Slate update for 74.5 #2309
Closed
Slate update for 74.5 #2309
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- `DummySSLSocketFactory` is removed in this new version. So we added our own implementation (`SkipSslLdapSocketFactory` class), which shares all the code with `LdapSocketFactory` (which is in use when not skipping SSL validation) except it is using a TrustManager that does not actually verify certificates. This implementation is modelled after the removed `DummySSLSocketFactory` class. - related commit: 6805b3f [#182999703] Bumps api-ldap-model from 1.0.3 to 2.1.2. Co-authored-by: Peter Chen <peterch@vmware.com> --- updated-dependencies: - dependency-name: org.apache.directory.api:api-ldap-model dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
extract clip board java script into file add event handler and described in many CSP guidelines
Bumps `versions.springBootVersion` from 2.7.3 to 2.7.4. Updates `spring-boot-dependencies` from 2.7.3 to 2.7.4 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.3...v2.7.4) Updates `spring-boot-gradle-plugin` from 2.7.3 to 2.7.4 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.3...v2.7.4) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.boot:spring-boot-gradle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.25.1 to 0.25.2. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.25.1...v0.25.2) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [json](https://github.com/douglascrockford/JSON-java) from 20220320 to 20220924. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.json:json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Fix regression with legacy redirect patterns Port wildcards were working, but because of spring change this fails now Bring it back now with this PR. Remark: legacy patterns were in past and again now written to log with warnings, so that you see them Example WARN --- LegacyRedirectResolver: OAuth client app is configured with a redirect_uri which performs implicit or wildcard matching in legacy redirect uri matching mode. In this instance, the requested uri http://localhost:3000/authentication/callback matches the configured uri http://localhost:*/authentication/callback. Please consider configuring your requested redirect uri to exactly match the redirect_uri for this client. * refactoring and test added * cleanup
Bumps commons-text from 1.9 to 1.10.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…2048) Bumps `versions.bouncyCastleVersion` from 1.71.1 to 1.72. Updates `bcpkix-jdk18on` from 1.71.1 to 1.72 - [Release notes](https://github.com/bcgit/bc-java/releases) - [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `bcprov-jdk18on` from 1.71.1 to 1.72 - [Release notes](https://github.com/bcgit/bc-java/releases) - [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [greenmail](https://github.com/greenmail-mail-test/greenmail) from 1.6.10 to 1.6.11. - [Release notes](https://github.com/greenmail-mail-test/greenmail/releases) - [Commits](greenmail-mail-test/greenmail@release-1.6.10...release-1.6.11) --- updated-dependencies: - dependency-name: com.icegreen:greenmail dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#2052) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.2 to 1.21.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.20.2...v1.21.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Use `-agentlib` option instead of `-Xrunjdwp` - Add gradle run option to suspend the server till the debugger is attached - Update the related section in README
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.25.2 to 0.25.3. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.25.2...v0.25.3) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps commons-rng-core from 1.4 to 1.5. --- updated-dependencies: - dependency-name: org.apache.commons:commons-rng-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps commons-rng-simple from 1.4 to 1.5. --- updated-dependencies: - dependency-name: org.apache.commons:commons-rng-simple dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#2058) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.21.1 to 1.22.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.21.1...v1.22.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ated --- uses an env var to point to configuration url -- no env var means Rate Limiting disabled
…artsWith & contains searches for matching paths.
…eplaced the Head & Nodes from the Expiration Buckets with Synchronized Linked List. At Florian suggestion: Added an Alternative implementation of the JWT field extraction replacing the Regex option with a section decoding Json parsing first level field extractor.
Bumps [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) from 2.5.1.0 to 2.5.2.0. - [Release notes](https://github.com/ESAPI/esapi-java-legacy/releases) - [Changelog](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.0-readme-crypto-changes.html) - [Commits](ESAPI/esapi-java-legacy@esapi-2.5.1.0...esapi-2.5.2.0) --- updated-dependencies: - dependency-name: org.owasp.esapi:esapi dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Remove unnecessary references to apache.directory library * Rework * Remove EMPTY_STRING_ARRAY constant from UaaStringUtils
reported from update the lastClean instant and adapt tests changed according to sonar lint plugin
* A recent previous refactor commit was using the `getNano()` method, thinking that it would return the total number of nanoseconds in the duration, which is does not. It returns the number of nanoseconds within one second, which is not at all what we wanted. * We decided to go ahead and just use the `getSeconds` method, which this time actually returns the total number of seconds in the duration object. We understand that previously the precision of this was to the millisecond level. We believe that it's OK if we change to the second level. The cleanup will still happen every n minutes, just not at the precise millisecond. Co-Authored-by: Bruce Ricard <bricard@vmware.com>
* to document what the code does
* a previous commit changed from milliseconds to seconds, which is not a bug, but we just want to get back to the same state
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.27.0 to 0.27.1. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.27.0...v0.27.1) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…2295) Bumps `versions.springBootVersion` from 2.7.10 to 2.7.11. Updates `org.springframework.boot:spring-boot-dependencies` from 2.7.10 to 2.7.11 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.10...v2.7.11) Updates `org.springframework.boot:spring-boot-gradle-plugin` from 2.7.10 to 2.7.11 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.10...v2.7.11) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.boot:spring-boot-gradle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.8.3 to 4.9.0. - [Release notes](https://github.com/SeleniumHQ/selenium/releases) - [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.9.0) --- updated-dependencies: - dependency-name: org.seleniumhq.selenium:selenium-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…2299) Bumps [org.seleniumhq.selenium:selenium-http-jdk-client](https://github.com/SeleniumHQ/selenium) from 4.8.3 to 4.9.0. - [Release notes](https://github.com/SeleniumHQ/selenium/releases) - [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.9.0) --- updated-dependencies: - dependency-name: org.seleniumhq.selenium:selenium-http-jdk-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Added tests for UserInfo equals() * wrapping list in hashset for faster containsAll() * Using Set Equals instead of List ContainsAll * added test with many groups * rebase from develop add test with many roles some sonar smells in addition, but no logic change * review - rename method - add duplicates for equals check --------- Co-authored-by: Saurabh Rahate <saurabh-rahate@github.com>
|
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/185054631 The labels on this github issue will be updated when the story is started. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This was merged into 76.x and should also be in 74.5