Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[dependabot] Dependencies upgrades #336

Closed
wants to merge 33 commits into from
Closed

[dependabot] Dependencies upgrades #336

wants to merge 33 commits into from

Conversation

afabiani
Copy link
Member

No description provided.

dependabot bot and others added 30 commits February 12, 2024 15:43
@dependabot
Bump com.fasterxml.jackson.core:jackson-databind in /src
95435b3 
Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.13.1 to 2.13.4.2.
- [Commits](https://github.com/FasterXML/jackson/commits)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.codehaus.jettison:jettison from 1.4.0 to 1.5.4 in /src
c49141c 
Bumps [org.codehaus.jettison:jettison](https://github.com/jettison-json/jettison) from 1.4.0 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.4.0...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.mortbay.jetty:jetty from 6.1.14 to 6.1.23 in /src/web/app
0ded14e 
Bumps org.mortbay.jetty:jetty from 6.1.14 to 6.1.23.

---
updated-dependencies:
- dependency-name: org.mortbay.jetty:jetty
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.springframework:spring-context from 5.3.18 to 5.3.19 in /src
aacf430 
Bumps [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) from 5.3.18 to 5.3.19.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.3.18...v5.3.19)

---
updated-dependencies:
- dependency-name: org.springframework:spring-context
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
- update maven repositories
6b93644
@afabiani
Merge pull request #13 from afabiani/dependabot/maven/src/com.fasterx…
4cba3d2 
…ml.jackson.core-jackson-databind-2.13.4.2

Bump com.fasterxml.jackson.core:jackson-databind from 2.13.1 to 2.13.4.2 in /src
@afabiani
Merge branch 'master' of https://github.com/afabiani/geostore into de…
bae22cd 
…pendabot/maven/src/org.codehaus.jettison-jettison-1.5.4
@afabiani
Merge pull request #14 from afabiani/dependabot/maven/src/org.codehau…
12d98e2 
…s.jettison-jettison-1.5.4

Bump org.codehaus.jettison:jettison from 1.4.0 to 1.5.4 in /src
@afabiani
Merge pull request #16 from afabiani/dependabot/maven/src/org.springf…
709bd4b 
…ramework-spring-context-5.3.19

Bump org.springframework:spring-context from 5.3.18 to 5.3.19 in /src
@dependabot
Bump org.postgresql:postgresql from 42.2.23 to 42.3.8 in /src
445d26e 
Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 42.2.23 to 42.3.8.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.2.23...REL42.3.8)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
Merge pull request #12 from afabiani/dependabot/maven/src/web/app/org…
e5b3625 
….mortbay.jetty-jetty-6.1.23

Bump org.mortbay.jetty:jetty from 6.1.14 to 6.1.23 in /src/web/app
@dependabot
Bump org.springframework:spring-beans from 5.3.18 to 5.3.20 in /src
dbe1dc8 
Bumps [org.springframework:spring-beans](https://github.com/spring-projects/spring-framework) from 5.3.18 to 5.3.20.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.3.18...v5.3.20)

---
updated-dependencies:
- dependency-name: org.springframework:spring-beans
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.springframework.security:spring-security-core in /src
15d3e71 
Bumps [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) from 5.3.10.RELEASE to 5.5.7.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.3.10.RELEASE...5.5.7)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
Merge pull request #15 from afabiani/dependabot/maven/src/org.springf…
a8fe23f 
…ramework-spring-beans-5.3.20

Bump org.springframework:spring-beans from 5.3.18 to 5.3.20 in /src
@afabiani
Merge pull request #17 from afabiani/dependabot/maven/src/org.postgre…
ead05ca 
…sql-postgresql-42.3.8

Bump org.postgresql:postgresql from 42.2.23 to 42.3.8 in /src
@dependabot
Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.9.4 in /src
3859654 
Bumps commons-beanutils:commons-beanutils from 1.7.0 to 1.9.4.

