search

cryptomator / webdav-nio-adapter

Jackrabbit-based servlets running on embedded Jetty to serve a directory specified by a java.nio.file.Path
GNU Affero General Public License v3.0
12 stars 8 forks source link

Bump the maven-dependencies group with 2 updates #53

Closed dependabot[bot] closed 8 months ago

dependabot[bot] commented 8 months ago

Bumps the maven-dependencies group with 2 updates: org.eclipse.jetty:jetty-server and org.eclipse.jetty:jetty-servlet.

Updates org.eclipse.jetty:jetty-server from 10.0.16 to 10.0.17

Release notes

Sourced from org.eclipse.jetty:jetty-server's releases.

10.0.17

Security Updates

This release addresses:

  • CVE-2023-44487

Changelog

  • #10679 - Review HTTP/2 rate control
  • #10547 - Cannot customize Executor on WebSocketClient
  • #10545 - Fixed deadlock in class initialization seen on JDK21.
  • #10511 - Allow session idle timeout to be configured on authentication.
  • #10473 - Startup Script reports ok too fast, and doesn't wait for actual start of Jetty
  • #10365 - Cleanup of start properties usages in jetty-10.0.x
Commits
  • af15f12 Updating to version 10.0.17
  • f8b7f48 Merge remote-tracking branch 'origin/fix/10.0.x/rollback-jdk21-requirement' i...
  • 67b0778 Issue #9777 - CrossOriginFilter does not return Vary header on no-cors mode.
  • dbb9451 Fixes #10679 - Review HTTP/2 rate control. (#10681)
  • 4670d3e Rollback JDK21 requirements during Compile + Jar creation.
  • 90fdd42 Update details on how to include dependabot PRs in a release (#10659)
  • a22174c Merge pull request #10632 from eclipse/dependabot/maven/jetty-10.0.x/org.apac...
  • 9c012d1 Merge pull request #10631 from eclipse/dependabot/maven/jetty-10.0.x/maven.re...
  • 0d730aa Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.0 to 3.4.1
  • b5ecca2 Bump maven.resolver.version from 1.9.15 to 1.9.16
  • Additional commits viewable in compare view


Updates org.eclipse.jetty:jetty-servlet from 10.0.16 to 10.0.17

Release notes

Sourced from org.eclipse.jetty:jetty-servlet's releases.

10.0.17

Security Updates

This release addresses:

  • CVE-2023-44487

Changelog

  • #10679 - Review HTTP/2 rate control
  • #10547 - Cannot customize Executor on WebSocketClient
  • #10545 - Fixed deadlock in class initialization seen on JDK21.
  • #10511 - Allow session idle timeout to be configured on authentication.
  • #10473 - Startup Script reports ok too fast, and doesn't wait for actual start of Jetty
  • #10365 - Cleanup of start properties usages in jetty-10.0.x
Commits
  • af15f12 Updating to version 10.0.17
  • f8b7f48 Merge remote-tracking branch 'origin/fix/10.0.x/rollback-jdk21-requirement' i...
  • 67b0778 Issue #9777 - CrossOriginFilter does not return Vary header on no-cors mode.
  • dbb9451 Fixes #10679 - Review HTTP/2 rate control. (#10681)
  • 4670d3e Rollback JDK21 requirements during Compile + Jar creation.
  • 90fdd42 Update details on how to include dependabot PRs in a release (#10659)
  • a22174c Merge pull request #10632 from eclipse/dependabot/maven/jetty-10.0.x/org.apac...
  • 9c012d1 Merge pull request #10631 from eclipse/dependabot/maven/jetty-10.0.x/maven.re...
  • 0d730aa Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.0 to 3.4.1
  • b5ecca2 Bump maven.resolver.version from 1.9.15 to 1.9.16
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
overheadhunter commented 8 months ago

@dependabot squash and merge