From d2508e61b31c8cc848fd3c3736a5f85bfa9ebb7e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Nov 2024 18:40:23 -0500 Subject: [PATCH 1/4] Bump junit:junit from 4.13.1 to 4.13.2 (#223) Bumps [junit:junit](https://github.com/junit-team/junit4) from 4.13.1 to 4.13.2.
Release notes

Sourced from junit:junit's releases.

JUnit 4.13.2

Please refer to the release notes for details.

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=junit:junit&package-manager=maven&previous-version=4.13.1&new-version=4.13.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4fd0095c..e33a6bfd 100644 --- a/pom.xml +++ b/pom.xml @@ -80,7 +80,7 @@ junit junit - 4.13.1 + 4.13.2 org.python From 8374b5f3307903d509af44d4ef70b122ac57a986 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Nov 2024 23:44:51 +0000 Subject: [PATCH 2/4] Bump org.codehaus.mojo:versions-maven-plugin from 2.15.0 to 2.17.1 (#222) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions) from 2.15.0 to 2.17.1.
Release notes

Sourced from org.codehaus.mojo:versions-maven-plugin's releases.

2.17.1

Changes

🐛 Bug Fixes

📦 Dependency updates

👻 Maintenance

2.17.0

Changes

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

... (truncated)

Commits
  • 0b79444 [maven-release-plugin] prepare release 2.17.1
  • 2efe05f Extract Pattern.compile to static variable
  • 8321211 Revert #1051 - fix #1110, #1103
  • 9fb2951 Bump byteBuddyVersion from 1.14.17 to 1.14.18
  • 65309e8 Improve ITs for set goal
  • 2a696ac Remove default values from invoker.properties
  • 1383503 Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0
  • 9e445db Remove default value for invoker.buildResult
  • 5ddc194 Improve ITs for set goal
  • 13242ee Fix includeParent field value not matching Parameter#defaultValue
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.mojo:versions-maven-plugin&package-manager=maven&previous-version=2.15.0&new-version=2.17.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index e33a6bfd..1ea69dad 100644 --- a/pom.xml +++ b/pom.xml @@ -110,7 +110,7 @@ org.codehaus.mojo versions-maven-plugin - 2.15.0 + 2.17.1 com.diffplug.spotless @@ -120,7 +120,7 @@ org.codehaus.mojo versions-maven-plugin - 2.15.0 + 2.17.1 From 6e1d041f1a1280e727c1b580b8e92a92208bf3cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Nov 2024 16:20:44 +0000 Subject: [PATCH 3/4] Bump wala.version from 1.6.4 to 1.6.7 (#221) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps `wala.version` from 1.6.4 to 1.6.7. Updates `com.ibm.wala:com.ibm.wala.util` from 1.6.4 to 1.6.7
Release notes

Sourced from com.ibm.wala:com.ibm.wala.util's releases.

Version 1.6.7

The major user-visible change is initial support for JDK 23 bytecodes.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.6...v1.6.7

Version 1.6.6

What's Changed

Full Changelog: https://github.com/wala/WALA/compare/v1.6.5...v1.6.6

Version 1.6.5

Again this release has mostly behind-the-scenes changes. @​MadhuNimmo contributed efficiency optimizations for bounded call graph construction for JavaScript and some improved models of JavaScript library functions.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.4...v1.6.5

Commits

Updates `com.ibm.wala:com.ibm.wala.shrike` from 1.6.4 to 1.6.7
Release notes

Sourced from com.ibm.wala:com.ibm.wala.shrike's releases.

Version 1.6.7

The major user-visible change is initial support for JDK 23 bytecodes.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.6...v1.6.7

Version 1.6.6

What's Changed

Full Changelog: https://github.com/wala/WALA/compare/v1.6.5...v1.6.6

Version 1.6.5

Again this release has mostly behind-the-scenes changes. @​MadhuNimmo contributed efficiency optimizations for bounded call graph construction for JavaScript and some improved models of JavaScript library functions.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.4...v1.6.5

Commits

Updates `com.ibm.wala:com.ibm.wala.core` from 1.6.4 to 1.6.7
Release notes

Sourced from com.ibm.wala:com.ibm.wala.core's releases.

Version 1.6.7

The major user-visible change is initial support for JDK 23 bytecodes.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.6...v1.6.7

Version 1.6.6

What's Changed

Full Changelog: https://github.com/wala/WALA/compare/v1.6.5...v1.6.6

Version 1.6.5

Again this release has mostly behind-the-scenes changes. @​MadhuNimmo contributed efficiency optimizations for bounded call graph construction for JavaScript and some improved models of JavaScript library functions.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.4...v1.6.5

Commits

Updates `com.ibm.wala:com.ibm.wala.cast` from 1.6.4 to 1.6.7
Release notes

Sourced from com.ibm.wala:com.ibm.wala.cast's releases.

Version 1.6.7

The major user-visible change is initial support for JDK 23 bytecodes.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.6...v1.6.7

Version 1.6.6

What's Changed

Full Changelog: https://github.com/wala/WALA/compare/v1.6.5...v1.6.6

Version 1.6.5

Again this release has mostly behind-the-scenes changes. @​MadhuNimmo contributed efficiency optimizations for bounded call graph construction for JavaScript and some improved models of JavaScript library functions.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.4...v1.6.5

Commits

Updates `com.ibm.wala:com.ibm.wala.cast.java` from 1.6.4 to 1.6.7
Release notes

Sourced from com.ibm.wala:com.ibm.wala.cast.java's releases.

Version 1.6.7

The major user-visible change is initial support for JDK 23 bytecodes.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.6...v1.6.7

Version 1.6.6

What's Changed

Full Changelog: https://github.com/wala/WALA/compare/v1.6.5...v1.6.6

Version 1.6.5

Again this release has mostly behind-the-scenes changes. @​MadhuNimmo contributed efficiency optimizations for bounded call graph construction for JavaScript and some improved models of JavaScript library functions.

Full Changelog: https://github.com/wala/WALA/compare/v1.6.4...v1.6.5

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1ea69dad..31863194 100644 --- a/pom.xml +++ b/pom.xml @@ -29,7 +29,7 @@ 3.13.0 UTF-8 b000 - 1.6.4 + 1.6.7 2.43.0 3.3.1 both From babba35235e8bdd9720a8e4a82bf9fc6e347bb9f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Nov 2024 14:21:42 -0500 Subject: [PATCH 4/4] Bump org.ow2.asm:asm-all from 5.1 to 6.0_BETA (#220) Bumps org.ow2.asm:asm-all from 5.1 to 6.0_BETA. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.ow2.asm:asm-all&package-manager=maven&previous-version=5.1&new-version=6.0_BETA)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 31863194..f5743fd4 100644 --- a/pom.xml +++ b/pom.xml @@ -100,7 +100,7 @@ org.ow2.asm asm-all - 5.1 + 6.0_BETA com.github.jnr