github.com/greenmail-mail-test/greenmail/commit/5a10c16a6429e682c583fb60958c1caa5859fa22;>5a10c16 Build(deps): Bump org.apache.maven.plugins:maven-shade-plugin https://github.com/greenmail-mail-test/greenmail/commit/652114cd090a59d2ab6800a6ad158e5db45e66e7;>652114c Build(deps): Bump org.apache.maven.plugins:maven-enforcer-plugin https://github.com/greenmail-mail-test/greenmail/commit/3b66d73fdc485772613aa3a1cf2a9a72bf869574;>3b66d73 refactor: use existing method https://github.com/greenmail-mail-test/greenmail/commit/adf5c76a46b705d3d5640edf6dd1205f055a0609;>adf5c76 fix: handle input stream body fetch edge case https://github.com/greenmail-mail-test/greenmail/commit/3a364e9d2ab982d129fe96acad9248f583cad324;>3a364e9 Fixing circleci Maven Wrapper invocation and synchronizing build with GH acti... https://github.com/greenmail-mail-test/greenmail/commit/40927dce0040fdd12b78406524340ce7529e80b3;>40927dc Setup Maven Wrapper (fixes
[PR] Bump org.webjars:swagger-ui from 5.17.11 to 5.17.14 [syncope]
dependabot[bot] opened a new pull request, #733: URL: https://github.com/apache/syncope/pull/733 Bumps [org.webjars:swagger-ui](https://github.com/swagger-api/swagger-ui) from 5.17.11 to 5.17.14. Release notes Sourced from https://github.com/swagger-api/swagger-ui/releases;>org.webjars:swagger-ui's releases. Swagger UI v5.17.14 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.13...v5.17.14;>5.17.14 (2024-05-28) Bug Fixes system: remediate component wrapping functionality (https://redirect.github.com/swagger-api/swagger-ui/issues/9978;>#9978) (https://github.com/swagger-api/swagger-ui/commit/8aa529201395224707ab00bb4b6ce71e41d082a4;>8aa5292), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9919;>#9919 Swagger UI v5.17.13 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.12...v5.17.13;>5.17.13 (2024-05-27) Bug Fixes swagger-ui-react: re-render on spec prop change (https://redirect.github.com/swagger-api/swagger-ui/issues/9966;>#9966) (https://github.com/swagger-api/swagger-ui/commit/df03a8f99c498f5dbb07b6bf5e73b57ab95ea2ef;>df03a8f), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9965;>#9965 Swagger UI v5.17.12 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.10...v5.17.12;>5.17.12 (2024-05-21) Bug Fixes config: define missing default options and their types (https://redirect.github.com/swagger-api/swagger-ui/issues/9949;>#9949) (https://github.com/swagger-api/swagger-ui/commit/04bbeaa68cf53af82ce633f369d6eb579c44d80d;>04bbeaa), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9945;>#9945 release: fix failed v5.17.11 release (https://github.com/swagger-api/swagger-ui/commit/a35a71eb130283e75a29b977eef7eb4a87d779df;>a35a71e) swagger-client: fix OpenAPI 3.1.0 dereferencing (https://redirect.github.com/swagger-api/swagger-ui/issues/9950;>#9950) (https://github.com/swagger-api/swagger-ui/commit/10e1a5f1ea3abeb8c9ce0e0af8c860a86484ef41;>10e1a5f), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9941;>#9941 Commits https://github.com/swagger-api/swagger-ui/commit/74ed0adebfc9c8dd0de2bf8e81495b022a66c083;>74ed0ad chore(release): cut the v5.17.14 release https://github.com/swagger-api/swagger-ui/commit/8aa529201395224707ab00bb4b6ce71e41d082a4;>8aa5292 fix(system): remediate component wrapping functionality (https://redirect.github.com/swagger-api/swagger-ui/issues/9978;>#9978) https://github.com/swagger-api/swagger-ui/commit/c74fb2c69d4d990752c6044b293cd7fdfd3b87ab;>c74fb2c chore(release): cut the v5.17.13 release https://github.com/swagger-api/swagger-ui/commit/31b35fdca461770251de7f2faddf7f2b3201009f;>31b35fd ci(dependabot): use times that don't conflict with releases (https://redirect.github.com/swagger-api/swagger-ui/issues/9975;>#9975) https://github.com/swagger-api/swagger-ui/commit/df03a8f99c498f5dbb07b6bf5e73b57ab95ea2ef;>df03a8f fix(swagger-ui-react): re-render on spec prop change (https://redirect.github.com/swagger-api/swagger-ui/issues/9966;>#9966) https://github.com/swagger-api/swagger-ui/commit/e57d0bed3692256c87470a3bfc82e18c71340c77;>e57d0be chore(deps-dev): bump postcss-preset-env from 9.5.13 to 9.5.14 (https://redirect.github.com/swagger-api/swagger-ui/issues/9962;>#9962) https://github.com/swagger-api/swagger-ui/commit/767e498b83c8bc88782bc7bc18aae8ffb3efcb99;>767e498 chore(deps-dev): bump css-loader from 7.1.1 to 7.1.2 (https://redirect.github.com/swagger-api/swagger-ui/issues/9959;>#9959) https://github.com/swagger-api/swagger-ui/commit/7bf16bede4b31830c76267a1c85876ef73867bab;>7bf16be refactor(config): remove unused config options (https://redirect.github.com/swagger-api/swagger-ui/issues/9958;>#9958) https://github.com/swagger-api/swagger-ui/commit/ee335f238e2e44350c19f5969a9626ec849eeda4;>ee335f2 docs(SECURITY): align supported versions with reality (https://redirect.github.com/swagger-api/swagger-ui/issues/9957;>#9957) https://github.com/swagger-api/swagger-ui/commit/11cf64dc36dfcfdc44f2e00f39ae8e801e2e5a33;>11cf64d --- (https://redirect.github.com/swagger-api/swagger-ui/issues/9956;>#9956) Additional commits viewable in https://github.com/swagger-api/swagger-ui/compare/v5.17.11...v5.17.14;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.webjars:swagger-ui=maven=5.17.11=5.17.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and
[PR] Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 [syncope]
dependabot[bot] opened a new pull request, #732: URL: https://github.com/apache/syncope/pull/732 Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.6.3 to 3.7.0. Commits https://github.com/apache/maven-javadoc-plugin/commit/2c28b8d90ede19c28ae7b94d07ad0fbb6c23b720;>2c28b8d [maven-release-plugin] prepare release maven-javadoc-plugin-3.7.0 https://github.com/apache/maven-javadoc-plugin/commit/5530d6801179f388db07a2f1f42e4dc9d06bf447;>5530d68 [MJAVADOC-793] java.lang.NullPointerException: Cannot invoke String.length()... https://github.com/apache/maven-javadoc-plugin/commit/08cf68e7d3e0a6ac2e1cae4a1336878e4f19dd2b;>08cf68e Revert Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 https://github.com/apache/maven-javadoc-plugin/commit/64468220d5d27d3d219c51baf55cdadfcb4fdd48;>6446822 Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0 https://github.com/apache/maven-javadoc-plugin/commit/49c93adfc132f648dbdc8fe64a7043ec45ba0022;>49c93ad Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 https://github.com/apache/maven-javadoc-plugin/commit/4e720486ab401acfabc616b85a153126960b1370;>4e72048 [MJAVADOC-795] Upgrade to Parent 42 and Maven 3.6.3 https://github.com/apache/maven-javadoc-plugin/commit/b55dd967254813dcb51d19bb3c3667bc951590b4;>b55dd96 Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 https://github.com/apache/maven-javadoc-plugin/commit/77ad41087057ae507d1d0e4c83420537b0db;>77ad410 Bump org.apache.commons:commons-text from 1.11.0 to 1.12.0 https://github.com/apache/maven-javadoc-plugin/commit/c21568ad451a622ed6ecefeb9f77d82a1a84bd2a;>c21568a Bump commons-io:commons-io from 2.16.0 to 2.16.1 https://github.com/apache/maven-javadoc-plugin/commit/ded56a90d22dfb53ec99c03fdaf735fb62e1afd7;>ded56a9 Exclude JDK 8 - temurin, adopt-openj9 on macos Additional commits viewable in https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.6.3...maven-javadoc-plugin-3.7.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-javadoc-plugin=maven=3.6.3=3.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.sonarsource.scanner.maven:sonar-maven-plugin from 3.11.0.3922 to 4.0.0.4121 [syncope]
dependabot[bot] opened a new pull request, #731: URL: https://github.com/apache/syncope/pull/731 Bumps [org.sonarsource.scanner.maven:sonar-maven-plugin](https://github.com/SonarSource/sonar-scanner-maven) from 3.11.0.3922 to 4.0.0.4121. Release notes Sourced from https://github.com/SonarSource/sonar-scanner-maven/releases;>org.sonarsource.scanner.maven:sonar-maven-plugin's releases. 4.0.0.4121 Release notes - Sonar Scanner for Maven - 4.0 Bug https://sonarsource.atlassian.net/browse/SCANMAVEN-183;>SCANMAVEN-183 Maven HTTPS proxies not taken into account https://sonarsource.atlassian.net/browse/SCANMAVEN-217;>SCANMAVEN-217 Broken integration with maven encrypted secret https://sonarsource.atlassian.net/browse/SCANMAVEN-218;>SCANMAVEN-218 The scanner should index pom.xml instead of generated pom Improvement https://sonarsource.atlassian.net/browse/SCANMAVEN-210;>SCANMAVEN-210 Move to Java 11 and drop Java 8 support https://sonarsource.atlassian.net/browse/SCANMAVEN-214;>SCANMAVEN-214 scanAll should be disabled when `sonar.tests` is overridden https://sonarsource.atlassian.net/browse/SCANMAVEN-215;>SCANMAVEN-215 scanAll exludes external report files https://sonarsource.atlassian.net/browse/SCANMAVEN-216;>SCANMAVEN-216 scanAll includes Java and Kotlin files if `sonar.java.binaries` and `sonar.java.libraries` are set https://sonarsource.atlassian.net/browse/SCANMAVEN-219;>SCANMAVEN-219 Support HTTPS Proxy System Properties https://sonarsource.atlassian.net/browse/SCANMAVEN-224;>SCANMAVEN-224 Log a warning message when the version of the scanner is not specified Commits https://github.com/SonarSource/sonar-scanner-maven/commit/5d0c5488247ff95379b90ce56729a3a70e13c8d4;>5d0c548 SCANMAVEN-224 Log a warning message when the version of the scanner is not sp... https://github.com/SonarSource/sonar-scanner-maven/commit/b98e10c02972b04fb3269f068e63dc245e1bc4a3;>b98e10c [NO-JIRA] Upgrade to parent pom 74.0.0.1.1768 (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/227;>#227) https://github.com/SonarSource/sonar-scanner-maven/commit/1b68124be998235546d0035087fd6bacd7f0bf5f;>1b68124 SCANMAVEN-220 Revert Make sonar.maven.scanAll true by default (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/226;>#226) https://github.com/SonarSource/sonar-scanner-maven/commit/f4ad3da24d856136489b3d00ebdee4660b3e396d;>f4ad3da [NO-JIRA] Remove unused import (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/224;>#224) https://github.com/SonarSource/sonar-scanner-maven/commit/e3cc5ec37eabc59dbbafc7beb7e2f26d0a30a039;>e3cc5ec SCANMAVEN-216 scanAll includes Java and Kotlin files if sonar.java.binaries... https://github.com/SonarSource/sonar-scanner-maven/commit/b772d4c7458d708f448ede660162b71f109fab43;>b772d4c SCANMAVEN-217 Fix broken integration with maven encrypted secret (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/221;>#221) https://github.com/SonarSource/sonar-scanner-maven/commit/be505e34cff161843ae74927637d2d171e222a3e;>be505e3 SCANMAVEN-183 The scanner for Maven takes HTTPS proxies into account (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/218;>#218) https://github.com/SonarSource/sonar-scanner-maven/commit/dd5762ef07ee5cdec3198f03c7ea591900acf11f;>dd5762e SCANMAVEN-210: Move to Java 11 (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/220;>#220) https://github.com/SonarSource/sonar-scanner-maven/commit/d2c79c15716449355dee8076596214839cc5ddf9;>d2c79c1 SCANMAVEN-215 scanAll exludes external report files (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/217;>#217) https://github.com/SonarSource/sonar-scanner-maven/commit/990c59de98754be7212d237dc9c4f9fcdfa128f0;>990c59d SCANMAVEN-220: Enable sonar.scanner.scanAll by default (https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/219;>#219) Additional commits viewable in https://github.com/SonarSource/sonar-scanner-maven/compare/3.11.0.3922...4.0.0.4121;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.sonarsource.scanner.maven:sonar-maven-plugin=maven=3.11.0.3922=4.0.0.4121)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits
Re: [PR] Bump org.springframework.cloud:spring-cloud-starter-gateway from 4.1.3 to 4.1.4 [syncope]
dependabot[bot] closed pull request #727: Bump org.springframework.cloud:spring-cloud-starter-gateway from 4.1.3 to 4.1.4 URL: https://github.com/apache/syncope/pull/727 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.springframework.cloud:spring-cloud-starter-gateway from 4.1.3 to 4.1.4 [syncope]
dependabot[bot] commented on PR #727: URL: https://github.com/apache/syncope/pull/727#issuecomment-2141257402 Looks like org.springframework.cloud:spring-cloud-starter-gateway is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.springframework.cloud:spring-cloud-contract-wiremock from 4.1.2 to 4.1.3 [syncope]
