Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all dependencies #1163

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update all dependencies #1163

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 23, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.apache.maven.plugins:maven-gpg-plugin 3.1.0 -> 3.2.7 age adoption passing confidence
org.jacoco:jacoco-maven-plugin (source) 0.8.11 -> 0.8.12 age adoption passing confidence
org.sonatype.plugins:nexus-staging-maven-plugin (source) 1.6.13 -> 1.7.0 age adoption passing confidence
org.springframework.security:spring-security-web (source) 5.4.10 -> 5.8.16 age adoption passing confidence
org.codehaus.mojo:versions-maven-plugin (source) 2.16.2 -> 2.18.0 age adoption passing confidence
org.springframework.security:spring-security-core (source) 5.5.7 -> 5.8.16 age adoption passing confidence
org.springframework.security:spring-security-config (source) 5.4.10 -> 5.8.16 age adoption passing confidence
org.apache.maven.plugins:maven-surefire-plugin 3.2.2 -> 3.5.2 age adoption passing confidence
org.springframework.boot:spring-boot-test-autoconfigure (source) 2.3.12.RELEASE -> 2.7.18 age adoption passing confidence
org.springframework.boot:spring-boot-test (source) 2.3.12.RELEASE -> 2.7.18 age adoption passing confidence
org.apache.maven.plugins:maven-source-plugin 3.3.0 -> 3.3.1 age adoption passing confidence
org.springframework.boot:spring-boot (source) 2.3.12.RELEASE -> 2.7.18 age adoption passing confidence
org.springframework.boot:spring-boot-actuator (source) 2.3.12.RELEASE -> 2.7.18 age adoption passing confidence
org.springframework:spring-webmvc 5.2.22.RELEASE -> 5.3.39 age adoption passing confidence
org.springframework:spring-test 5.2.22.RELEASE -> 5.3.39 age adoption passing confidence
org.springframework:spring-web 5.2.22.RELEASE -> 5.3.39 age adoption passing confidence
org.springframework:spring-context 5.2.22.RELEASE -> 5.3.39 age adoption passing confidence
org.apache.maven.plugins:maven-javadoc-plugin 3.6.3 -> 3.11.2 age adoption passing confidence
org.thymeleaf:thymeleaf (source) 3.0.15.RELEASE -> 3.1.3.RELEASE age adoption passing confidence
org.springframework:spring-beans 5.2.22.RELEASE -> 5.3.39 age adoption passing confidence
org.apache.maven.plugins:maven-failsafe-plugin 3.2.2 -> 3.5.2 age adoption passing confidence
org.springframework.boot:spring-boot-configuration-processor (source) 2.3.12.RELEASE -> 2.7.18 age adoption passing confidence
org.mockito:mockito-core 5.8.0 -> 5.14.2 age adoption passing confidence
org.apache.maven.plugins:maven-compiler-plugin 3.11.0 -> 3.13.0 age adoption passing confidence
org.junit.jupiter:junit-jupiter (source) 5.10.1 -> 5.11.4 age adoption passing confidence
com.spotify.fmt:fmt-maven-plugin 2.21.1 -> 2.25 age adoption passing confidence
org.assertj:assertj-core (source) 3.24.2 -> 3.27.0 age adoption passing confidence
io.micrometer:micrometer-registry-prometheus 1.12.0 -> 1.14.2 age adoption passing confidence
io.micrometer:micrometer-core 1.12.0 -> 1.14.2 age adoption passing confidence
org.jdbi:jdbi3-core (source) 3.37.1 -> 3.47.0 age adoption passing confidence
org.springframework:spring-aop 5.2.22.RELEASE -> 5.3.39 age adoption passing confidence
com.fasterxml.jackson.core:jackson-databind (source) 2.13.4.2 -> 2.18.2 age adoption passing confidence
io.jsonwebtoken:jjwt 0.9.1 -> 0.12.6 age adoption passing confidence
org.springframework.data:spring-data-commons (source) 2.7.2 -> 2.7.18 age adoption passing confidence
com.maxmind.geoip2:geoip2 (source) 2.14.0 -> 2.17.0 age adoption passing confidence
net.sf.saxon:Saxon-HE (source) 10.8 -> 10.9 age adoption passing confidence
com.fasterxml.jackson.core:jackson-annotations (source) 2.13.4 -> 2.18.2 age adoption passing confidence
org.apache.commons:commons-lang3 (source) 3.14.0 -> 3.17.0 age adoption passing confidence
org.aspectj:aspectjweaver (source) 1.9.20.1 -> 1.9.22.1 age adoption passing confidence
joda-time:joda-time (source) 2.12.5 -> 2.13.0 age adoption passing confidence
com.google.guava:guava 32.1.1-jre -> 32.1.3-jre age adoption passing confidence

Release Notes

jacoco/jacoco (org.jacoco:jacoco-maven-plugin)

v0.8.12: 0.8.12

Compare Source

New Features

  • JaCoCo now officially supports Java 22 (GitHub #​1596).
  • Experimental support for Java 23 class files (GitHub #​1553).

Fixed bugs

  • Branches added by the Kotlin compiler for functions with default arguments and having more than 32 parameters are filtered out during generation of report (GitHub #​1556).
  • Branch added by the Kotlin compiler version 1.5.0 and above for reading from lateinit property is filtered out during generation of report (GitHub #​1568).

Non-functional Changes

  • JaCoCo now depends on ASM 9.7 (GitHub #​1600).
sonatype/nexus-maven-plugins (org.sonatype.plugins:nexus-staging-maven-plugin)

v1.7.0

Compare Source

v1.6.14

Compare Source

spring-projects/spring-security (org.springframework.security:spring-security-web)

v5.8.16

Compare Source

⭐ New Features

  • Support ServerExchangeRejectedHandler @Bean #​15976

🪲 Bug Fixes

  • Catch base64 decode exception #​15914
  • Support ServerWebExchangeFirewall @Bean #​15977

🔨 Dependency Upgrades

  • Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4 #​16030
  • Bump org.springframework.ldap:spring-ldap-core from 2.4.2 to 2.4.4 #​16094

🔩 Build Updates

  • Bump @antora/collector-extension from 1.0.0-beta.4 to 1.0.0-beta.5 in /docs #​16114
  • Update Antora UI Spring to v0.4.17 #​15933

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.15

Compare Source

⭐ New Features
  • Address unnecessary method invocation in AbstractRequestMatcherRegistry #​15718
  • The SecuredAuthorizationManager can now find @Secured annotations on … #​15014
🪲 Bug Fixes
  • Disabling credentials erasure on custom AuthenticationManager is not working #​15683
  • Methods annotated with @PostFilter are processed twice by PostFilterAuthorizationMethodInterceptor #​15624
  • SecurityJackson2Modules.getModules(): Cannot load module org.springframework.security.cas.jackson2.CasJackson2Module #​15749
  • The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #​15533
🔨 Dependency Upgrades
  • Bump io.projectreactor.tools:blockhound from 1.0.9.RELEASE to 1.0.10.RELEASE #​15928
  • Bump org-eclipse-jetty from 9.4.55.v20240627 to 9.4.56.v20240826 #​15730
  • Bump org.springframework.ldap:spring-ldap-core from 2.4.1 to 2.4.2 #​15941
🔩 Build Updates
  • Bump @antora/collector-extension from 1.0.0-beta.2 to 1.0.0-beta.3 in /docs #​15908
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.13 to 1.0.0-alpha.14 in /docs #​15837
  • Migrate slack notifications to GChat #​15503
  • Release 5.8.15 #​15963
❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.14

Compare Source

⭐ New Features
  • Document the role of CredentialsContainer #​15319
🪲 Bug Fixes
  • Clarify url Parameter Usage in AD Provider Constructor #​15409
  • Using sec:authorize in JSPX causes 'java.lang.NullPointerException: Cannot invoke "jakarta.servlet.ServletRegistration.getClassName()" because "registration" is null' #​15363
🔨 Dependency Upgrades
  • Bump com.github.spullara.mustache.java:compiler from 0.9.13 to 0.9.14 #​15375
  • Bump io.projectreactor.netty:reactor-netty from 1.0.46 to 1.0.47 #​15391
  • Bump io.projectreactor.netty:reactor-netty from 1.0.47 to 1.0.48 #​15606
  • Bump io.projectreactor:reactor-bom from 2020.0.45 to 2020.0.46 #​15390
  • Bump io.projectreactor:reactor-bom from 2020.0.46 to 2020.0.47 #​15604
  • Bump org-eclipse-jetty from 9.4.54.v20240208 to 9.4.55.v20240627 #​15360
  • Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.2 #​15291
  • Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.3 #​15335
  • Bump org.springframework:spring-framework-bom from 5.3.37 to 5.3.39 #​15615
🔩 Build Updates
  • Automate check of expected branch version #​15226
  • Bump @antora/collector-extension from 1.0.0-alpha.4 to 1.0.0-alpha.6 in /docs #​15447
  • Bump @antora/collector-extension from 1.0.0-alpha.6 to 1.0.0-alpha.7 in /docs #​15484
  • Bump @antora/collector-extension from 1.0.0-alpha.7 to 1.0.0-beta.1 in /docs #​15558
  • Bump @antora/collector-extension from 1.0.0-beta.1 to 1.0.0-beta.2 in /docs #​15633
  • Bump @springio/antora-extensions from 1.11.1 to 1.12.0 in /docs #​15417
  • Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs #​15523
  • Bump @springio/antora-extensions from 1.13.0 to 1.13.1 in /docs #​15559
  • Bump @springio/antora-extensions from 1.13.1 to 1.14.2 in /docs #​15632
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.10 to 1.0.0-alpha.11 in /docs #​15416
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.11 to 1.0.0-alpha.12 in /docs #​15524
  • Bump antora from 3.2.0-alpha.4 to 3.2.0-alpha.5 in /docs #​15330
  • Bump antora from 3.2.0-alpha.5 to 3.2.0-alpha.6 in /docs #​15481
  • Bump com.gradle.develocity from 3.17.5 to 3.17.6 #​15463
❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.13

