Skip to content

Bump ast-cli-java-wrapper from 1.0.37 to 1.0.50#41

Merged
cx-pedro-lopes merged 1 commit intomainfrom
dependabot/maven/com.checkmarx.ast-ast-cli-java-wrapper-1.0.50
Nov 17, 2022
Merged

Bump ast-cli-java-wrapper from 1.0.37 to 1.0.50#41
cx-pedro-lopes merged 1 commit intomainfrom
dependabot/maven/com.checkmarx.ast-ast-cli-java-wrapper-1.0.50

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 14, 2022

Bumps ast-cli-java-wrapper from 1.0.37 to 1.0.50.

Release notes

Sourced from ast-cli-java-wrapper's releases.

1.0.50

Full Changelog: Checkmarx/ast-cli-java-wrapper@1.0.49...1.0.50

1.0.49

What's Changed

Full Changelog: Checkmarx/ast-cli-java-wrapper@1.0.48...1.0.49

1.0.48

What's Changed

Full Changelog: Checkmarx/ast-cli-java-wrapper@1.0.47...1.0.48

1.0.47

What's Changed

Full Changelog: Checkmarx/ast-cli-java-wrapper@1.0.46...1.0.47

1.0.46

What's Changed

Full Changelog: Checkmarx/ast-cli-java-wrapper@1.0.45...1.0.46

1.0.45

What's Changed

Full Changelog: Checkmarx/ast-cli-java-wrapper@1.0.44...1.0.45

... (truncated)

Commits
  • b59db3b Update pom.xml
  • b15f55a Update checkmarx-ast-cli to 2.0.34 (#187)
  • 1e91737 Merge pull request #186 from CheckmarxDev/dependabot/github_actions/dependabo...
  • 5c5fed3 Merge pull request #185 from CheckmarxDev/dependabot/maven/com.github.spotbug...
  • 813029f Merge pull request #184 from CheckmarxDev/dependabot/maven/com.fasterxml.jack...
  • 56bf7ae Bump dependabot/fetch-metadata from 1.3.4 to 1.3.5
  • 72597c3 Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
  • 87d22f5 Bump jackson-databind from 2.13.4.2 to 2.14.0
  • 6c9bdc5 Merge pull request #181 from CheckmarxDev/dependabot/maven/com.google.code.gs...
  • c098df6 Bump gson from 2.9.1 to 2.10
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump ast-cli-java-wrapper from 1.0.37 to 1.0.50
20716e1 
Bumps [ast-cli-java-wrapper](https://github.com/CheckmarxDev/ast-cli-java-wrapper) from 1.0.37 to 1.0.50.
- [Release notes](https://github.com/CheckmarxDev/ast-cli-java-wrapper/releases)
- [Commits](Checkmarx/ast-cli-java-wrapper@1.0.37...1.0.50)

---
updated-dependencies:
- dependency-name: com.checkmarx.ast:ast-cli-java-wrapper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 14, 2022
@dependabot dependabot bot mentioned this pull request Nov 14, 2022
Closed
@diogopcx
Copy link
Contributor

diogopcx commented Nov 14, 2022

Logo
Checkmarx AST – Scan Summary & Details765d6cd6-67ec-4afa-8187-7d7bcc0eed01

New Issues

Severity Issue File / Package Scan Engine
HIGH Passwords And Secrets - Generic Password /.github/workflows/release.yml: 35 CxKICS

Fixed Issues

Severity Issue File / Package Scan Engine
HIGH Code_Injection /dsvw.py: 56 CxSAST
HIGH Command_Injection /dsvw.py: 56 CxSAST
HIGH Stored_XSS /dsvw.py: 26, 35, 37 CxSAST
MEDIUM Missing_HSTS_Header /dsvw.py: 76 CxSAST
MEDIUM Stored_Command_Injection /dsvw.py: 56 CxSAST
MEDIUM Unpinned Package Version in Apk Add /Dockerfile: 6 CxKICS
LOW Command_Argument_Injection /dsvw.py: 56 CxSAST
LOW Healthcheck Instruction Missing /Dockerfile: 3 CxKICS
LOW Improper_Resource_Shutdown_or_Release /dsvw.py: 17 CxSAST
LOW Information_Exposure_Through_an_Error_Message /dsvw.py: 72 CxSAST
LOW Missing_Content_Security_Policy /dsvw.py: 76 CxSAST
LOW Stored_Code_Injection /dsvw.py: 56 CxSAST
LOW Stored_Command_Argument_Injection /dsvw.py: 56 CxSAST

@cx-pedro-lopes cx-pedro-lopes merged commit 9753f44 into main Nov 17, 2022
@dependabot dependabot bot deleted the dependabot/maven/com.checkmarx.ast-ast-cli-java-wrapper-1.0.50 branch November 17, 2022 14:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cx-pedro-lopes cx-pedro-lopes cx-pedro-lopes approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@diogopcx @cx-pedro-lopes