dependabot[bot] closed pull request #728: Bump org.springframework.cloud:spring-cloud-contract-wiremock from 4.1.2 to 4.1.3 URL: https://github.com/apache/syncope/pull/728 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 [syncope]
dependabot[bot] closed pull request #730: Bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 URL: https://github.com/apache/syncope/pull/730 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 [syncope]
dependabot[bot] commented on PR #730: URL: https://github.com/apache/syncope/pull/730#issuecomment-2141256402 Looks like com.nimbusds:nimbus-jose-jwt is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 [syncope]
dependabot[bot] closed pull request #729: Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 URL: https://github.com/apache/syncope/pull/729 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 [syncope]
dependabot[bot] commented on PR #729: URL: https://github.com/apache/syncope/pull/729#issuecomment-2141255900 Looks like org.apache.maven.plugins:maven-enforcer-plugin is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.springframework.cloud:spring-cloud-starter-gateway from 4.1.3 to 4.1.4 [syncope]
ilgrosso commented on PR #727: URL: https://github.com/apache/syncope/pull/727#issuecomment-2141255840 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.springframework.cloud:spring-cloud-contract-wiremock from 4.1.2 to 4.1.3 [syncope]
ilgrosso commented on PR #728: URL: https://github.com/apache/syncope/pull/728#issuecomment-2141255720 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 [syncope]
ilgrosso commented on PR #729: URL: https://github.com/apache/syncope/pull/729#issuecomment-2141255521 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.springframework.cloud:spring-cloud-contract-wiremock from 4.1.2 to 4.1.3 [syncope]
dependabot[bot] commented on PR #728: URL: https://github.com/apache/syncope/pull/728#issuecomment-2141256797 Looks like org.springframework.cloud:spring-cloud-contract-wiremock is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 [syncope]
ilgrosso commented on PR #730: URL: https://github.com/apache/syncope/pull/730#issuecomment-2141255582 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 [syncope]
dependabot[bot] opened a new pull request, #730: URL: https://github.com/apache/syncope/pull/730 Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.39.2 to 9.39.3. Changelog Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's changelog. version 1.0 (2012-03-01) First version based on the OpenInfoCard JWT, JWS and JWE code base. version 1.1 (2012-03-06) Introduces type-safe enumeration of the JSON Web Algorithms (JWA). Refactors the JWT class. version 1.2 (2012-03-08) Moves JWS and JWE code into separate classes. version 1.3 (2012-03-09) Switches to Apache Commons Codec for Base64URL encoding and decoding Consolidates the crypto utilities within the package. Introduces a JWT content serialiser class. version 1.4 (2012-03-09) Refactoring of JWT class and JUnit tests. version 1.5 (2012-03-18) Switches to JSON Smart for JSON serialisation and parsing. Introduces claims set class with JSON objects, string, Base64URL and byte array views. version 1.6 (2012-03-20) Creates class for representing, serialising and parsing JSON Web Keys (JWK). Introduces separate class for representing JWT headers. version 1.7 (2012-04-01) Introduces separate classes for plain, JWS and JWE headers. Introduces separate classes for plain, signed and encrypted JWTs. Removes the JWTContent class. Removes password-based (PE820) encryption support. version 1.8 (2012-04-03) Adds support for the ZIP JWE header parameter. Removes unsupported algorithms from the JWA enumeration. version 1.9 (2012-04-03) Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod(). version 1.9.1 (2012-04-03) Upgrades JSON Smart JAR to 1.1.1. version 1.10 (2012-04-14) Introduces serialize() method to base abstract JWT class. version 1.11 (2012-05-13) JWT.serialize() throws checked JWTException instead of ... (truncated) Commits https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2e444edc3ea8fa1b70577be5433af24de1591ea6;>2e444ed [maven-release-plugin] prepare for next development iteration https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/26527774ef13ac4246505c0c05b167f4568dfbdd;>2652777 Bumps GSon to 2.11.0, addressing Number parsing performance issue (https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/546;>#546) https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/7dde63560c2d9efd0f9424d2b5ab8cea77ad8a68;>7dde635 Fixes JSONObjectUtilsTest.testParseFromStringEntity test, ParseException mess... https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6d001d46a3a3095342fa1fc3398c79d5d387b513;>6d001d4 [maven-release-plugin] prepare release 9.39.3 See full diff in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.39.3..9.39.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.39.2=9.39.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency
[PR] Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 [syncope]
dependabot[bot] opened a new pull request, #729: URL: https://github.com/apache/syncope/pull/729 Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.4.1 to 3.5.0. Release notes Sourced from https://github.com/apache/maven-enforcer/releases;>org.apache.maven.plugins:maven-enforcer-plugin's releases. 3.5.0 New features and improvements https://issues.apache.org/jira/browse/MENFORCER-497;>[MENFORCER-497] - Require Maven 3.6.3+ (https://redirect.github.com/apache/maven-enforcer/pull/317;>#317) https://github.com/slawekjaranowski;>@slawekjaranowski https://issues.apache.org/jira/browse/MENFORCER-494;>[MENFORCER-494] - Allow banning dynamic versions in whole tree (https://redirect.github.com/apache/maven-enforcer/pull/294;>#294) https://github.com/JimmyAx;>@JimmyAx https://issues.apache.org/jira/browse/MENFORCER-500;>[MENFORCER-500] - New rule to enforce that Maven coordinates match given (https://redirect.github.com/apache/maven-enforcer/pull/309;>#309) https://github.com/kwin;>@kwin Bug Fixes https://issues.apache.org/jira/browse/MENFORCER-503;>[MENFORCER-503] - Pass context to ProfileActivator - fix NPE in Maven 3.9.7 (https://redirect.github.com/apache/maven-enforcer/pull/315;>#315) https://github.com/slawekjaranowski;>@slawekjaranowski Dependency updates https://issues.apache.org/jira/browse/MENFORCER-501;>[MENFORCER-501] - Bump commons-io:commons-io from 2.16.0 to 2.16.1 (https://redirect.github.com/apache/maven-enforcer/pull/311;>#311) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-501;>[MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (https://redirect.github.com/apache/maven-enforcer/pull/312;>#312) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-504;>[MENFORCER-504] - Bump org.apache.maven:maven-parent from 41 to 42 (https://redirect.github.com/apache/maven-enforcer/pull/314;>#314) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-501;>[MENFORCER-501] - Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (https://redirect.github.com/apache/maven-enforcer/pull/298;>#298) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-501;>[MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (https://redirect.github.com/apache/maven-enforcer/pull/305;>#305) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-501;>[MENFORCER-501] - Bump commons-io:commons-io from 2.13.0 to 2.16.0 (https://redirect.github.com/apache/maven-enforcer/pull/310;>#310) https://github.com/dependabot;>@dependabot Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (https://redirect.github.com/apache/maven-enforcer/pull/307;>#307) https://github.com/dependabot;>@dependabot Bump apache/maven-gh-actions-shared from 3 to 4 (https://redirect.github.com/apache/maven-enforcer/pull/308;>#308) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-498;>[MENFORCER-498] - Update parent pom to 41 (https://redirect.github.com/apache/maven-enforcer/pull/306;>#306) https://github.com/slachiewicz;>@slachiewicz Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (https://redirect.github.com/apache/maven-enforcer/pull/303;>#303) https://github.com/dependabot;>@dependabot Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 (https://redirect.github.com/apache/maven-enforcer/pull/301;>#301) https://github.com/dependabot;>@dependabot Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (https://redirect.github.com/apache/maven-enforcer/pull/295;>#295) https://github.com/dependabot;>@dependabot Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (https://redirect.github.com/apache/maven-enforcer/pull/296;>#296) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MENFORCER-492;>[MENFORCER-492] - Bump plexus-utils from 3.5.1 to 4.0.0 and plexus-xml 3.0.0 (https://redirect.github.com/apache/maven-enforcer/pull/291;>#291) https://github.com/slawekjaranowski;>@slawekjaranowski Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (https://redirect.github.com/apache/maven-enforcer/pull/292;>#292) https://github.com/dependabot;>@dependabot Maintenance https://issues.apache.org/jira/browse/MENFORCER-490;>[MENFORCER-490] - Remove unused dependency (https://redirect.github.com/apache/maven-enforcer/pull/316;>#316) https://github.com/elharo;>@elharo Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in
[PR] Bump org.springframework.cloud:spring-cloud-contract-wiremock from 4.1.2 to 4.1.3 [syncope]
dependabot[bot] opened a new pull request, #728: URL: https://github.com/apache/syncope/pull/728 Bumps [org.springframework.cloud:spring-cloud-contract-wiremock](https://github.com/spring-cloud/spring-cloud-contract) from 4.1.2 to 4.1.3. Release notes Sourced from https://github.com/spring-cloud/spring-cloud-contract/releases;>org.springframework.cloud:spring-cloud-contract-wiremock's releases. 4.1.3 :lady_beetle: Bug Fixes Slf4j metadata are fetched in each maven command https://redirect.github.com/spring-cloud/spring-cloud-contract/issues/2106;>#2106 Commits https://github.com/spring-cloud/spring-cloud-contract/commit/c09bf462643c35d7ebed7006dfd232c4fd825c2f;>c09bf46 Update SNAPSHOT to 4.1.3 https://github.com/spring-cloud/spring-cloud-contract/commit/e15ed33af221955a88b4e7c59643a20c5d7d2324;>e15ed33 Merge branch '4.0.x' https://github.com/spring-cloud/spring-cloud-contract/commit/584a810a3224e76e969097f74d65c5a12e86c8ab;>584a810 Updates Groovy to 4.0.21; fixes https://redirect.github.com/spring-cloud/spring-cloud-contract/issues/2084;>gh-2084 https://github.com/spring-cloud/spring-cloud-contract/commit/220605ccf0779aa766d3bd568f837ee878b38073;>220605c Merge branch '4.0.x' https://github.com/spring-cloud/spring-cloud-contract/commit/b1668322a4f455d827da74759e3ef9bd3c46b871;>b166832 Merge branch '3.1.x' into 4.0.x https://github.com/spring-cloud/spring-cloud-contract/commit/ca39fdb021d5df978dd18caf9143a3c998e1bef4;>ca39fdb Removes any references to repo.spring.io/release https://github.com/spring-cloud/spring-cloud-contract/commit/f8407650ce1c03bb81d4bfbc545d4a1daf31ff46;>f840765 Bump org.apache.camel:camel-core from 3.21.3 to 3.21.4 (https://redirect.github.com/spring-cloud/spring-cloud-contract/issues/2105;>#2105) https://github.com/spring-cloud/spring-cloud-contract/commit/5aecb238ad52290f6fe4ddc681b836dacf0d4f84;>5aecb23 Bumping versions to 4.1.3-SNAPSHOT after release https://github.com/spring-cloud/spring-cloud-contract/commit/9926cb322fc83565aec3db04e728170883eaad78;>9926cb3 Going back to snapshots https://github.com/spring-cloud/spring-cloud-contract/commit/3e0803a493dc02f1b99c5a21995e330be846549e;>3e0803a Bumping versions to 4.0.6-SNAPSHOT after release See full diff in https://github.com/spring-cloud/spring-cloud-contract/compare/v4.1.2...v4.1.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.cloud:spring-cloud-contract-wiremock=maven=4.1.2=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.springframework.cloud:spring-cloud-starter-gateway from 4.1.3 to 4.1.4 [syncope]
