search

eu-digital-identity-wallet / eudi-srv-web-verifier-endpoint-23220-4-kt

Web application (Backend Restful service) that acts as a Verifier/RP trusted end-point.
Apache License 2.0
9 stars 11 forks source link

Bump the libs group across 1 directory with 3 updates #153

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 4 months ago

Bumps the libs group with 3 updates in the / directory: org.bouncycastle:bcpkix-jdk18on, org.springframework.boot and io.spring.dependency-management.

Updates org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1

Commits


Updates org.springframework.boot from 3.2.4 to 3.2.5

Release notes

Sourced from org.springframework.boot's releases.

v3.2.5

:lady_beetle: Bug Fixes

  • BindValidationFailureAnalyzer uses wrong target #40364
  • Log4j2LoggingSystem pollutes Log4j2's environment with a SpringEnvironmentPropertySource that is never removed #40326
  • When using Maven, configuring the spring-boot.excludes or spring-boot-includes user properties causes the build to fail with "Cannot find default setter" #40323
  • @ServletComponentScan does not register servlet components in a mock web environment #40321
  • Loading of custom deny-all filter can cause a StackOverflowError when deploying to Tomcat with Log4j2 configured to use a single JVM-wide logger context #40312
  • Jetty support doesn't set virtual thread name #40152
  • Executable JAR application startup is slower after 3.2.0 when Hibernate scanner is not disabled #40125
  • NoClassDefFoundError can be thrown from LaunchedClassLoader when threads are interrupted #40096

:notebook_with_decorative_cover: Documentation

  • Producible's javadoc has the wrong link text for @WriteOperation and @DeleteOperation #40386
  • Clarify requirements for -parameters and constructor binding #40157

:hammer: Dependency Upgrades

  • Upgrade to ActiveMQ 5.18.4 #40394
  • Upgrade to AspectJ 1.9.22 #40293
  • Upgrade to Awaitility 4.2.1 #40294
  • Upgrade to Byte Buddy 1.14.13 #40295
  • Upgrade to Groovy 4.0.21 #40296
  • Upgrade to Hazelcast 5.3.7 #40297
  • Upgrade to Jakarta Json Bind 3.0.1 #40298
  • Upgrade to Jersey 3.1.6 #40299
  • Upgrade to Jetty 12.0.8 #40300
  • Upgrade to jOOQ 3.18.14 #40301
  • Upgrade to Json-smart 2.5.1 #40302
  • Upgrade to Kafka 3.6.2 #40303
  • Upgrade to Lombok 1.18.32 #40304
  • Upgrade to Maven Invoker Plugin 3.6.1 #40305
  • Upgrade to Maven Source Plugin 3.3.1 #40306
  • Upgrade to Micrometer 1.12.5 #40207
  • Upgrade to Micrometer Tracing 1.2.5 #40208
  • Upgrade to MongoDB 4.11.2 #40307
  • Upgrade to Neo4j Java Driver 5.19.0 #40218
  • Upgrade to Netty 4.1.109.Final #40395
  • Upgrade to Pulsar Reactive 0.5.4 #40396
  • Upgrade to R2DBC Postgresql 1.0.5.RELEASE #40309
  • Upgrade to Reactor Bom 2023.0.5 #40209
  • Upgrade to SLF4J 2.0.13 #40397
  • Upgrade to Spring AMQP 3.1.4 #40210
  • Upgrade to Spring Authorization Server 1.2.4 #40211
  • Upgrade to Spring Data Bom 2023.1.5 #40212
  • Upgrade to Spring Framework 6.1.6 #40213
  • Upgrade to Spring GraphQL 1.2.6 #40310
  • Upgrade to Spring HATEOAS 2.2.2 #40376
  • Upgrade to Spring Integration 6.2.4 #40214

... (truncated)

Commits
  • b3a160d Release v3.2.5
  • f5b51ab Merge branch '3.1.x' into 3.2.x
  • 6b44072 Remove dependency on the git ref when creating releases
  • b13d006 Fix action that publishes to SDKman
  • f84a263 Merge branch '3.1.x' into 3.2.x
  • 56b59cd Fix action that publishes the Gradle plugin
  • 9a28ae1 Merge branch '3.1.x' into 3.2.x
  • 18ada7c Next development version (v3.1.12-SNAPSHOT)
  • 816b9b9 Merge branch '3.1.x' into 3.2.x
  • 8a22108 Use the version not the tag when creating the build name
  • Additional commits viewable in compare view


Updates io.spring.dependency-management from 1.1.4 to 1.1.5

Release notes

Sourced from io.spring.dependency-management's releases.

v1.1.5

:lady_beetle: Bug Fixes

  • When a dependency has been substituted by changing its target, its version is managed based on its original group and artifact IDs #383
  • Plugin triggers a deprecation warning for LenientConfiguration#getArtifacts(Spec) with Gradle 8.8 #381
  • Exclusions are calculated unnecessarily for non-transitive configurations #372

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​fp7

Commits
  • b3f62a0 Release v1.1.5
  • 70f3e08 Release from GitHub Actions
  • b5ed22b Correct the value of build-name when deploying to Artifactory
  • 029d266 Specify the shell for build and publish step
  • 2ddde6f Prepare snapshot workflow for addition of release workflow
  • 6cc618e Enable linting and treat warnings as errors
  • 7a56eaa Broaden Gradle version compatibility testing
  • 63c2738 Upgrade to Gradle 7.6.4
  • 2ed89ef Upgrade to Gradle Enterprise Conventions 0.0.17
  • 0676dc0 Merge pull request #372 from fp7
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 3 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.