Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump dependencies and re-enable checkstyle #584

Merged
merged 16 commits into from
Feb 19, 2024
Merged

Bump dependencies and re-enable checkstyle #584

merged 16 commits into from
Feb 19, 2024

Conversation

nscuro
Copy link
Member

@nscuro nscuro commented Feb 19, 2024

Description

I noticed that several dependencies were out-of-date, despite us using Dependabot. Not sure what's going on, but for now I bumped them manually.

Also re-enabled checkstyle (excluding the license header check), which we disabled a while back for some reason.

Addressed Issue

N/A

Additional Details

N/A

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

nscuro added 16 commits February 19, 2024 13:57
@nscuro
Remove exclusion of jetty-webapp-logging
07dd9fa 
The dependency has been removed in Alpine 2.2.4, which we are already using: stevespringett/Alpine@da1c359

Signed-off-by: nscuro <[email protected]>
@nscuro
Remove managed dependency for snappy-java
9719bec 
It was added to address vulnerabilities, but `kafka-clients` also includes this fixed version now.

Signed-off-by: nscuro <[email protected]>
@nscuro
Bump pebble to 3.2.2
3be202c 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump jdbi to 3.45.0
d5dd559 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump postgres-socket-factory to 1.16.0
b69cac3 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump jackson and jackson-databind to 2.16.1
e473399 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump woodstox to 6.6.0
11540ad 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump resilience4j to 2.2.0
e573211 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump packageurl-java to 1.5.0
9192442 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump liquibase to 4.26.0
54d169b 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump postgresql to 42.7.1
83eb001 
Signed-off-by: nscuro <[email protected]>
@nscuro
Use properties more consistently for specifying dependency versions
5f14585 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump checkstyle to 10.13.0
2289f57 
Signed-off-by: nscuro <[email protected]>
@nscuro
Bump cpe-parser to 2.1.0
b74f59f 
Signed-off-by: nscuro <[email protected]>
@nscuro
Re-enable checkstyle
d14b6b9 
Signed-off-by: nscuro <[email protected]>
@nscuro
Remove unused imports to make checkstyle happy
94011a4 
Signed-off-by: nscuro <[email protected]>
@nscuro nscuro added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Feb 19, 2024
@nscuro nscuro added this to the 5.4.0 milestone Feb 19, 2024
@nscuro nscuro merged commit ca68c21 into main Feb 19, 2024
6 checks passed
@nscuro nscuro deleted the pom-cleanup branch February 19, 2024 19:59
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 21, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sahibamittal sahibamittal sahibamittal approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
5.4.0
Development

Successfully merging this pull request may close these issues.
2 participants
@nscuro @sahibamittal