dependabot[bot] opened a new pull request, #727: URL: https://github.com/apache/syncope/pull/727 Bumps [org.springframework.cloud:spring-cloud-starter-gateway](https://github.com/spring-cloud/spring-cloud-gateway) from 4.1.3 to 4.1.4. Release notes Sourced from https://github.com/spring-cloud/spring-cloud-gateway/releases;>org.springframework.cloud:spring-cloud-starter-gateway's releases. 4.1.4 :star: New Features Make client response input stream available in request attribute https://redirect.github.com/spring-cloud/spring-cloud-gateway/issues/3405;>#3405 :lady_beetle: Bug Fixes Synchronize routes cache update https://redirect.github.com/spring-cloud/spring-cloud-gateway/pull/3408;>#3408 :heart: Contributors Thank you to all the contributors who worked on this release: https://github.com/abelsromero;>@abelsromero Commits https://github.com/spring-cloud/spring-cloud-gateway/commit/ede1673184170ddda1bf9520ab6fc43e35d81e2e;>ede1673 Update SNAPSHOT to 4.1.4 https://github.com/spring-cloud/spring-cloud-gateway/commit/fbbc8a6107a57b3a554ded22d6618c0331506a05;>fbbc8a6 Synchronize cache update (https://redirect.github.com/spring-cloud/spring-cloud-gateway/issues/3408;>#3408) https://github.com/spring-cloud/spring-cloud-gateway/commit/a54297bd55013dc0055ceaa26290bf32bc217204;>a54297b Puts client response input stream in a request attribute. https://github.com/spring-cloud/spring-cloud-gateway/commit/58c84413f75e01bbef565c4c41b55f633795ad33;>58c8441 Bumping versions https://github.com/spring-cloud/spring-cloud-gateway/commit/dbf4ec936eb76e7b10fba0cceb7507341159aac1;>dbf4ec9 Bumping versions to 4.1.4-SNAPSHOT after release https://github.com/spring-cloud/spring-cloud-gateway/commit/e3d45e3558946f72998397b3d63e01e0cfed5247;>e3d45e3 Going back to snapshots See full diff in https://github.com/spring-cloud/spring-cloud-gateway/compare/v4.1.3...v4.1.4;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.cloud:spring-cloud-starter-gateway=maven=4.1.3=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.1 to 9.39.2 [syncope]
ilgrosso merged PR #726: URL: https://github.com/apache/syncope/pull/726 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39.1 to 9.39.2 [syncope]
dependabot[bot] opened a new pull request, #726: URL: https://github.com/apache/syncope/pull/726 Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.39.1 to 9.39.2. Changelog Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's changelog. version 1.0 (2012-03-01) First version based on the OpenInfoCard JWT, JWS and JWE code base. version 1.1 (2012-03-06) Introduces type-safe enumeration of the JSON Web Algorithms (JWA). Refactors the JWT class. version 1.2 (2012-03-08) Moves JWS and JWE code into separate classes. version 1.3 (2012-03-09) Switches to Apache Commons Codec for Base64URL encoding and decoding Consolidates the crypto utilities within the package. Introduces a JWT content serialiser class. version 1.4 (2012-03-09) Refactoring of JWT class and JUnit tests. version 1.5 (2012-03-18) Switches to JSON Smart for JSON serialisation and parsing. Introduces claims set class with JSON objects, string, Base64URL and byte array views. version 1.6 (2012-03-20) Creates class for representing, serialising and parsing JSON Web Keys (JWK). Introduces separate class for representing JWT headers. version 1.7 (2012-04-01) Introduces separate classes for plain, JWS and JWE headers. Introduces separate classes for plain, signed and encrypted JWTs. Removes the JWTContent class. Removes password-based (PE820) encryption support. version 1.8 (2012-04-03) Adds support for the ZIP JWE header parameter. Removes unsupported algorithms from the JWA enumeration. version 1.9 (2012-04-03) Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod(). version 1.9.1 (2012-04-03) Upgrades JSON Smart JAR to 1.1.1. version 1.10 (2012-04-14) Introduces serialize() method to base abstract JWT class. version 1.11 (2012-05-13) JWT.serialize() throws checked JWTException instead of ... (truncated) Commits https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/16d52cd6ce38d46d8e0a3aef01b04f8008a2e260;>16d52cd [maven-release-plugin] prepare for next development iteration https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/b530053d09c79e1016faaa5f46776b8c1429bca6;>b530053 Fixes NPE in DefaultJWTClaimsVerifier.verify when checking an exact match cla... https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/63be304cb84e16118b3651288bd7e321fd9a64b4;>63be304 Fixes version 9.39.2 date https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/97183e0d584c4c44f2bb350d2daaf204f11e6c28;>97183e0 [maven-release-plugin] prepare release 9.39.2 See full diff in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.39.2..9.39.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.39.1=9.39.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the
Re: [PR] Bump pac4j.version from 6.0.2 to 6.0.3 [syncope]
ilgrosso merged PR #725: URL: https://github.com/apache/syncope/pull/725 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump pac4j.version from 6.0.2 to 6.0.3 [syncope]
dependabot[bot] opened a new pull request, #725: URL: https://github.com/apache/syncope/pull/725 Bumps `pac4j.version` from 6.0.2 to 6.0.3. Updates `org.pac4j:pac4j-saml` from 6.0.2 to 6.0.3 Commits https://github.com/pac4j/pac4j/commit/f11df97bfd4fb558b419edfcba6b12b56363cc76;>f11df97 [maven-release-plugin] prepare release pac4j-parent-6.0.3 https://github.com/pac4j/pac4j/commit/c6e1ad297f91ab62a642b67d724d43fc7f17b59e;>c6e1ad2 update doc https://github.com/pac4j/pac4j/commit/ffeee2a1a4edf29e677266a74bcf3c409ab2e5d7;>ffeee2a De-duplicate user profile attribute values (https://redirect.github.com/pac4j/pac4j/issues/2903;>#2903) https://github.com/pac4j/pac4j/commit/acda0a7caf3ed6a174edae0ca5008fbbfa4ca2f4;>acda0a7 Merge pull request https://redirect.github.com/pac4j/pac4j/issues/2904;>#2904 from pac4j/renovate/spring-boot https://github.com/pac4j/pac4j/commit/088ca29b85938027bb6b56ce2e4e1524da4956b2;>088ca29 fix(deps): update dependency org.springframework.boot:spring-boot-dependencie... https://github.com/pac4j/pac4j/commit/eb705c32f91b25e98d477b7c81877babbd2eebee;>eb705c3 fix test https://github.com/pac4j/pac4j/commit/0dc1be8f9ff4a4e1f18894075f1d33efa756e511;>0dc1be8 Merge pull request https://redirect.github.com/pac4j/pac4j/issues/2902;>#2902 from pac4j/renovate/spring-core https://github.com/pac4j/pac4j/commit/0e3d5f1eb676ebd9f4e7e0e64e2d344ef7ade6a4;>0e3d5f1 fix(deps): update spring core to v6.1.8 https://github.com/pac4j/pac4j/commit/53bb60fc3a35d0519487873b4cb76b847bf95082;>53bb60f Merge pull request https://redirect.github.com/pac4j/pac4j/issues/2901;>#2901 from pac4j/renovate/spring-core https://github.com/pac4j/pac4j/commit/bc0b59de09bb31415abd0151a2353000e66d9aa0;>bc0b59d chore(deps): update dependency org.springframework:spring-test to v5.3.36 Additional commits viewable in https://github.com/pac4j/pac4j/compare/pac4j-parent-6.0.2...pac4j-parent-6.0.3;>compare view Updates `org.pac4j:pac4j-oidc` from 6.0.2 to 6.0.3 Commits https://github.com/pac4j/pac4j/commit/f11df97bfd4fb558b419edfcba6b12b56363cc76;>f11df97 [maven-release-plugin] prepare release pac4j-parent-6.0.3 https://github.com/pac4j/pac4j/commit/c6e1ad297f91ab62a642b67d724d43fc7f17b59e;>c6e1ad2 update doc https://github.com/pac4j/pac4j/commit/ffeee2a1a4edf29e677266a74bcf3c409ab2e5d7;>ffeee2a De-duplicate user profile attribute values (https://redirect.github.com/pac4j/pac4j/issues/2903;>#2903) https://github.com/pac4j/pac4j/commit/acda0a7caf3ed6a174edae0ca5008fbbfa4ca2f4;>acda0a7 Merge pull request https://redirect.github.com/pac4j/pac4j/issues/2904;>#2904 from pac4j/renovate/spring-boot https://github.com/pac4j/pac4j/commit/088ca29b85938027bb6b56ce2e4e1524da4956b2;>088ca29 fix(deps): update dependency org.springframework.boot:spring-boot-dependencie... https://github.com/pac4j/pac4j/commit/eb705c32f91b25e98d477b7c81877babbd2eebee;>eb705c3 fix test https://github.com/pac4j/pac4j/commit/0dc1be8f9ff4a4e1f18894075f1d33efa756e511;>0dc1be8 Merge pull request https://redirect.github.com/pac4j/pac4j/issues/2902;>#2902 from pac4j/renovate/spring-core https://github.com/pac4j/pac4j/commit/0e3d5f1eb676ebd9f4e7e0e64e2d344ef7ade6a4;>0e3d5f1 fix(deps): update spring core to v6.1.8 https://github.com/pac4j/pac4j/commit/53bb60fc3a35d0519487873b4cb76b847bf95082;>53bb60f Merge pull request https://redirect.github.com/pac4j/pac4j/issues/2901;>#2901 from pac4j/renovate/spring-core https://github.com/pac4j/pac4j/commit/bc0b59de09bb31415abd0151a2353000e66d9aa0;>bc0b59d chore(deps): update dependency org.springframework:spring-test to v5.3.36 Additional commits viewable in https://github.com/pac4j/pac4j/compare/pac4j-parent-6.0.2...pac4j-parent-6.0.3;>compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close
Re: [PR] Bump org.webjars:swagger-ui from 5.17.2 to 5.17.11 [syncope]
ilgrosso merged PR #724: URL: https://github.com/apache/syncope/pull/724 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump spring-boot.version from 3.2.6 to 3.3.0 [syncope]
dependabot[bot] closed pull request #723: Bump spring-boot.version from 3.2.6 to 3.3.0 URL: https://github.com/apache/syncope/pull/723 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump spring-boot.version from 3.2.6 to 3.3.0 [syncope]
ilgrosso commented on PR #723: URL: https://github.com/apache/syncope/pull/723#issuecomment-2128439369 @dependabot close -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.webjars:swagger-ui from 5.17.2 to 5.17.11 [syncope]
dependabot[bot] opened a new pull request, #724: URL: https://github.com/apache/syncope/pull/724 Bumps [org.webjars:swagger-ui](https://github.com/swagger-api/swagger-ui) from 5.17.2 to 5.17.11. Release notes Sourced from https://github.com/swagger-api/swagger-ui/releases;>org.webjars:swagger-ui's releases. Swagger UI v5.17.10 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.9...v5.17.10;>5.17.10 (2024-05-15) Bug Fixes components: add support for oneOf/anyOf JSON Schema keywords in parameter-row rendering (https://redirect.github.com/swagger-api/swagger-ui/issues/9934;>#9934) (https://github.com/swagger-api/swagger-ui/commit/9037acf508beacac1efcb4f39403c203097d193e;>9037acf), closes https://redirect.github.com/swagger-api/swagger-ui/issues/7912;>#7912 oas31: fix initial rendering of the Webhooks section (https://redirect.github.com/swagger-api/swagger-ui/issues/9938;>#9938) (https://github.com/swagger-api/swagger-ui/commit/b5c84f44c733d004c0c6098c840a68f284b80dd3;>b5c84f4), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9937;>#9937 Swagger UI v5.17.9 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.8...v5.17.9;>5.17.9 (2024-05-13) Bug Fixes deps: allow to consolidate deps in downstream projects (https://redirect.github.com/swagger-api/swagger-ui/issues/9930;>#9930) (https://github.com/swagger-api/swagger-ui/commit/335372d7a89c3a109469c0abbb977839d341f203;>335372d), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9929;>#9929 Swagger UI v5.17.8 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.7...v5.17.8;>5.17.8 (2024-05-13) Bug Fixes components: fix rendering for empty examples in responses (https://redirect.github.com/swagger-api/swagger-ui/issues/9926;>#9926) (https://github.com/swagger-api/swagger-ui/commit/94f2d8298a60a6cf29c1be84e622f476c9c1df91;>94f2d82), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9499;>#9499 swagger-client: resolve multiple path parameters with the same name in path templates, closes https://redirect.github.com/swagger-api/swagger-ui/issues/9928;>#9928 Swagger UI v5.17.7 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.6...v5.17.7;>5.17.7 (2024-05-09) Bug Fixes components: render parameter extensions in the description column (https://redirect.github.com/swagger-api/swagger-ui/issues/9883;>#9883) (https://github.com/swagger-api/swagger-ui/commit/1367a8fbdfddd697b8c71493bb09c01baf17d5a3;>1367a8f) json-schema-5: allow collapsing for primitive models (https://redirect.github.com/swagger-api/swagger-ui/issues/9639;>#9639) (https://github.com/swagger-api/swagger-ui/commit/450bb99109fe9601ea2d5b4c173e9007afa25ff5;>450bb99), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9595;>#9595 