New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Java: Bump mockito-core from 3.7.7 to 3.8.0 in /lib/java #1466
Java: Bump mockito-core from 3.7.7 to 3.8.0 in /lib/java #1466
Conversation
Security Insights(1) Vulnerable direct dependencies were detectedaiohttp < 3.7.4 via lib/python/requirements_dev_asyncio.txt Action Items
Questions or Comments? Reach out on Slack: #support-infosec. |
This pull request will no longer be automatically closed when a new version is found as this pull request was created by Dependabot Preview and this repo is using a |
@dependabot rebase |
Bumps [mockito-core](https://github.com/mockito/mockito) from 3.7.7 to 3.8.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v3.7.7...v3.8.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
325cc7e
to
c8c9735
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1
@Workiva/release-management-p ready for merge.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 from RM
Bumps mockito-core from 3.7.7 to 3.8.0.
Release notes
Sourced from mockito-core's releases.
... (truncated)
Commits
9005524
Publish new minor version to Maven central (#2213)8477455
Fixes #2204: Ignore Groovy methods annotated with Internal (#2207)c2488e0
Bump junit from 4.13.1 to 4.13.2 (#2205)e88fe26
Add API for clearing mocks. (#2194)3bffcd0
Bump junit-platform-launcher from 1.7.0 to 1.7.1 (#2198)632a0c8
Bump versions.junitJupiter from 5.7.0 to 5.7.1 (#2199)43facff
Bump versions.bytebuddy from 1.10.19 to 1.10.20 (#2195)7745992
Bump kotlin-stdlib from 1.4.21-2 to 1.4.30 (#2196)780cfc1
Bump shipkit-changelog from 1.1.1 to 1.1.4 (#2190)8a19d46
Fixes #2154 : instrument java.lang.Object to fix toString invocations on inli...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot badge me
will comment on this PR with code to add a "Dependabot enabled" badge to your readmeAdditionally, you can set the following in the
.dependabot/config.yml
file in this repo: