search

graphql-java-kickstart / graphql-java-servlet

Servlet endpoint for GraphQL Java
https://www.graphql-java-kickstart.com/servlet/
Other
223 stars 114 forks source link

chore(deps): update all non-major dependencies #527

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.sonarqube 4.0.0.2929 -> 4.2.1.3168 age adoption passing confidence
com.fasterxml.jackson.core:jackson-databind (source) 2.15.1 -> 2.15.2 age adoption passing confidence
com.fasterxml.jackson.datatype:jackson-datatype-jdk8 2.15.1 -> 2.15.2 age adoption passing confidence
com.fasterxml.jackson.core:jackson-annotations (source) 2.15.1 -> 2.15.2 age adoption passing confidence
com.fasterxml.jackson.core:jackson-core 2.15.1 -> 2.15.2 age adoption passing confidence
com.graphql-java:graphql-java 20.2 -> 20.4 age adoption passing confidence

Release Notes

graphql-java/graphql-java ### [`v20.4`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.4): 20.4 This is a special release with only one commit: updating the version of Guava to 32.0.0 to address CVE-2023-2976. graphql-java shades in selected classes of Guava. Although this library does not use any of the code described in the CVE, we received reports in [#​3239](https://togithub.com/graphql-java/graphql-java/issues/3239) that the Guava POM inside the jar was incorrectly triggering security scanners. We'd prefer to keep those security scanners happy and upgrade the Guava version. #### What's Changed - Update Guava version for v20 by [@​dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3245](https://togithub.com/graphql-java/graphql-java/pull/3245) **Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.3...v20.4 ### [`v20.3`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.3): 20.3 This is a special release with only one commit: reverting stricter `parseValue` scalar coercion. It is a backport of [https://github.com/graphql-java/graphql-java/pull/3186](https://togithub.com/graphql-java/graphql-java/pull/3186) We received feedback that the stricter coercion was difficult without a migration pathway. The next release will include an input interceptor to enable monitoring and/or custom modification of inputs. #### What's Changed - Add backport of scalar coercion reversion PR [#​3186](https://togithub.com/graphql-java/graphql-java/issues/3186) by [@​dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3230](https://togithub.com/graphql-java/graphql-java/pull/3230) **Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.2...v20.3

Configuration

šŸ“… Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

šŸš¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.

ā™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

šŸ‘» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information