render null values included in enum (https://redirect.github.com/swagger-api/swagger-ui/issues/9683;>#9683) (https://github.com/swagger-api/swagger-ui/commit/0dd9afadd28f3c7bbd5c1b91fd3be6ad9fec7ddc;>0dd9afa) Swagger UI v5.17.6 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.5...v5.17.6;>5.17.6 (2024-05-07) Bug Fixes swagger-ui-react: display definition defined as YAML or JSON string (https://redirect.github.com/swagger-api/swagger-ui/issues/9918;>#9918) (https://github.com/swagger-api/swagger-ui/commit/6ae2c1fb15cf01a0a67a910edaef4002330cca25;>6ae2c1f), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9915;>#9915 system: allow wrapping components both from presets and plugins (https://redirect.github.com/swagger-api/swagger-ui/issues/9919;>#9919) (https://github.com/swagger-api/swagger-ui/commit/877470b522838a8fab894c9aa2123ce050eac9dd;>877470b), closes https://redirect.github.com/swagger-api/swagger-ui/issues/7232;>#7232 Swagger UI v5.17.5 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.4...v5.17.5;>5.17.5 (2024-05-06) Bug Fixes ... (truncated) Commits https://github.com/swagger-api/swagger-ui/commit/f8a74007a08913729e51e422081f7970375ca726;>f8a7400 chore(release): cut the v5.17.11 release https://github.com/swagger-api/swagger-ui/commit/04bbeaa68cf53af82ce633f369d6eb579c44d80d;>04bbeaa fix(config): define missing default options and their types (https://redirect.github.com/swagger-api/swagger-ui/issues/9949;>#9949) https://github.com/swagger-api/swagger-ui/commit/10e1a5f1ea3abeb8c9ce0e0af8c860a86484ef41;>10e1a5f fix(swagger-client): fix OpenAPI 3.1.0 dereferencing (https://redirect.github.com/swagger-api/swagger-ui/issues/9950;>#9950) https://github.com/swagger-api/swagger-ui/commit/fddb2e1b54d6f83520518299cc03f292c41d4009;>fddb2e1 chore(deps-dev): bump sinon from 17.0.2 to 18.0.0 (https://redirect.github.com/swagger-api/swagger-ui/issues/9942;>#9942)
[PR] Bump spring-boot.version from 3.2.6 to 3.3.0 [syncope]
dependabot[bot] opened a new pull request, #723: URL: https://github.com/apache/syncope/pull/723 Bumps `spring-boot.version` from 3.2.6 to 3.3.0. Updates `org.springframework.boot:spring-boot-dependencies` from 3.2.6 to 3.3.0 Release notes Sourced from https://github.com/spring-projects/spring-boot/releases;>org.springframework.boot:spring-boot-dependencies's releases. v3.3.0 :star: New Features Add support for descriptions of record components in configuration metadata generation https://redirect.github.com/spring-projects/spring-boot/pull/29403;>#29403 :lady_beetle: Bug Fixes gradlew bootBuildImage fails with Podman on macOS Sonoma https://redirect.github.com/spring-projects/spring-boot/issues/40871;>#40871 Pulsar auth parameters don't properly encode JSON values https://redirect.github.com/spring-projects/spring-boot/issues/40869;>#40869 When using JPA and ImportTestcontainers, test context may fail to refresh due to Mapped port can only be obtained after the container is started https://redirect.github.com/spring-projects/spring-boot/issues/40863;>#40863 Default MIME mappings are not loaded unless additional mappings are configured https://redirect.github.com/spring-projects/spring-boot/issues/40860;>#40860 Starting from 3.2.x, @SpyBean is not able to initialise MongoRepository bean of the generic type https://redirect.github.com/spring-projects/spring-boot/issues/40855;>#40855 Auto-configuration ordering change breaks DocumentReference (in non-reactive MongoTemplate) when depending on mongodb-driver-reactivestreams https://redirect.github.com/spring-projects/spring-boot/issues/40851;>#40851 Neo4jReactiveDataAutoConfiguration creates incorrectly named bean https://redirect.github.com/spring-projects/spring-boot/pull/40836;>#40836 Image building fails during cleanup when bind mount has read-only content https://redirect.github.com/spring-projects/spring-boot/issues/40799;>#40799 Failure Analysis for InvalidConfigurationPropertyValueException is skipped when the property is not set https://redirect.github.com/spring-projects/spring-boot/issues/40691;>#40691 IllegalArgumentException can be thrown when running an uber jar on a shared drive https://redirect.github.com/spring-projects/spring-boot/issues/40643;>#40643 setReadTimeout can't be set via Reflective factory on JettyClientHttpRequestFactory https://redirect.github.com/spring-projects/spring-boot/issues/40638;>#40638 URISyntaxException is raised if the spring boot application is started in a location that contains invalid URI characters https://redirect.github.com/spring-projects/spring-boot/issues/40616;>#40616 resolveMainClassName fails when building with Gradle using Java 22 https://redirect.github.com/spring-projects/spring-boot/issues/40613;>#40613 AnsiOutput.detectIfAnsiCapable broken on JDK22 https://redirect.github.com/spring-projects/spring-boot/issues/40609;>#40609 Help information for spring init's build option has the wrong default https://redirect.github.com/spring-projects/spring-boot/issues/40606;>#40606 JarUrlConnection.getPermission() can throw NullPointerException if jarFileConnection is null https://redirect.github.com/spring-projects/spring-boot/issues/40599;>#40599 Whitespace is not correctly trimmed when generating configuration properties metadata from records https://redirect.github.com/spring-projects/spring-boot/issues/40593;>#40593 In some situations, the failure when the AOT-generated initializer cannot be loaded is less helpful than before https://redirect.github.com/spring-projects/spring-boot/issues/40584;>#40584 Properties binding eagerly creates superfluous maps https://redirect.github.com/spring-projects/spring-boot/issues/40561;>#40561 Configuring SSL bundle reload for non-file resource types causes errors that are difficult to diagnose https://redirect.github.com/spring-projects/spring-boot/issues/40560;>#40560 spring-boot-dependencies cannot be used with repositories that ban com.oracle.database.jdbc:ojdbc-bom https://redirect.github.com/spring-projects/spring-boot/issues/40535;>#40535 Buildpacks do not support Docker with containerd image store https://redirect.github.com/spring-projects/spring-boot/issues/40526;>#40526 SpringBootMockMvcBuilderCustomizer can crash cryptically while collecting data that it would have discarded anyway https://redirect.github.com/spring-projects/spring-boot/issues/40517;>#40517 Containers not shut down between tests when using .withReuse(true) but env. does not support reuse (e.g. CI builds) https://redirect.github.com/spring-projects/spring-boot/issues/40509;>#40509 CookieSameSiteSupplier influences session cookie https://redirect.github.com/spring-projects/spring-boot/issues/40501;>#40501 springProperty and springProfile do not work in include after Logback upgrade
Re: [PR] Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 [syncope]
ilgrosso merged PR #722: URL: https://github.com/apache/syncope/pull/722 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 [syncope]
dependabot[bot] opened a new pull request, #722: URL: https://github.com/apache/syncope/pull/722 Bumps [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 3.2.0 to 3.3.0. Release notes Sourced from https://github.com/mojohaus/exec-maven-plugin/releases;>org.codehaus.mojo:exec-maven-plugin's releases. 3.3.0 New features and improvements Add option to include runtime and provided (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/61;>#61) https://github.com/rehevkor5;>@rehevkor5 Dependency updates Bump org.codehaus.mojo:mojo-parent from 80 to 82 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/429;>#429) https://github.com/dependabot;>@dependabot Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/424;>#424) https://github.com/dependabot;>@dependabot Bump asm.version from 9.6 to 9.7 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/422;>#422) https://github.com/dependabot;>@dependabot Bump apache/maven-gh-actions-shared from 3 to 4 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/420;>#420) https://github.com/dependabot;>@dependabot Commits https://github.com/mojohaus/exec-maven-plugin/commit/366da2fc02116bb26910563df8b27884863a4b91;>366da2f [maven-release-plugin] prepare release 3.3.0 https://github.com/mojohaus/exec-maven-plugin/commit/416c83a3e02038c0f427f9c3c858d66828009c4b;>416c83a Bump org.codehaus.mojo:mojo-parent from 80 to 82 (https://redirect.github.com/mojohaus/exec-maven-plugin/issues/429;>#429) https://github.com/mojohaus/exec-maven-plugin/commit/8d3327f48ad03bc910bc9ce4d203492c7e2af074;>8d3327f Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 https://github.com/mojohaus/exec-maven-plugin/commit/662ab09f6e7e37e79920d2a9a23af9a67d5823ca;>662ab09 Bump asm.version from 9.6 to 9.7 https://github.com/mojohaus/exec-maven-plugin/commit/ec97f4dd03f0393a20bbc810479cb8518af702e9;>ec97f4d Add provided classpathScope (runtime+provided) https://github.com/mojohaus/exec-maven-plugin/commit/d18ed80b374f121520a0a82c0922b7c0164ab8ab;>d18ed80 Bump apache/maven-gh-actions-shared from 3 to 4 https://github.com/mojohaus/exec-maven-plugin/commit/f19bde12df30d521ec245c8156463ec73066d2c6;>f19bde1 [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/mojohaus/exec-maven-plugin/compare/3.2.0...3.3.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.mojo:exec-maven-plugin=maven=3.2.0=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.codehaus.mojo:build-helper-maven-plugin from 3.5.0 to 3.6.0 [syncope]
ilgrosso merged PR #721: URL: https://github.com/apache/syncope/pull/721 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.codehaus.mojo:build-helper-maven-plugin from 3.5.0 to 3.6.0 [syncope]
dependabot[bot] opened a new pull request, #721: URL: https://github.com/apache/syncope/pull/721 Bumps [org.codehaus.mojo:build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin) from 3.5.0 to 3.6.0. Release notes Sourced from https://github.com/mojohaus/build-helper-maven-plugin/releases;>org.codehaus.mojo:build-helper-maven-plugin's releases. 3.6.0 Changes New features and improvements Deprecate remove-project-artifact goal (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/205;>#205) https://github.com/slawekjaranowski;>@slawekjaranowski Parallel execution of uptodate-properties (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/201;>#201) https://github.com/mkarg;>@mkarg Dependency updates Bump org.codehaus.mojo:mojo-parent from 81 to 82 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/206;>#206) https://github.com/dependabot;>@dependabot Bump org.codehaus.mojo:mojo-parent from 78 to 81 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/204;>#204) https://github.com/dependabot;>@dependabot Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/202;>#202) https://github.com/dependabot;>@dependabot Bump apache/maven-gh-actions-shared from 3 to 4 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/200;>#200) https://github.com/dependabot;>@dependabot Bump release-drafter/release-drafter from 5 to 6 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/195;>#195) https://github.com/dependabot;>@dependabot Bump org.codehaus.mojo:mojo-parent from 77 to 78 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/193;>#193) https://github.com/dependabot;>@dependabot Maintenance Delete link to remove-project-artifact as is deprecated (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/210;>#210) https://github.com/slawekjaranowski;>@slawekjaranowski Cleanups dependencies (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/209;>#209) https://github.com/slawekjaranowski;>@slawekjaranowski Remove public modifiers from JUnit 5 tests (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/208;>#208) https://github.com/slawekjaranowski;>@slawekjaranowski Delete example about remove-project-artifact as is deprecated (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/207;>#207) https://github.com/slawekjaranowski;>@slawekjaranowski Fix goal in usage add-test-resource example (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/199;>#199) https://github.com/mfussenegger;>@mfussenegger Build Use shared action for release drafter (https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/203;>#203) https://github.com/slawekjaranowski;>@slawekjaranowski Commits https://github.com/mojohaus/build-helper-maven-plugin/commit/45494bc6053095b7f42b1fccfb8f230f75d1;>454 [maven-release-plugin] prepare release 3.6.0 https://github.com/mojohaus/build-helper-maven-plugin/commit/05ee2cb17ff155862accaee1fc1b0ea1cae53911;>05ee2cb Delete link to remove-project-artifact as is deprecated https://github.com/mojohaus/build-helper-maven-plugin/commit/a4190d2f634210091031ad27a3a50d626ea37cfa;>a4190d2 Cleanups dependencies https://github.com/mojohaus/build-helper-maven-plugin/commit/b99f6be8c876c012c41d163c832c4b0adfb28356;>b99f6be Remove public modifiers from JUnit 5 tests https://github.com/mojohaus/build-helper-maven-plugin/commit/f21a0272a00f6bb4e6d404817a6c144ac65b2778;>f21a027 Add me as developer https://github.com/mojohaus/build-helper-maven-plugin/commit/211d4b9687c79085c3c036aefc14a8428195eb69;>211d4b9 Delete example about remove-project-artifact as is deprecated https://github.com/mojohaus/build-helper-maven-plugin/commit/27ab33494dffaa5d5f5e9cbbbac4f581e4ed9479;>27ab334 Deprecate remove-project-artifact goal https://github.com/mojohaus/build-helper-maven-plugin/commit/8a4c7c41842082f530775a933ab22088d673fd3c;>8a4c7c4 Bump org.codehaus.mojo:mojo-parent from 81 to 82 https://github.com/mojohaus/build-helper-maven-plugin/commit/57f54801686afb43b3540c597010f0c9857b5901;>57f5480 Bump org.codehaus.mojo:mojo-parent from 78 to 81 (https://redirect.github.com/mojohaus/build-helper-maven-plugin/issues/204;>#204) https://github.com/mojohaus/build-helper-maven-plugin/commit/c09d77946636cf605515c851cd6ede87b94eb81a;>c09d779 Use shared action for release drafter Additional commits viewable in https://github.com/mojohaus/build-helper-maven-plugin/compare/3.5.0...3.6.0;>compare view [![Dependabot compatibility
Re: [PR] Bump org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.4.0 [syncope]
ilgrosso merged PR #720: URL: https://github.com/apache/syncope/pull/720 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apereo.cas:cas-server-support-bom from 7.0.4 to 7.0.4.1 [syncope]
ilgrosso merged PR #719: URL: https://github.com/apache/syncope/pull/719 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.4.0 [syncope]
dependabot[bot] opened a new pull request, #720: URL: https://github.com/apache/syncope/pull/720 Bumps [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) from 3.3.3 to 3.4.0. Changelog Sourced from https://github.com/mariadb-corporation/mariadb-connector-j/blob/master/CHANGELOG.md;>org.mariadb.jdbc:mariadb-java-client's changelog. https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.4.0;>3.4.0 (Apr 2024) https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.3.3...3.4.0;>Full Changelog Notable Changes CONJ-981 Add support for connection redirection CONJ-1087 handle mariadb-11.1+ transaction_isolation CONJ-1100 Be able to filter system tables and views CONJ-1105 TLS certificate validation without needs to provide certificate client side CONJ-1171 timezone support missing feature CONJ-1173 Bulk implementation returning individual results for MariaDB 11.5 CONJ-1154 avoid unnecessary set transaction isolation queries Bugs Fixed CONJ-1103 Connector/J Version 3 Does Not Respect nullCatalogMeansCurrent Property CONJ-1161 Database connection failing on android CONJ-1107 MariaDB Connector 3 no longer supports query timeout with MySQL CONJ-1125 Inconsistency in Handling PreparedStatement.executeQuery() between MariaDB and MySQL Connectors CONJ-1156 getTables should be ordered as expected CONJ-1163 jdbcCompliantTruncation Does Not Appear To Be Working CONJ-1164 Variable initialization ahead of LOAD DATA INFILE not possible by validateLocalFileName pattern CONJ-1168 useBulkStmts compatibility value with pre 3.2 version CONJ-1169 improve Client prepared statement setMaxRows implementation CONJ-1170 OFFSET missing from getSQLKeywords CONJ-1158 DatabaseMetaData#getFunctions's result not property ordered CONJ-1159 DatabaseMetaData#getClientInfoProperties not ordered correctly CONJ-1166 Implement connection properties fallbackToSystemKeyStore and fallbackToSystemTrustStore CONJ-1174 ConnectorJ gives precision of 20 for signed bigint Commits https://github.com/mariadb-corporation/mariadb-connector-j/commit/c19f608838fdcb18fa81cab8a607afdaa5131a58;>c19f608 [misc] code simplification https://github.com/mariadb-corporation/mariadb-connector-j/commit/92d8414dd9e61fd68ee3b9d46c79f0b78a8f2332;>92d8414 Merge branch 'develop' https://github.com/mariadb-corporation/mariadb-connector-j/commit/474e9690f1e9c0b3bd66328c62f4551b9d378e6e;>474e969 bump 3.4.0 https://github.com/mariadb-corporation/mariadb-connector-j/commit/c9786f2c55ccfb8d8d6f80a982369f101420534e;>c9786f2 [CONJ-1173] Bulk implementation returning individual results https://github.com/mariadb-corporation/mariadb-connector-j/commit/da506473bd4dafc45a0cf84b15aa6a2ac5a75b89;>da50647 [misc] metadata ensure correct join in case of using catalog in the future https://github.com/mariadb-corporation/mariadb-connector-j/commit/4a0b526d67a1d851e81299365b45b041b7c71c90;>4a0b526 [CONJ-1171] ensure compatibility with 3.x current behavior https://github.com/mariadb-corporation/mariadb-connector-j/commit/0a7a094ccbd23516a4c8a30455645ce2c387e8bc;>0a7a094 [CONJ-1174] wrong value for ResultSetMetaData.getPrecision() signed numeric https://github.com/mariadb-corporation/mariadb-connector-j/commit/365d6a35e23ac87b9a9f38554ffafd627883bf5e;>365d6a3 [misc] avoid fallthrough warning https://github.com/mariadb-corporation/mariadb-connector-j/commit/e0aff1e14dd76b77ec27ad838bea9718b769e885;>e0aff1e [misc] avoid checking redirection for empty string value https://github.com/mariadb-corporation/mariadb-connector-j/commit/4567d3ba0d49ebb8501c953f753aae06c27d1423;>4567d3b [CONJ-1171] timezone new options Additional commits viewable in https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.3.3...3.4.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.mariadb.jdbc:mariadb-java-client=maven=3.3.3=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -
[PR] Bump org.apereo.cas:cas-server-support-bom from 7.0.4 to 7.0.4.1 [syncope]
dependabot[bot] opened a new pull request, #719: URL: https://github.com/apache/syncope/pull/719 Bumps [org.apereo.cas:cas-server-support-bom](https://github.com/apereo/cas) from 7.0.4 to 7.0.4.1. Commits See full diff in https://github.com/apereo/cas/commits;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apereo.cas:cas-server-support-bom=maven=7.0.4=7.0.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.opensearch.client:opensearch-java from 2.10.2 to 2.10.3 [syncope]
ilgrosso merged PR #718: URL: https://github.com/apache/syncope/pull/718 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.opensearch.client:opensearch-java from 2.10.2 to 2.10.3 [syncope]
dependabot[bot] opened a new pull request, #718: URL: https://github.com/apache/syncope/pull/718 Bumps [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) from 2.10.2 to 2.10.3. Release notes Sourced from https://github.com/opensearch-project/opensearch-java/releases;>org.opensearch.client:opensearch-java's releases. v2.10.3 What's Changed [AUTO] Increment version to 2.10.0. by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/873;>opensearch-project/opensearch-java#873 Backporting missed dependency updates to 2.x by https://github.com/VachaShah;>@VachaShah in https://redirect.github.com/opensearch-project/opensearch-java/pull/878;>opensearch-project/opensearch-java#878 [Backport 2.x] Fix integer overflow for remaining index stats by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/879;>opensearch-project/opensearch-java#879 [Backport 2.x] Support optional function score variant by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/881;>opensearch-project/opensearch-java#881 [Backport 2.x] Fix pattern replace by making flag optional as on api by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/896;>opensearch-project/opensearch-java#896 [Backport] [2.x] Bump org.owasp.dependencycheck from 9.0.9 to 9.0.10 (https://redirect.github.com/opensearch-project/opensearch-java/issues/898;>#898) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/899;>opensearch-project/opensearch-java#899 [Backport] [2.x] Bump io.github.classgraph:classgraph from 4.8.165 to 4.8.168 in /java-client (https://redirect.github.com/opensearch-project/opensearch-java/issues/897;>#897) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/900;>opensearch-project/opensearch-java#900 [Backport 2.x] feat(add-xy_shape): Ability to use xy_shape field type (https://redirect.github.com/opensearch-project/opensearch-java/issues/885;>#885) by https://github.com/kmessaoudi;>@kmessaoudi in https://redirect.github.com/opensearch-project/opensearch-java/pull/901;>opensearch-project/opensearch-java#901 [Backport] [2.x] Bump org.owasp.dependencycheck from 9.0.10 to 9.1.0 in /java-client (https://redirect.github.com/opensearch-project/opensearch-java/issues/906;>#906) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/908;>opensearch-project/opensearch-java#908 [Backport] [2.x] Bumps jackson from 2.15.2 to 2.17.0 (https://redirect.github.com/opensearch-project/opensearch-java/issues/909;>#909) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/911;>opensearch-project/opensearch-java#911 [Backport 2.x] Update to Gradle 8.7 by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/913;>opensearch-project/opensearch-java#913 [Backport] [2.x] Add missed fields to MultisearchBody: seqNoPrimaryTerm, storedFields, explain, fields, indicesBoost (https://redirect.github.com/opensearch-project/opensearch-java/issues/914;>#914) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/915;>opensearch-project/opensearch-java#915 [Backport 2.x] Add missed fields to MultisearchBody: collapse, version, timeout by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/917;>opensearch-project/opensearch-java#917 [Backport] [2.x] Add missed fields to MultisearchBody: ext, rescore and to SearchRequest: ext (https://redirect.github.com/opensearch-project/opensearch-java/issues/918;>#918) by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/919;>opensearch-project/opensearch-java#919 [Backport 2.x] Client with Java 8 runtime and Apache HttpClient 5 Transport fails with java.lang.NoSuchMethodError: java.nio.ByteBuffer.flip()Ljava/nio/ByteBuffer by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/921;>opensearch-project/opensearch-java#921 [Backport] [2.x] [FEATURE] Enable Generic HTTP Actions in Java Client (https://redirect.github.com/opensearch-project/opensearch-java/issues/910;>#910) by https://github.com/reta;>@reta in
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39 to 9.39.1 [syncope]
ilgrosso merged PR #717: URL: https://github.com/apache/syncope/pull/717 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.nimbusds:nimbus-jose-jwt from 9.39 to 9.39.1 [syncope]
