Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): override frontend-plugin-core dependencies #11732

Merged
merged 1 commit into from
Sep 3, 2021
Merged

chore(deps): override frontend-plugin-core dependencies #11732

merged 1 commit into from
Sep 3, 2021

Conversation

fluorumlabs
Copy link
Contributor

@fluorumlabs fluorumlabs commented Sep 2, 2021
edited

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions

@mshabarov mshabarov merged commit 38d83da into master Sep 3, 2021
@mshabarov mshabarov deleted the override-frontend-plugin-core-deps branch September 3, 2021 11:33
fluorumlabs added a commit that referenced this pull request Sep 3, 2021
@fluorumlabs
chore(deps): Override frontend-plugin-core dependencies (#11732)
3b57c2d 
This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.
fluorumlabs added a commit that referenced this pull request Sep 6, 2021
@fluorumlabs @dependabot
chore(deps): bump swagger-codegen to 3.0.27 (#11743)
1bf109c 
* Bump swagger-codegen to 3.0.27

* Fix formatting

* Fix formatting

* chore(deps): bump jetty.version (#11722)

Bumps `jetty.version` from 9.4.27.v20200227 to 9.4.43.v20210629.

Updates `jetty-maven-plugin` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-webapp` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `jetty-continuation` from 9.4.27.v20200227 to 9.4.43.v20210629

Updates `jetty-annotations` from 9.4.27.v20200227 to 9.4.43.v20210629
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.27.v20200227...jetty-9.4.43.v20210629)

Updates `websocket-server` from 9.4.27.v20200227 to 9.4.43.v20210629

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-continuation
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.websocket:websocket-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-clean-plugin from 3.0.0 to 3.1.0 (#11728)

Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-clean-plugin/releases)
- [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.0.0...maven-clean-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump equalsverifier from 3.0 to 3.7.1 (#11723)

Bumps [equalsverifier](https://github.com/jqno/equalsverifier) from 3.0 to 3.7.1.
- [Release notes](https://github.com/jqno/equalsverifier/releases)
- [Changelog](https://github.com/jqno/equalsverifier/blob/main/CHANGELOG.md)
- [Commits](jqno/equalsverifier@equalsverifier-3.0...equalsverifier-3.7.1)

---
updated-dependencies:
- dependency-name: nl.jqno.equalsverifier:equalsverifier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-enforcer-plugin from 1.4.1 to 3.0.0 (#11724)

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 1.4.1 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-1.4.1...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump exec-maven-plugin from 1.6.0 to 3.0.0 (#11727)

Bumps [exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-1.6.0...exec-maven-plugin-3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump maven-dependency-plugin from 2.8 to 3.2.0 (#11738)

Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 2.8 to 3.2.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-2.8...maven-dependency-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump validation-api from 2.0.0.Final to 2.0.1.Final (#11735)

Bumps [validation-api](https://github.com/beanvalidation/beanvalidation-api) from 2.0.0.Final to 2.0.1.Final.
- [Release notes](https://github.com/beanvalidation/beanvalidation-api/releases)
- [Commits](jakartaee/validation@2.0.0.Final...2.0.1.Final)

---
updated-dependencies:
- dependency-name: javax.validation:validation-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump hsqldb from 2.2.6 to 2.6.0 (#11737)

Bumps hsqldb from 2.2.6 to 2.6.0.

---
updated-dependencies:
- dependency-name: org.hsqldb:hsqldb
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump mockito-core from 3.10.0 to 3.12.4 (#11733)

Bumps [mockito-core](https://github.com/mockito/mockito) from 3.10.0 to 3.12.4.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.10.0...v3.12.4)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: organize dependency versions and update vulnerable jackson-databind version for fusion-endpoint (#11659)

* Organize dependency versions

* Retrigger validation

* Update tests to reflect changes in FasterXML/jackson-databind#2643

* chore(deps): Override frontend-plugin-core dependencies (#11732)

This overrides outdated and vulnerable jackson-databind and httpclient with a more recent yet compatible versions.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mshabarov mshabarov mshabarov approved these changes

Assignees
No one assigned
Labels
+0.0.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@fluorumlabs @mshabarov @vaadin-bot