Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the build-dependencies group across 1 directory with 3 updates #43

Closed
wants to merge 21 commits into from
Closed

Bump the build-dependencies group across 1 directory with 3 updates #43

wants to merge 21 commits into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 21, 2024
edited
Loading

Bumps the build-dependencies group with 3 updates in the / directory: org.springframework:spring-expression, org.asciidoctor:asciidoctorj and org.codehaus.mojo:build-helper-maven-plugin.

Updates org.springframework:spring-expression from 6.1.6 to 6.1.7

Release notes

Sourced from org.springframework:spring-expression's releases.

v6.1.7

⭐ New Features

  • ResponseEntity is not reliably closed with InputStreamResource #32802
  • Accept ajc-compiled @Aspect classes for Spring AOP proxy usage #32793
  • Failure to process a bean definition ahead-of-time with an instance supplier should provide more contextual information #32775
  • Provide methods to unambiguously send form data with MockMvc #32757
  • Introduce NoOp implementation for ResponseErrorHandler #32750
  • Support varargs invocations in SpEL for varargs array subtype #32704
  • StreamUtils.copyRange overreads source stream in some cases #32695
  • Modify error message when timeout is less than TIMEOUT_DEFAULT #32635
  • Jetty HttpConnections not closed with SSE on Jetty 12.0.7+ when clients close the connection #32629
  • Prevent duplicate subscription ID's in destinationCache of DefaultSubscriptionRegistry #32625
  • When retrieval of a LoadTimeWeaverAware bean fails the resulting exception message may not indicate why it was being created #32470

🐞 Bug Fixes

  • Do not send Cookie header in reactive JdkClientHttpRequest if no cookies added #32799
  • Inconsistent use of cleaned URLs in PathMatchingResourcePatternResolver #32828
  • DeferredQueryInvocationHandler fails to unwrap QuerySqmImpl class outside of transaction #32766
  • BindingReflectionHintsRegistrar#registerReflectionHints can be invoked with a null type #32753
  • AnnotationConfigWebApplicationContext should propagate ApplicationStartup to BeanFactory #32747
  • Ignore non-String keys in PropertiesPropertySource.getPropertyNames() #32742
  • MergedAnnotations search does not find container for repeatable annotation #32731
  • "multiple subscribers not supported" when using WebClient exchange #32727
  • ConfigurationClassEnhancer should consistently trigger FastClass creation at build-time #32682
  • HttpComponentsClientHttpRequestFactory does not set Content-Length: 0 #32678
  • Wrong proxy generation order during AOT for classes with ScopedProxyMode.TARGET\_CLASS and advisors #32669
  • Unhandled JMS listener exceptions are not propagated #32666
  • beanFactory#getBean with arguments ignore them if an Instance supplier is defined #32657
  • Incorrect AsyncRequestTimeoutException handling in ResponseEntityExceptionHandler #32644
  • Include actual cause's message in various parsing exception messages #32636
  • Configuration class with Bean factory method on an interface generates wrong target with AOT #32609
  • RestClient observations are stopped before ResponseSpec calls #32575
  • MvcUriComponentsBuilder.fromMethodName does not pick the annotated method transparently #32553
  • Deadlock/Stall in ConcurrentWebSocketSessionDecorator with Undertow 2.3.10 #32445
  • RSocket setup payload can cause Netty ByteBuf leak #32424
  • WebFlux temporary file not always deleted with parallel uploads. #31217

📔 Documentation

  • Replace RFC 7807 by RFC 9457 in documentation #32806
  • Links to Framework and Servlet Javadoc from Framework's Kotlin API documentation are broken #32797
  • Fix incorrect class reference syntax in Kotlin code sample #32733
  • Improve documentation advising against use of HandlerInterceptor for security #32729
  • Inconsistent behaviour on transactional async method #32709
  • Document that getBean with arguments is not recommended with AOT #32690
  • Provide an example of custom request URL with RestClient in the reference guide #32685
  • Correct documentation on streaming with MockMvcWebTestClient #32687
  • Document limitations of CGLIB proxy class generation in JPMS module setups #32671

... (truncated)

Commits
  • 5d6f2c8 Release v6.1.7
  • 010e8a3 Polishing contribution
  • 78549d4 Fix cookie management in reactive JdkClientHttpRequest
  • e4e6910 Polishing
  • 2270df5 Enforce cleaned URL for root resource from ClassLoader
  • 70886e3 Upgrade to Reactor 2023.0.6
  • e509385 Add InputStreamResource(InputStreamSource) constructor for lambda expressions
  • b7aafda Polishing
  • a89a88d Upgrade to Micrometer 1.12.6
  • c6b6ccd Close ResponseBodyEmitter in case of write errors
  • Additional commits viewable in compare view

Updates org.asciidoctor:asciidoctorj from 2.5.12 to 2.5.13

Release notes

Sourced from org.asciidoctor:asciidoctorj's releases.

v2.5.13

Improvements:

  • Upgrade to asciidoctor 2.0.23 (#1272)
  • Upgrade to asciidoctorj-epub3 2.1.3 (#1272)
  • Upgrade to JRuby 9.4.7.0 (#1272)

Bug Fixes:

Changelog

Sourced from org.asciidoctor:asciidoctorj's changelog.

== 2.5.13 (2024-05-19)

Improvement::

  • Upgrade to asciidoctor 2.0.23 (#1272)
  • Upgrade to asciidoctorj-epub3 2.1.3 (#1272)
  • Upgrade to JRuby 9.4.7.0 (#1272)

Bug Fixes::

Commits

Updates org.codehaus.mojo:build-helper-maven-plugin from 3.5.0 to 3.6.0

Release notes

Sourced from org.codehaus.mojo:build-helper-maven-plugin's releases.

3.6.0

Changes

🚀 New features and improvements

📦 Dependency updates

👻 Maintenance

🔧 Build

Commits
  • 3333454 [maven-release-plugin] prepare release 3.6.0
  • 05ee2cb Delete link to remove-project-artifact as is deprecated
  • a4190d2 Cleanups dependencies
  • b99f6be Remove public modifiers from JUnit 5 tests
  • f21a027 Add me as developer
  • 211d4b9 Delete example about remove-project-artifact as is deprecated
  • 27ab334 Deprecate remove-project-artifact goal
  • 8a4c7c4 Bump org.codehaus.mojo:mojo-parent from 81 to 82
  • 57f5480 Bump org.codehaus.mojo:mojo-parent from 78 to 81 (#204)
  • c09d779 Use shared action for release drafter
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

marko-bekhta and others added 21 commits May 15, 2024 09:05
@marko-bekhta
Make use of a simple test appender
b3f3f2c 
- instead of relying on a one from the test-jar that is not there anymore with the newer versions of log4j
@marko-bekhta
Address checkstyle issues
3fb8a3f
@marko-bekhta
Update Test policy for a Security Manager
81f24a4
@marko-bekhta
Use a version of Wildfly core that does not fail applying the patch
1f9463b
@marko-bekhta
Update asciidoctor configuration and theme
c2722e6
@marko-bekhta
Don't use filtering on theme-copy
0d182b6 
as it leads to build errors
@marko-bekhta
Update javadoc build parameters
f8030e8
@dependabot @marko-bekhta
Bump org.glassfish:javax.el from 3.0.1-b11 to 3.0.1-b12
342cf6a 
Bumps [org.glassfish:javax.el](https://github.com/javaee/uel-ri) from 3.0.1-b11 to 3.0.1-b12.
- [Commits](javaee/uel-ri@javax.el-3.0.1-b11...javax.el-3.0.1-b12)

---
updated-dependencies:
- dependency-name: org.glassfish:javax.el
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @marko-bekhta
Bump org.openjfx:javafx-base from 11.0.2 to 22
19b308f 
Bumps org.openjfx:javafx-base from 11.0.2 to 22.

---
updated-dependencies:
- dependency-name: org.openjfx:javafx-base
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @marko-bekhta
Bump joda-time:joda-time from 2.9.7 to 2.12.7
edb0328 
Bumps [joda-time:joda-time](https://github.com/JodaOrg/joda-time) from 2.9.7 to 2.12.7.
- [Release notes](https://github.com/JodaOrg/joda-time/releases)
- [Changelog](https://github.com/JodaOrg/joda-time/blob/main/RELEASE-NOTES.txt)
- [Commits](JodaOrg/joda-time@v2.9.7...v2.12.7)

---
updated-dependencies:
- dependency-name: joda-time:joda-time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @marko-bekhta
Bump org.jboss.logging:jboss-logging from 3.4.3.Final to 3.5.3.Final
2f4916b 
Bumps [org.jboss.logging:jboss-logging](https://github.com/jboss-logging/jboss-logging) from 3.4.3.Final to 3.5.3.Final.
- [Release notes](https://github.com/jboss-logging/jboss-logging/releases)
- [Commits](jboss-logging/jboss-logging@3.4.3.Final...3.5.3.Final)

---
updated-dependencies:
- dependency-name: org.jboss.logging:jboss-logging
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @marko-bekhta
Bump com.fasterxml:classmate from 1.5.1 to 1.7.0
09cc300 
Bumps [com.fasterxml:classmate](https://github.com/FasterXML/java-classmate) from 1.5.1 to 1.7.0.
- [Commits](FasterXML/java-classmate@classmate-1.5.1...classmate-1.7.0)

---
updated-dependencies:
- dependency-name: com.fasterxml:classmate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @marko-bekhta
Bump javax.money:money-api from 1.0.1 to 1.1
b89ed41 
Bumps [javax.money:money-api](https://github.com/JavaMoney/jsr354-api) from 1.0.1 to 1.1.
- [Release notes](https://github.com/JavaMoney/jsr354-api/releases)
- [Commits](JavaMoney/jsr354-api@1.0.1...1.1)

---
updated-dependencies:
- dependency-name: javax.money:money-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @marko-bekhta
Bump org.openjfx:javafx-base from 11.0.2 to 22.0.1
8067ed2 
Bumps org.openjfx:javafx-base from 11.0.2 to 22.0.1.

---
updated-dependencies:
- dependency-name: org.openjfx:javafx-base
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@marko-bekhta
Update maven plugins configurations
942c1d0
@marko-bekhta
HV-1974 Upgrade to forbiddenapis 3.7
3a5129b
@marko-bekhta
Update JQAssistant configurations
b87504c
@marko-bekhta
Bump minimum maven version
0bb359e 
some plugins like asciidoctor-maven-plugin require maven 3.8.5+
@marko-bekhta
Move reduced pom from shade plugin to target directory
aee1e0f
@marko-bekhta
HV-**** Use env variable name instead of the passphrase in GPG config…
9d82106 
…uration
@dependabot
---
6d8d443 
updated-dependencies:
- dependency-name: org.springframework:spring-expression
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.asciidoctor:asciidoctorj
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.codehaus.mojo:build-helper-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 21, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github May 28, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 28, 2024
@dependabot dependabot bot deleted the dependabot/maven/build-dependencies-6ff29c6371 branch May 28, 2024 07:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@marko-bekhta marko-bekhta

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@marko-bekhta