dependabot[bot] opened a new pull request, #717: URL: https://github.com/apache/syncope/pull/717 Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.39 to 9.39.1. Changelog Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's changelog. version 1.0 (2012-03-01) First version based on the OpenInfoCard JWT, JWS and JWE code base. version 1.1 (2012-03-06) Introduces type-safe enumeration of the JSON Web Algorithms (JWA). Refactors the JWT class. version 1.2 (2012-03-08) Moves JWS and JWE code into separate classes. version 1.3 (2012-03-09) Switches to Apache Commons Codec for Base64URL encoding and decoding Consolidates the crypto utilities within the package. Introduces a JWT content serialiser class. version 1.4 (2012-03-09) Refactoring of JWT class and JUnit tests. version 1.5 (2012-03-18) Switches to JSON Smart for JSON serialisation and parsing. Introduces claims set class with JSON objects, string, Base64URL and byte array views. version 1.6 (2012-03-20) Creates class for representing, serialising and parsing JSON Web Keys (JWK). Introduces separate class for representing JWT headers. version 1.7 (2012-04-01) Introduces separate classes for plain, JWS and JWE headers. Introduces separate classes for plain, signed and encrypted JWTs. Removes the JWTContent class. Removes password-based (PE820) encryption support. version 1.8 (2012-04-03) Adds support for the ZIP JWE header parameter. Removes unsupported algorithms from the JWA enumeration. version 1.9 (2012-04-03) Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod(). version 1.9.1 (2012-04-03) Upgrades JSON Smart JAR to 1.1.1. version 1.10 (2012-04-14) Introduces serialize() method to base abstract JWT class. version 1.11 (2012-05-13) JWT.serialize() throws checked JWTException instead of ... (truncated) Commits https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/4c7bcad8adc409f3cd22c9cf241d1303ca1def6b;>4c7bcad [maven-release-plugin] prepare for next development iteration https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f677a3e45b5b13ff86fdb8a5d061a0de875d7355;>f677a3e Adds a multi-release declaration to pom.xml (iss https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/548;>#548) https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6fe413fd75cddd8847f1b1c1c03ab04405004ebb;>6fe413f Updates JavaDoc overview.html https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/084cd9fae643acda8019cd302da84f3f906f4871;>084cd9f Sets the Java source to 7 in the maven-javadoc-plugin configuration https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/9d4325f065d76021b9bd2de448c9f76474f63fde;>9d4325f [maven-release-plugin] prepare release 9.39.1 See full diff in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.39.1..9.39;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.39=9.39.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot
Re: [PR] [SYNCOPE-1815] Further Macro improvements [syncope]
ilgrosso merged PR #713: URL: https://github.com/apache/syncope/pull/713 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.opensearch.client:opensearch-rest-client from 2.13.0 to 2.14.0 [syncope]
ilgrosso merged PR #716: URL: https://github.com/apache/syncope/pull/716 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.opensearch.client:opensearch-rest-client from 2.13.0 to 2.14.0 [syncope]
dependabot[bot] opened a new pull request, #716: URL: https://github.com/apache/syncope/pull/716 Bumps [org.opensearch.client:opensearch-rest-client](https://github.com/opensearch-project/OpenSearch) from 2.13.0 to 2.14.0. Release notes Sourced from https://github.com/opensearch-project/OpenSearch/releases;>org.opensearch.client:opensearch-rest-client's releases. 2.14.0 2024-05-07 Version 2.14.0 Release Notes [2.14.0] Added Add explicit dependency to validatePom and generatePom tasks (https://redirect.github.com/opensearch-project/OpenSearch/pull/12909;>#12909) Constant Keyword Field (https://redirect.github.com/opensearch-project/OpenSearch/pull/12285;>#12285) [Concurrent Segment Search] Perform buildAggregation concurrently and support Composite Aggregations (https://redirect.github.com/opensearch-project/OpenSearch/pull/12697;>#12697) Convert ingest processor supports ip type (https://redirect.github.com/opensearch-project/OpenSearch/pull/12818;>#12818) Allow setting KEYSTORE_PASSWORD through env variable (https://redirect.github.com/opensearch-project/OpenSearch/pull/12865;>#12865) Add a counter to node stat (and _cat/shards) api to track shard going from idle to non-idle (https://redirect.github.com/opensearch-project/OpenSearch/pull/12768;>#12768) [Concurrent Segment Search] Disable concurrent segment search for system indices and throttled requests (https://redirect.github.com/opensearch-project/OpenSearch/pull/12954;>#12954) Rename ingest processor supports overriding target field if exists (https://redirect.github.com/opensearch-project/OpenSearch/pull/12990;>#12990) [Tiered Caching] Make took time caching policy setting dynamic (https://redirect.github.com/opensearch-project/OpenSearch/pull/13063;>#13063) Detect breaking changes on pull requests (https://redirect.github.com/opensearch-project/OpenSearch/pull/9044;>#9044) Add cluster primary balance contraint for rebalancing with buffer (https://redirect.github.com/opensearch-project/OpenSearch/pull/12656;>#12656) [Remote Store] Make translog transfer timeout configurable (https://redirect.github.com/opensearch-project/OpenSearch/pull/12704;>#12704) Derived fields support to derive field values at query time without indexing (https://redirect.github.com/opensearch-project/OpenSearch/pull/12569;>#12569) Add support for more than one protocol for transport (https://redirect.github.com/opensearch-project/OpenSearch/pull/12967;>#12967) [Tiered Caching] Add dimension-based stats to ICache implementations. (https://redirect.github.com/opensearch-project/OpenSearch/pull/12531;>#12531) Add changes for overriding remote store and replication settings during snapshot restore. (https://redirect.github.com/opensearch-project/OpenSearch/pull/11868;>#11868) Reject Resize index requests (i.e, split, shrink and clone), While DocRep to SegRep migration is in progress.(https://redirect.github.com/opensearch-project/OpenSearch/pull/12686;>#12686) Add an individual setting of rate limiter for segment replication (https://redirect.github.com/opensearch-project/OpenSearch/pull/12959;>#12959) [Tiered Caching] Add dimension-based stats to TieredSpilloverCache (https://redirect.github.com/opensearch-project/OpenSearch/pull/13236;>#13236) [Tiered Caching] Expose new cache stats API (https://redirect.github.com/opensearch-project/OpenSearch/pull/13237;>#13237) [Streaming Indexing] Ensure support of the new transport by security plugin (https://redirect.github.com/opensearch-project/OpenSearch/pull/13174;>#13174) Add cluster setting to dynamically configure the buckets for filter rewrite optimization. (https://redirect.github.com/opensearch-project/OpenSearch/pull/13179;>#13179) [Tiered caching] Make Indices Request Cache Stale Key Mgmt Threshold setting dynamic (https://redirect.github.com/opensearch-project/OpenSearch/pull/12941;>#12941) Make search query counters dynamic to support all query types (https://redirect.github.com/opensearch-project/OpenSearch/pull/12601;>#12601) [Tiered Caching] Gate new stats logic behind FeatureFlags.PLUGGABLE_CACHE (https://redirect.github.com/opensearch-project/OpenSearch/pull/13238;>#13238) [Tiered Caching] Add a dynamic setting to disable/enable disk cache. (https://redirect.github.com/opensearch-project/OpenSearch/pull/13373;>#13373) Batch mode for async fetching shard information in GatewayAllocator for unassigned shards (https://redirect.github.com/opensearch-project/OpenSearch/pull/8746;>#8746) [Remote Store] Add settings for remote path type and hash algorithm (https://redirect.github.com/opensearch-project/OpenSearch/pull/13225;>#13225) [Remote Store] Upload remote paths during remote enabled index creation (https://redirect.github.com/opensearch-project/OpenSearch/pull/13386;>#13386) [Search Pipeline] Handle default pipeline for multiple indices
Re: [PR] Bump org.apache.maven.extensions:maven-build-cache-extension from 1.1.0 to 1.2.0 [syncope]
ilgrosso merged PR #715: URL: https://github.com/apache/syncope/pull/715 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.maven.extensions:maven-build-cache-extension from 1.1.0 to 1.2.0 [syncope]
dependabot[bot] opened a new pull request, #715: URL: https://github.com/apache/syncope/pull/715 Bumps [org.apache.maven.extensions:maven-build-cache-extension](https://github.com/apache/maven-build-cache-extension) from 1.1.0 to 1.2.0. Release notes Sourced from https://github.com/apache/maven-build-cache-extension/releases;>org.apache.maven.extensions:maven-build-cache-extension's releases. 1.2.0 New features and improvements https://issues.apache.org/jira/browse/MBUILDCACHE-90;>[MBUILDCACHE-90] - A mandatory clean option to enable the caching functionnality (https://redirect.github.com/apache/maven-build-cache-extension/pull/103;>#103) https://github.com/kbuntrock;>@kbuntrock https://issues.apache.org/jira/browse/MBUILDCACHE-93;>[MBUILDCACHE-93] - Command line configuration to skip saving in cache (https://redirect.github.com/apache/maven-build-cache-extension/pull/148;>#148) https://github.com/kbuntrock;>@kbuntrock https://issues.apache.org/jira/browse/MBUILDCACHE-71;>[MBUILDCACHE-71] - Store the build info after storing the artifacts. (https://redirect.github.com/apache/maven-build-cache-extension/pull/138;>#138) https://github.com/amirhadadi;>@amirhadadi Bug Fixes https://issues.apache.org/jira/browse/MBUILDCACHE-86;>[MBUILDCACHE-86] - bugfix / enhancements restoration of outputs on disk (https://redirect.github.com/apache/maven-build-cache-extension/pull/104;>#104) https://github.com/kbuntrock;>@kbuntrock https://issues.apache.org/jira/browse/MBUILDCACHE-80;>[MBUILDCACHE-80] - Fix for incremental builds with a higher goal than the highest cached goal is rebuilding the full project from scratch (https://redirect.github.com/apache/maven-build-cache-extension/pull/128;>#128) https://github.com/igdianov;>@igdianov https://issues.apache.org/jira/browse/MBUILDCACHE-81;>[MBUILDCACHE-81] - Add an option to include project version as part of the cache hash key (https://redirect.github.com/apache/maven-build-cache-extension/pull/129;>#129) https://github.com/igdianov;>@igdianov https://issues.apache.org/jira/browse/MBUILDCACHE-76;>[MBUILDCACHE-76] - add project version as part of hash key (https://redirect.github.com/apache/maven-build-cache-extension/pull/117;>#117) https://github.com/olamy;>@olamy Dependency updates Bump org.testcontainers:testcontainers-bom from 1.19.7 to 1.19.8 (https://redirect.github.com/apache/maven-build-cache-extension/pull/153;>#153) https://github.com/dependabot;>@dependabot Bump org.apache.maven.resolver:maven-resolver-transport-http from 1.9.19 to 1.9.20 (https://redirect.github.com/apache/maven-build-cache-extension/pull/149;>#149) https://github.com/dependabot;>@dependabot Bump org.apache.maven.resolver:maven-resolver-transport-http from 1.9.18 to 1.9.19 (https://redirect.github.com/apache/maven-build-cache-extension/pull/145;>#145) https://github.com/dependabot;>@dependabot Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.0 to 3.6.1 (https://redirect.github.com/apache/maven-build-cache-extension/pull/140;>#140) https://github.com/dependabot;>@dependabot Bump commons-io:commons-io from 2.16.0 to 2.16.1 (https://redirect.github.com/apache/maven-build-cache-extension/pull/142;>#142) https://github.com/dependabot;>@dependabot Bump commons-io:commons-io from 2.15.1 to 2.16.0 (https://redirect.github.com/apache/maven-build-cache-extension/pull/139;>#139) https://github.com/dependabot;>@dependabot Bump org.assertj:assertj-core from 3.25.2 to 3.25.3 (https://redirect.github.com/apache/maven-build-cache-extension/pull/131;>#131) https://github.com/dependabot;>@dependabot Bump org.testcontainers:testcontainers-bom from 1.19.5 to 1.19.7 (https://redirect.github.com/apache/maven-build-cache-extension/pull/136;>#136) https://github.com/dependabot;>@dependabot Bump com.github.tomakehurst:wiremock-jre8 from 2.35.1 to 2.35.2 (https://redirect.github.com/apache/maven-build-cache-extension/pull/133;>#133) https://github.com/dependabot;>@dependabot Bump apache/maven-gh-actions-shared from 3 to 4 (https://redirect.github.com/apache/maven-build-cache-extension/pull/135;>#135) https://github.com/dependabot;>@dependabot Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (https://redirect.github.com/apache/maven-build-cache-extension/pull/130;>#130) https://github.com/dependabot;>@dependabot Bump org.testcontainers:testcontainers-bom from 1.19.4 to 1.19.5 (https://redirect.github.com/apache/maven-build-cache-extension/pull/132;>#132) https://github.com/dependabot;>@dependabot Bump org.testcontainers:testcontainers-bom from 1.19.3 to 1.19.4 (https://redirect.github.com/apache/maven-build-cache-extension/pull/127;>#127) https://github.com/dependabot;>@dependabot Bump org.assertj:assertj-core from 3.25.1 to 3.25.2 (https://redirect.github.com/apache/maven-build-cache-extension/pull/126;>#126)
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.38 to 9.39 [syncope]
ilgrosso merged PR #714: URL: https://github.com/apache/syncope/pull/714 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.nimbusds:nimbus-jose-jwt from 9.38 to 9.39 [syncope]
dependabot[bot] opened a new pull request, #714: URL: https://github.com/apache/syncope/pull/714 Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.38 to 9.39. Changelog Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's changelog. version 1.0 (2012-03-01) First version based on the OpenInfoCard JWT, JWS and JWE code base. version 1.1 (2012-03-06) Introduces type-safe enumeration of the JSON Web Algorithms (JWA). Refactors the JWT class. version 1.2 (2012-03-08) Moves JWS and JWE code into separate classes. version 1.3 (2012-03-09) Switches to Apache Commons Codec for Base64URL encoding and decoding Consolidates the crypto utilities within the package. Introduces a JWT content serialiser class. version 1.4 (2012-03-09) Refactoring of JWT class and JUnit tests. version 1.5 (2012-03-18) Switches to JSON Smart for JSON serialisation and parsing. Introduces claims set class with JSON objects, string, Base64URL and byte array views. version 1.6 (2012-03-20) Creates class for representing, serialising and parsing JSON Web Keys (JWK). Introduces separate class for representing JWT headers. version 1.7 (2012-04-01) Introduces separate classes for plain, JWS and JWE headers. Introduces separate classes for plain, signed and encrypted JWTs. Removes the JWTContent class. Removes password-based (PE820) encryption support. version 1.8 (2012-04-03) Adds support for the ZIP JWE header parameter. Removes unsupported algorithms from the JWA enumeration. version 1.9 (2012-04-03) Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod(). version 1.9.1 (2012-04-03) Upgrades JSON Smart JAR to 1.1.1. version 1.10 (2012-04-14) Introduces serialize() method to base abstract JWT class. version 1.11 (2012-05-13) JWT.serialize() throws checked JWTException instead of ... (truncated) Commits https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/4409b5fb7a6761bf9937678c8cfc01efaf3aabb6;>4409b5f [maven-release-plugin] prepare for next development iteration https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6820c9d38a5bd05f51fedae44d9288a44048c670;>6820c9d Merged connect2id/nimbus-jose-jwt into master https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f14e944682ed0959eebfb233b2cab2d077f57f55;>f14e944 Bumped Maven plugins https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/bd59d30bfc33c6eb8ec9514f67a4261d95c894c4;>bd59d30 Adds JSONObjectUtils.getEpochSecondAsDate, JWTClaimsSet.parse must handle nul... https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/5f5061d77930a75c072c4bd5f955fde7d5708624;>5f5061d Merged in ctasada/bump-maven-plugins (pull request https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/118;>#118) https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/442debda2f0484ac7226a64c70a8fc2748d92d53;>442debd Merge branch 'master' of ssh://bitbucket.org/connect2id/nimbus-jose-jwt https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2762cc89e40a63117acc9172c8dc7d352f3eb475;>2762cc8 JSONObjectUtils should use member name to comply with RFC 8259, shortens ex... https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/29814fde557b886e5a5e56159e083e90a5b5bcf6;>29814fd [maven-release-plugin] prepare release 9.39 See full diff in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.39..9.38;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.38=9.39)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve
Re: [PR] [SYNCOPE-1815] Further Macro improvements [syncope]
github-advanced-security[bot] commented on code in PR #713: URL: https://github.com/apache/syncope/pull/713#discussion_r1596856197 ## core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/macro/MacroActions.java: ## @@ -28,14 +29,18 @@ */ public interface MacroActions { -default void validate(SyncopeForm macroTaskForm) throws ValidationException { -// does nothing by default +default Optional getDefaultValue(String formProperty) { +return Optional.empty(); } default Map getDropdownValues(String formProperty) { return Map.of(); } +default void validate(SyncopeForm form, Map vars) throws ValidationException { Review Comment: ## Useless parameter The parameter 'vars' is never used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1597) ## core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/macro/MacroActions.java: ## @@ -28,14 +29,18 @@ */ public interface MacroActions { -default void validate(SyncopeForm macroTaskForm) throws ValidationException { -// does nothing by default +default Optional getDefaultValue(String formProperty) { +return Optional.empty(); } default Map getDropdownValues(String formProperty) { return Map.of(); } +default void validate(SyncopeForm form, Map vars) throws ValidationException { Review Comment: ## Useless parameter The parameter 'form' is never used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1596) ## core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/macro/MacroActions.java: ## @@ -28,14 +29,18 @@ */ public interface MacroActions { -default void validate(SyncopeForm macroTaskForm) throws ValidationException { -// does nothing by default +default Optional getDefaultValue(String formProperty) { Review Comment: ## Useless parameter The parameter 'formProperty' is never used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1599) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump co.elastic.clients:elasticsearch-java from 8.13.3 to 8.13.4 [syncope]
ilgrosso merged PR #712: URL: https://github.com/apache/syncope/pull/712 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump co.elastic.clients:elasticsearch-java from 8.13.3 to 8.13.4 [syncope]
dependabot[bot] opened a new pull request, #712: URL: https://github.com/apache/syncope/pull/712 Bumps [co.elastic.clients:elasticsearch-java](https://github.com/elastic/elasticsearch-java) from 8.13.3 to 8.13.4. Commits See full diff in https://github.com/elastic/elasticsearch-java/commits;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=co.elastic.clients:elasticsearch-java=maven=8.13.3=8.13.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 [syncope]
dependabot[bot] closed pull request #710: Bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 URL: https://github.com/apache/syncope/pull/710 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 [syncope]
dependabot[bot] commented on PR #710: URL: https://github.com/apache/syncope/pull/710#issuecomment-2102011853 Looks like com.nimbusds:nimbus-jose-jwt is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.opensearch.client:opensearch-java from 2.10.1 to 2.10.2 [syncope]
dependabot[bot] closed pull request #711: Bump org.opensearch.client:opensearch-java from 2.10.1 to 2.10.2 URL: https://github.com/apache/syncope/pull/711 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.opensearch.client:opensearch-java from 2.10.1 to 2.10.2 [syncope]
dependabot[bot] commented on PR #711: URL: https://github.com/apache/syncope/pull/711#issuecomment-2102011484 Looks like org.opensearch.client:opensearch-java is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 [syncope]
ilgrosso commented on PR #710: URL: https://github.com/apache/syncope/pull/710#issuecomment-2102011059 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.opensearch.client:opensearch-java from 2.10.1 to 2.10.2 [syncope]
ilgrosso commented on PR #711: URL: https://github.com/apache/syncope/pull/711#issuecomment-2102010938 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.opensearch.client:opensearch-java from 2.10.1 to 2.10.2 [syncope]
dependabot[bot] opened a new pull request, #711: URL: https://github.com/apache/syncope/pull/711 Bumps [org.opensearch.client:opensearch-java](https://github.com/opensearch-project/opensearch-java) from 2.10.1 to 2.10.2. Release notes Sourced from https://github.com/opensearch-project/opensearch-java/releases;>org.opensearch.client:opensearch-java's releases. v2.10.2 What's Changed Add 2.10.1 release by https://github.com/reta;>@reta in https://redirect.github.com/opensearch-project/opensearch-java/pull/952;>opensearch-project/opensearch-java#952 [Backport 2.x] Lock MacOS version to 13. (https://redirect.github.com/opensearch-project/opensearch-java/issues/961;>#961) by https://github.com/dblock;>@dblock in https://redirect.github.com/opensearch-project/opensearch-java/pull/962;>opensearch-project/opensearch-java#962 [Backport 2.x] Added OpenSearch 2.12 and 2.13 to integration tests. by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/964;>opensearch-project/opensearch-java#964 [Backport 2.x] Fix integer overflow for remaining index stats (https://redirect.github.com/opensearch-project/opensearch-java/issues/960;>#960) by https://github.com/dblock;>@dblock in https://redirect.github.com/opensearch-project/opensearch-java/pull/965;>opensearch-project/opensearch-java#965 [Backport 2.x] Fix integrationTest builds for JDK-11 sourcesets by https://github.com/opensearch-trigger-bot;>@opensearch-trigger-bot in https://redirect.github.com/opensearch-project/opensearch-java/pull/971;>opensearch-project/opensearch-java#971 [Backport 2.x] Fixing composite aggregations with correct parameters by https://github.com/VachaShah;>@VachaShah in https://redirect.github.com/opensearch-project/opensearch-java/pull/974;>opensearch-project/opensearch-java#974 Updating version to 2.10.2 and changelog by https://github.com/VachaShah;>@VachaShah in https://redirect.github.com/opensearch-project/opensearch-java/pull/975;>opensearch-project/opensearch-java#975 Full Changelog: https://github.com/opensearch-project/opensearch-java/compare/v2.10.1...v2.10.2;>https://github.com/opensearch-project/opensearch-java/compare/v2.10.1...v2.10.2 Changelog Sourced from https://github.com/opensearch-project/opensearch-java/blob/v2.10.2/CHANGELOG.md;>org.opensearch.client:opensearch-java's changelog. [2.10.2] - 05/07/2024 Added Dependencies Changed Deprecated Removed Fixed Fix integer overflow for variables in indices stats response (https://redirect.github.com/opensearch-project/opensearch-java/pull/960;>#960) Fix composite aggregations for search requests (https://redirect.github.com/opensearch-project/opensearch-java/pull/967;>#967) Security Commits https://github.com/opensearch-project/opensearch-java/commit/fb27ae679c7b39926df45fbc23e9957a1319c702;>fb27ae6 Updating version to 2.10.2 and changelog (https://redirect.github.com/opensearch-project/opensearch-java/issues/975;>#975) https://github.com/opensearch-project/opensearch-java/commit/fb7bfddc5ae3d7b4d520a631da39297081dc6ec3;>fb7bfdd [Backport 2.x] Fixing composite aggregations with correct parameters (https://redirect.github.com/opensearch-project/opensearch-java/issues/974;>#974) https://github.com/opensearch-project/opensearch-java/commit/a64b258ad7a8436c58897e3d5c0cc55d419a3e39;>a64b258 Fix integrationTest builds for JDK-11 sourcesets (https://redirect.github.com/opensearch-project/opensearch-java/issues/968;>#968) (https://redirect.github.com/opensearch-project/opensearch-java/issues/971;>#971) https://github.com/opensearch-project/opensearch-java/commit/ab69f347e95c995b8f93a595634a389f805a1b13;>ab69f34 Fix integer overflow for remaining index stats (https://redirect.github.com/opensearch-project/opensearch-java/issues/960;>#960) (https://redirect.github.com/opensearch-project/opensearch-java/issues/965;>#965) https://github.com/opensearch-project/opensearch-java/commit/1ef976e1ccfa51bbaf2c1b47bcc7130b0c63f592;>1ef976e Added OpenSearch 2.12 and 2.13 to integration tests. (https://redirect.github.com/opensearch-project/opensearch-java/issues/963;>#963) (https://redirect.github.com/opensearch-project/opensearch-java/issues/964;>#964) https://github.com/opensearch-project/opensearch-java/commit/56c03f4c17a9c8cffeb2ae11a541452d7c9c40df;>56c03f4 Lock MacOS version to 13. (https://redirect.github.com/opensearch-project/opensearch-java/issues/961;>#961) (https://redirect.github.com/opensearch-project/opensearch-java/issues/962;>#962) https://github.com/opensearch-project/opensearch-java/commit/85890204c30f10159ccb428a09b8ef9f5c4712f2;>8589020 Add 2.10.1 release (https://redirect.github.com/opensearch-project/opensearch-java/issues/952;>#952) See full diff in
[PR] Bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 [syncope]
dependabot[bot] opened a new pull request, #710: URL: https://github.com/apache/syncope/pull/710 Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.37.3 to 9.38. Changelog Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's changelog. version 1.0 (2012-03-01) First version based on the OpenInfoCard JWT, JWS and JWE code base. version 1.1 (2012-03-06) Introduces type-safe enumeration of the JSON Web Algorithms (JWA). Refactors the JWT class. version 1.2 (2012-03-08) Moves JWS and JWE code into separate classes. version 1.3 (2012-03-09) Switches to Apache Commons Codec for Base64URL encoding and decoding Consolidates the crypto utilities within the package. Introduces a JWT content serialiser class. version 1.4 (2012-03-09) Refactoring of JWT class and JUnit tests. version 1.5 (2012-03-18) Switches to JSON Smart for JSON serialisation and parsing. Introduces claims set class with JSON objects, string, Base64URL and byte array views. version 1.6 (2012-03-20) Creates class for representing, serialising and parsing JSON Web Keys (JWK). Introduces separate class for representing JWT headers. version 1.7 (2012-04-01) Introduces separate classes for plain, JWS and JWE headers. Introduces separate classes for plain, signed and encrypted JWTs. Removes the JWTContent class. Removes password-based (PE820) encryption support. version 1.8 (2012-04-03) Adds support for the ZIP JWE header parameter. Removes unsupported algorithms from the JWA enumeration. version 1.9 (2012-04-03) Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod(). version 1.9.1 (2012-04-03) Upgrades JSON Smart JAR to 1.1.1. version 1.10 (2012-04-14) Introduces serialize() method to base abstract JWT class. version 1.11 (2012-05-13) JWT.serialize() throws checked JWTException instead of ... (truncated) Commits https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/44c6febb8442aa133129a07abcbe4646c416fa97;>44c6feb Expand JSONObjectUtils tests https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/bae2bca9813da499429ababc45e68a73a283477a;>bae2bca Adds requires jdk.crypto.ec to module-info.java https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f423b5afdb390a91460547a3a72801ce071b08ba;>f423b5a Bumps deps https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/266a276627222fd7eabc122041714976514ab7bc;>266a276 Adds requires jdk.crypto.cryptoki to module-info.java https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6da0980a073289b6b9801f2fb43a9690b11cb67d;>6da0980 bitbucket-pipelines.yml must use default mvn profile https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/5edac53b30e38cd5698acf71b8641f0264ebaad5;>5edac53 JavaDoc fixes https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f3df0831a9fc153e4026e1439563228a4772f950;>f3df083 Removes redundant mvn -B package from bitbucket-pipelines.yml https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6c92d0025d84b8cd24acfb3a77dd0f3f7e313a96;>6c92d00 Disables jdk.crypto.* modules to test pipeline https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/861a92137bd0c59483f79872a737a35de207593c;>861a921 Reinstates jdk.crypto.* modules https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/d0853dc5e44b0f82e45053be496187a096fabc4d;>d0853dc Adds KeyRevocation tests Additional commits viewable in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.38..9.37.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.37.3=9.38)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed -
Re: [PR] [SYNCOPE-1815] Macro improvements (#696) [syncope]
ilgrosso merged PR #709: URL: https://github.com/apache/syncope/pull/709 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SYNCOPE-1815] Macro improvements (#696) [syncope]
github-advanced-security[bot] commented on code in PR #709: URL: https://github.com/apache/syncope/pull/709#discussion_r1593986988 ## client/idrepo/console/src/main/java/org/apache/syncope/client/console/audit/AuditHistoryDetails.java: ## @@ -323,30 +324,36 @@ return output; } -protected Model toJSON(final AuditEventTO auditEntry, final Class reference) { +protected Model toJSON(final AuditEventTO auditEvent, final Class reference) { +if (auditEvent == null) { +return Model.of(); +} + try { -if (auditEntry == null) { -return Model.of(); +String content; +if (auditEvent.getBefore() == null) { +JsonNode output = MAPPER.readTree(auditEvent.getOutput()); +if (output.has("entity")) { +content = output.get("entity").toPrettyString(); +} else { +content = output.toPrettyString(); +} +} else { +content = auditEvent.getBefore(); } -String content = auditEntry.getBefore() == null -? MAPPER.readTree(auditEntry.getOutput()).get("entity") == null -? MAPPER.readTree(auditEntry.getOutput()).toPrettyString() -: MAPPER.readTree(auditEntry.getOutput()).get("entity").toPrettyString() -: auditEntry.getBefore(); T entity = MAPPER.reader(). with(StreamReadFeature.STRICT_DUPLICATE_DETECTION). readValue(content, reference); -if (entity instanceof UserTO) { -UserTO userTO = (UserTO) entity; +if (entity instanceof UserTO userTO) { userTO.setPassword(null); userTO.setSecurityAnswer(null); } return Model.of(MAPPER.writerWithDefaultPrettyPrinter().writeValueAsString(entity)); } catch (Exception e) { -LOG.error("While (de)serializing entity {}", auditEntry, e); -throw new WicketRuntimeException(e); +LOG.error("While (de)serializing entity {}", auditEvent, e); Review Comment: ## Use of default toString() Default toString(): AuditEventTO inherits toString() from Object, and so is not suitable for printing. [Show more details](https://github.com/apache/syncope/security/code-scanning/1595) ## core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/SortedSetList.java: ## @@ -54,21 +56,21 @@ } } -private static class SortedSetListSplitIterator implements Spliterator { +private class SortedSetListSplitIterator implements Spliterator { Review Comment: ## Inner class could be static SortedSetListSplitIterator should be made static, since the enclosing instance is not used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1594) ## core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/SortedSetList.java: ## @@ -25,16 +25,18 @@ import java.util.ListIterator; import java.util.SortedSet; import java.util.Spliterator; +import java.util.function.BiFunction; import java.util.function.Consumer; import java.util.stream.Stream; +import org.apache.syncope.core.persistence.api.entity.Entity; -public class SortedSetList implements List { +public class SortedSetList> implements List { -private static class SortedSetListIterator implements Iterator { +private class SortedSetListIterator implements Iterator { Review Comment: ## Inner class could be static SortedSetListIterator should be made static, since the enclosing instance is not used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1593) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] [SYNCOPE-1815] Macro improvements (#696) [syncope]
ilgrosso opened a new pull request, #709: URL: https://github.com/apache/syncope/pull/709 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SYNCOPE-1815] Macro improvements [syncope]
ilgrosso merged PR #696: URL: https://github.com/apache/syncope/pull/696 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SYNCOPE-1815] Macro improvements [syncope]
github-advanced-security[bot] commented on code in PR #696: URL: https://github.com/apache/syncope/pull/696#discussion_r1592553002 ## client/idrepo/console/src/main/java/org/apache/syncope/client/console/reports/ReportWizardBuilder.java: ## @@ -219,7 +219,7 @@ } } -public class Schedule extends WizardStep { +protected class Schedule extends WizardStep { Review Comment: ## Inner class could be static Schedule could be made static, since the enclosing instance is used only in its constructor. [Show more details](https://github.com/apache/syncope/security/code-scanning/1587) ## client/idrepo/console/src/main/java/org/apache/syncope/client/console/tasks/MacroTaskExecWizardBuilder.java: ## @@ -0,0 +1,123 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.console.tasks; + +import java.io.Serializable; +import java.util.Date; +import org.apache.commons.lang3.time.FastDateFormat; +import org.apache.syncope.client.console.rest.TaskRestClient; +import org.apache.syncope.client.console.wizards.BaseAjaxWizardBuilder; +import org.apache.syncope.client.ui.commons.Constants; +import org.apache.syncope.client.ui.commons.ajax.form.IndicatorAjaxFormComponentUpdatingBehavior; +import org.apache.syncope.client.ui.commons.markup.html.form.AjaxCheckBoxPanel; +import org.apache.syncope.client.ui.commons.markup.html.form.AjaxDateTimeFieldPanel; +import org.apache.syncope.client.ui.commons.panels.SyncopeFormPanel; +import org.apache.syncope.common.lib.SyncopeConstants; +import org.apache.syncope.common.lib.form.SyncopeForm; +import org.apache.syncope.common.lib.to.MacroTaskTO; +import org.apache.wicket.PageReference; +import org.apache.wicket.ajax.AjaxRequestTarget; +import org.apache.wicket.extensions.wizard.WizardModel; +import org.apache.wicket.extensions.wizard.WizardStep; +import org.apache.wicket.model.IModel; +import org.apache.wicket.model.Model; + +public class MacroTaskExecWizardBuilder extends BaseAjaxWizardBuilder { + +private static final long serialVersionUID = 3318576575286024205L; + +protected final TaskRestClient taskRestClient; + +protected final IModel formModel = Model.of(); + +protected final Model startAtDateModel = new Model<>(); + +protected final Model dryRunModel = new Model<>(false); + +public MacroTaskExecWizardBuilder( +final MacroTaskTO defaultItem, +final TaskRestClient taskRestClient, +final PageReference pageRef) { + +super(defaultItem, pageRef); +this.taskRestClient = taskRestClient; +} + +@Override +protected Serializable onApplyInternal(final MacroTaskTO modelObject) { +if (formModel.getObject() == null) { +taskRestClient.startExecution(modelObject.getKey(), +startAtDateModel.getObject(), +dryRunModel.getObject()); +} else { +taskRestClient.startExecution(modelObject.getKey(), +startAtDateModel.getObject(), +dryRunModel.getObject(), +formModel.getObject()); +} + +return null; +} + +@Override +protected WizardModel buildModelSteps(final MacroTaskTO modelObject, final WizardModel wizardModel) { +if (!modelObject.getFormPropertyDefs().isEmpty()) { + formModel.setObject(taskRestClient.getMacroTaskForm(modelObject.getKey())); +wizardModel.add(new Form()); +} +wizardModel.add(new StartAt()); +return wizardModel; +} + +protected class Form extends WizardStep { Review Comment: ## Inner class could be static Form could be made static, since the enclosing instance is used only in its constructor. [Show more details](https://github.com/apache/syncope/security/code-scanning/1588) ## client/idrepo/console/src/main/java/org/apache/syncope/client/console/tasks/MacroTaskExecWizardBuilder.java: ## @@ -0,0 +1,123 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work
Re: [PR] Bump com.oracle.database.jdbc:ojdbc11 from 23.3.0.23.09 to 23.4.0.24.05 [syncope]
ilgrosso merged PR #708: URL: https://github.com/apache/syncope/pull/708 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SYNCOPE-1818] fixes wrong status propagation while pulling a status update [syncope]
andrea-patricelli merged PR #703: URL: https://github.com/apache/syncope/pull/703 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.oracle.database.jdbc:ojdbc11 from 23.3.0.23.09 to 23.4.0.24.05 [syncope]
dependabot[bot] opened a new pull request, #708: URL: https://github.com/apache/syncope/pull/708 Bumps com.oracle.database.jdbc:ojdbc11 from 23.3.0.23.09 to 23.4.0.24.05. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.oracle.database.jdbc:ojdbc11=maven=23.3.0.23.09=23.4.0.24.05)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org