---
updated-dependencies:
- dependency-name: commons-beanutils:commons-beanutils
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump commons-io:commons-io from 2.1 to 2.7 in /src
da2960d 
Bumps commons-io:commons-io from 2.1 to 2.7.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump junit:junit from 4.12 to 4.13.1 in /src
6ea3dc7 
Bumps [junit:junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md)
- [Commits](junit-team/junit4@r4.12...r4.13.1)

---
updated-dependencies:
- dependency-name: junit:junit
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
Merge pull request #23 from afabiani/dependabot/maven/src/junit-junit…
5896263 
…-4.13.1

Bump junit:junit from 4.12 to 4.13.1 in /src
@dependabot
Bump org.springframework.security.oauth:spring-security-oauth2
9cff4d3 
Bumps [org.springframework.security.oauth:spring-security-oauth2](https://github.com/SpringSource/spring-security-oauth) from 2.0.16.RELEASE to 2.0.17.RELEASE.
- [Commits](spring-attic/spring-security-oauth@2.0.16.RELEASE...2.0.17.RELEASE)

---
updated-dependencies:
- dependency-name: org.springframework.security.oauth:spring-security-oauth2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
Merge pull request #22 from afabiani/dependabot/maven/src/commons-io-…
640a4ff 
…commons-io-2.7

Bump commons-io:commons-io from 2.1 to 2.7 in /src
@afabiani
Merge pull request #21 from afabiani/dependabot/maven/src/commons-bea…
7c02973 
…nutils-commons-beanutils-1.9.4

Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.9.4 in /src
@afabiani
Merge pull request #20 from afabiani/dependabot/maven/src/org.springf…
f84db66 
…ramework.security-spring-security-core-5.5.7

Bump org.springframework.security:spring-security-core from 5.3.10.RELEASE to 5.5.7 in /src
@dependabot
Bump com.h2database:h2 from 1.3.175 to 2.2.220 in /src/core/persistence
646ed15 
Bumps [com.h2database:h2](https://github.com/h2database/h2database) from 1.3.175 to 2.2.220.
- [Release notes](https://github.com/h2database/h2database/releases)
- [Commits](https://github.com/h2database/h2database/commits/version-2.2.220)

---
updated-dependencies:
- dependency-name: com.h2database:h2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump com.h2database:h2 from 1.3.175 to 2.2.220 in /src/cli
f9778bd 
Bumps [com.h2database:h2](https://github.com/h2database/h2database) from 1.3.175 to 2.2.220.
- [Release notes](https://github.com/h2database/h2database/releases)
- [Commits](https://github.com/h2database/h2database/commits/version-2.2.220)

---
updated-dependencies:
- dependency-name: com.h2database:h2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.jasypt:jasypt from 1.8 to 1.9.2 in /src
5a5daa1 
Bumps org.jasypt:jasypt from 1.8 to 1.9.2.

---
updated-dependencies:
- dependency-name: org.jasypt:jasypt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
Merge pull request #24 from afabiani/dependabot/maven/src/modules/res…
f3973b8 
…t/impl/org.springframework.security.oauth-spring-security-oauth2-2.0.17.RELEASE

Bump org.springframework.security.oauth:spring-security-oauth2 from 2.0.16.RELEASE to 2.0.17.RELEASE in /src/modules/rest/impl
@afabiani
Merge pull request #25 from afabiani/dependabot/maven/src/core/persis…
3441700 
…tence/com.h2database-h2-2.2.220

Bump com.h2database:h2 from 1.3.175 to 2.2.220 in /src/core/persistence
@afabiani
Merge pull request #26 from afabiani/dependabot/maven/src/cli/com.h2d…
d3d984d 
…atabase-h2-2.2.220

Bump com.h2database:h2 from 1.3.175 to 2.2.220 in /src/cli
@afabiani
- update maven repositories
927a3a9
afabiani and others added 3 commits February 12, 2024 18:20
@afabiani
Merge pull request #19 from afabiani/dependabot/maven/src/org.jasypt-…
97ba95b 
…jasypt-1.9.2

Bump org.jasypt:jasypt from 1.8 to 1.9.2 in /src
@dependabot
Bump org.postgresql:postgresql from 42.3.8 to 42.6.1 in /src
0bf60d3 
Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 42.3.8 to 42.6.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.3.8...REL42.6.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@afabiani
Merge pull request #27 from afabiani/dependabot/maven/src/org.postgre…
f6aadee 
…sql-postgresql-42.6.1

Bump org.postgresql:postgresql from 42.3.8 to 42.6.1 in /src
@tdipisa tdipisa changed the title [dependabot] Dependencies and critical security fixes [dependabot] Dependencies upgrades Feb 21, 2024
@tdipisa tdipisa closed this Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@afabiani @tdipisa