Compare Source

⭐ New Features
  • doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #​14779
  • Enhance Logging in RequestMatcherDelegatingAuthorizationManage #​14837
  • Improve PasswordEncoder Error Messaging #​14951
  • InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #​14880
  • Mention all required dependencies in LDAP documentation #​15235
  • Remove useBase64 parameter #​14862
🪲 Bug Fixes
  • AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #​13849
  • Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #​15195
  • Assert WebSession is not null #​14977
  • Conditionally Add Conventions Plugin #​15152
  • DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #​14418
  • Fix Java example in multitenanci.adoc #​15146
  • LDIF file on official documentation breaks the startup process #​15089
  • Link to article with remember-me-persistent-token strategy is broken #​14358
  • ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #​14931
  • Resolving invalid CSRF token values is not consistent #​15184
  • Restore Build Scan Capability #​15120
  • Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #​14855
🔨 Dependency Upgrades
  • Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #​15074
  • Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #​15231
  • Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #​14923
  • Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #​15073
  • Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #​15230
  • Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #​15191
  • Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #​15085
  • Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #​15135
  • Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #​15253
  • Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #​14938
🔩 Build Updates
  • Attach Antora Docs to Pull Requests #​14992
  • Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #​15160
  • Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #​15140
  • Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #​15001
  • Bump com.gradle.develocity from 3.17.2 to 3.17.4 #​15099
  • Bump com.gradle.develocity from 3.17.4 to 3.17.5 #​15240
  • Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #​14959
  • Consider Adding a Build Updates section to the release changelog #​14485
  • Migrate to com.gradle.develocity plugin #​15021
  • Update Gradle Enterprise plugin to 3.17.2 #​15020
❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.12

Compare Source

🪲 Bug Fixes

  • Conditional check for data-source-ref is incorrect #​14742

🔨 Dependency Upgrades

  • Bump io.projectreactor.netty:reactor-netty from 1.0.43 to 1.0.44 #​14878
  • Bump io.projectreactor:reactor-bom from 2020.0.42 to 2020.0.43 #​14877
  • Bump io.spring.ge.conventions from 0.0.15 to 0.0.16 #​14822
  • Bump org.springframework:spring-framework-bom from 5.3.33 to 5.3.34 #​14891

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.11

Compare Source

🪲 Bug Fixes

  • Allow tab in HTTP header values. #​14590
  • Check for null Authentication #​14664
  • PostAuthorize Method Interceptors Should Use Order from AuthorizationInterceptorsOrder #​14720
  • Remove duplicate setSecurityContextHolderStrategy #​14603
  • Spring security's ServerLogoutHandler order problem. #​14379

🔨 Dependency Upgrades

  • Bump io.projectreactor.netty:reactor-netty from 1.0.41 to 1.0.43 #​14730
  • Bump io.projectreactor:reactor-bom from 2020.0.41 to 2020.0.42 #​14729
  • Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33 #​14759

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.10

Compare Source

⭐ New Features

  • Updated broken documentation link in javadocs #​14329

🪲 Bug Fixes

  • Fix security filter sort in javadoc #​14552
  • ReactiveMethodSecurityConfiguration is initialized prematurely when the context contains a BeanPostProcessor #​11596
  • Saml2 LogoutFilter Should Come Before Common LogoutFilter #​14549

🔨 Dependency Upgrades


Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Nov 23, 2024
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 4202ab7 to 810b0f6 Compare December 11, 2024 19:37
@renovate renovate bot changed the title chore(deps): update all dependencies fix(deps): update all dependencies Dec 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants