Skip to content

build(deps-dev): bump io.micronaut:micronaut-http-client from 4.8.3 to 4.10.24 in /bolt-micronaut#1620

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/maven/bolt-micronaut/io.micronaut-micronaut-http-client-4.10.24
Jul 10, 2026
Merged

build(deps-dev): bump io.micronaut:micronaut-http-client from 4.8.3 to 4.10.24 in /bolt-micronaut#1620
github-actions[bot] merged 1 commit into
mainfrom
dependabot/maven/bolt-micronaut/io.micronaut-micronaut-http-client-4.10.24

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps io.micronaut:micronaut-http-client from 4.8.3 to 4.10.24.

Release notes

Sourced from io.micronaut:micronaut-http-client's releases.

Micronaut Core 4.10.24

What's Changed

🚨 Security

Fixes for security advisories:

Bug Fixes 🐞

New Contributors

Full Changelog: micronaut-projects/micronaut-core@v4.10.23...v4.10.24

Micronaut Core 4.10.23

What's Changed

Bug Fixes 🐞

Other Changes 💡

Full Changelog: micronaut-projects/micronaut-core@v4.10.22...v4.10.23

Micronaut Core 4.10.22

What's Changed

Security 👮🏻‍♂️🚨

This release contains fixes for these two security advisories: *Unbounded formattersCache in TimeConverterRegistrar Allows Memory Exhaustion via Accept-Language Header *Unbounded bundleCache in ResourceBundleMessageSource Allows Memory Exhaustion via Accept-Language Header

Other Changes 💡

New Contributors

Full Changelog: micronaut-projects/micronaut-core@v4.10.21...v4.10.22

... (truncated)

Commits
  • 29fc8f3 [skip ci] Release v4.10.24
  • 70cab4b Avoid forwarding sensitive headers on cross-origin redirects
  • f1dffff Add configurable HTTP client redirect limit
  • 98ad6b1 Fix IllegalArgumentException when synthesizing bootstrap-loaded annotations l...
  • c2b2274 chore: Bump version to 4.10.24-SNAPSHOT
  • 86880d4 [skip ci] Release v4.10.23
  • 72b40df Fix full body subscribers on 4.10.x (#12646)
  • e83c259 Update Netty to 4.2.13.Final (#12662)
  • 074f5f2 Fix HTTP server TCK on 4.10.x (#12645)
  • d807b54 chore: Bump version to 4.10.23-SNAPSHOT
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [io.micronaut:micronaut-http-client](https://github.com/micronaut-projects/micronaut-core) from 4.8.3 to 4.10.24.
- [Release notes](https://github.com/micronaut-projects/micronaut-core/releases)
- [Changelog](https://github.com/micronaut-projects/micronaut-core/blob/5.2.x/RELEASE.adoc)
- [Commits](micronaut-projects/micronaut-core@v4.8.3...v4.10.24)

---
updated-dependencies:
- dependency-name: io.micronaut:micronaut-http-client
  dependency-version: 4.10.24
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java This is a label that @dependabot automatically creates. We don't use it. labels Jul 10, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 10, 2026 18:56
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java This is a label that @dependabot automatically creates. We don't use it. labels Jul 10, 2026
@github-actions github-actions Bot enabled auto-merge (squash) July 10, 2026 18:56
@codecov

codecov Bot commented Jul 10, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.33%. Comparing base (4d86807) to head (c557fa1).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@             Coverage Diff              @@
##               main    #1620      +/-   ##
============================================
+ Coverage     73.30%   73.33%   +0.02%     
- Complexity     4518     4521       +3     
============================================
  Files           478      478              
  Lines         14300    14300              
  Branches       1490     1490              
============================================
+ Hits          10483    10487       +4     
+ Misses         2925     2922       -3     
+ Partials        892      891       -1     
Flag Coverage Δ
jdk-14 73.33% <ø> (+0.02%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

@github-actions github-actions Bot merged commit 6d52db3 into main Jul 10, 2026
7 checks passed
@github-actions github-actions Bot deleted the dependabot/maven/bolt-micronaut/io.micronaut-micronaut-http-client-4.10.24 branch July 10, 2026 19:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java This is a label that @dependabot automatically creates. We don't use it.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants