search

jgeraigery / hadoop-555665675

Apache Hadoop
https://hadoop.apache.org/
Apache License 2.0
0 stars 0 forks source link

Update dependency net.minidev:json-smart to v2.4.9 - autoclosed #60

Closed mend-for-github-com[bot] closed 6 months ago

mend-for-github-com[bot] commented 10 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
net.minidev:json-smart (source) 2.4.2 -> 2.4.9 age adoption passing confidence

By merging this PR, the issue #28 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
High High 7.5 CVE-2021-31684
High High 7.5 CVE-2023-1370

Release Notes

netplex/json-smart-v2 (net.minidev:json-smart) ### [`v2.4.9`](https://togithub.com/netplex/json-smart-v2/releases/tag/2.4.9): V 2.4.9 [Compare Source](https://togithub.com/netplex/json-smart-v2/compare/2.4.8...2.4.9) ##### *V 2.4.9* (2023-03-07) - Add depth limit of 400 when parsing JSON. #### What's Changed - allow config init size of jsonarray and jsonobject by [@​Shoothzj](https://togithub.com/Shoothzj) in [https://github.com/netplex/json-smart-v2/pull/81](https://togithub.com/netplex/json-smart-v2/pull/81) - update asm junit5 version by [@​Shoothzj](https://togithub.com/Shoothzj) in [https://github.com/netplex/json-smart-v2/pull/82](https://togithub.com/netplex/json-smart-v2/pull/82) - enable github workflow by [@​Shoothzj](https://togithub.com/Shoothzj) in [https://github.com/netplex/json-smart-v2/pull/83](https://togithub.com/netplex/json-smart-v2/pull/83) - Bump maven-compiler-plugin from 3.8.1 to 3.10.1 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/90](https://togithub.com/netplex/json-smart-v2/pull/90) - Bump maven-javadoc-plugin from 3.2.0 to 3.4.0 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/85](https://togithub.com/netplex/json-smart-v2/pull/85) - Bump maven-javadoc-plugin from 3.2.0 to 3.4.0 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/86](https://togithub.com/netplex/json-smart-v2/pull/86) - Bump maven-jar-plugin from 3.2.0 to 3.2.2 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/89](https://togithub.com/netplex/json-smart-v2/pull/89) - Bump maven-jar-plugin from 3.2.0 to 3.2.2 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/88](https://togithub.com/netplex/json-smart-v2/pull/88) - Bump maven-release-plugin from 3.0.0-M1 to 3.0.0-M5 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/91](https://togithub.com/netplex/json-smart-v2/pull/91) - Bump maven-release-plugin from 3.0.0-M1 to 3.0.0-M5 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/93](https://togithub.com/netplex/json-smart-v2/pull/93) - Bump json-smart from 2.4.6 to 2.4.8 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/96](https://togithub.com/netplex/json-smart-v2/pull/96) - Bump maven-compiler-plugin from 3.8.1 to 3.10.1 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/94](https://togithub.com/netplex/json-smart-v2/pull/94) - Bump maven-bundle-plugin from 5.1.2 to 5.1.6 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/97](https://togithub.com/netplex/json-smart-v2/pull/97) - Bump maven-bundle-plugin from 5.1.2 to 5.1.6 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/98](https://togithub.com/netplex/json-smart-v2/pull/98) - Bump maven-release-plugin from 3.0.0-M5 to 3.0.0-M6 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/99](https://togithub.com/netplex/json-smart-v2/pull/99) - Bump maven-release-plugin from 3.0.0-M5 to 3.0.0-M6 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/100](https://togithub.com/netplex/json-smart-v2/pull/100) - Bump maven-bundle-plugin from 5.1.6 to 5.1.7 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/103](https://togithub.com/netplex/json-smart-v2/pull/103) - Bump maven-bundle-plugin from 5.1.6 to 5.1.7 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/102](https://togithub.com/netplex/json-smart-v2/pull/102) - Bump maven-resources-plugin from 3.2.0 to 3.3.0 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/104](https://togithub.com/netplex/json-smart-v2/pull/104) - Bump maven-resources-plugin from 3.2.0 to 3.3.0 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/105](https://togithub.com/netplex/json-smart-v2/pull/105) - Bump maven-bundle-plugin from 5.1.7 to 5.1.8 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/110](https://togithub.com/netplex/json-smart-v2/pull/110) - Bump maven-bundle-plugin from 5.1.7 to 5.1.8 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/111](https://togithub.com/netplex/json-smart-v2/pull/111) - Bump maven-jar-plugin from 3.2.2 to 3.3.0 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/119](https://togithub.com/netplex/json-smart-v2/pull/119) - Bump maven-jar-plugin from 3.2.2 to 3.3.0 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/118](https://togithub.com/netplex/json-smart-v2/pull/118) - Bump maven-javadoc-plugin from 3.4.0 to 3.4.1 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/117](https://togithub.com/netplex/json-smart-v2/pull/117) - Bump maven-javadoc-plugin from 3.4.0 to 3.4.1 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/116](https://togithub.com/netplex/json-smart-v2/pull/116) - Bump junit-jupiter-api from 5.8.2 to 5.9.1 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/114](https://togithub.com/netplex/json-smart-v2/pull/114) - Bump junit-jupiter-api from 5.8.2 to 5.9.1 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/113](https://togithub.com/netplex/json-smart-v2/pull/113) - Bump junit version from 5.8.2 to 5.9.1 by [@​Shoothzj](https://togithub.com/Shoothzj) in [https://github.com/netplex/json-smart-v2/pull/120](https://togithub.com/netplex/json-smart-v2/pull/120) - configure Reproducible Builds by [@​hboutemy](https://togithub.com/hboutemy) in [https://github.com/netplex/json-smart-v2/pull/101](https://togithub.com/netplex/json-smart-v2/pull/101) - Bump maven-release-plugin from 3.0.0-M6 to 3.0.0-M7 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/122](https://togithub.com/netplex/json-smart-v2/pull/122) - add copyright to pom.xml by [@​tobi5775](https://togithub.com/tobi5775) in [https://github.com/netplex/json-smart-v2/pull/125](https://togithub.com/netplex/json-smart-v2/pull/125) - Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/126](https://togithub.com/netplex/json-smart-v2/pull/126) - Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/127](https://togithub.com/netplex/json-smart-v2/pull/127) - Bump maven-compiler-plugin from 3.10.1 to 3.11.0 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/129](https://togithub.com/netplex/json-smart-v2/pull/129) - Bump maven-compiler-plugin from 3.10.1 to 3.11.0 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/128](https://togithub.com/netplex/json-smart-v2/pull/128) - Bump maven-release-plugin from 3.0.0-M6 to 3.0.0-M7 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/121](https://togithub.com/netplex/json-smart-v2/pull/121) - Bump junit.version from 5.9.1 to 5.9.2 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/123](https://togithub.com/netplex/json-smart-v2/pull/123) - Bump junit.version from 5.9.1 to 5.9.2 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/124](https://togithub.com/netplex/json-smart-v2/pull/124) - Bump maven-gpg-plugin from 1.6 to 3.0.1 in /json-smart by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/87](https://togithub.com/netplex/json-smart-v2/pull/87) - Bump maven-gpg-plugin from 1.6 to 3.0.1 in /json-smart-action by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/netplex/json-smart-v2/pull/84](https://togithub.com/netplex/json-smart-v2/pull/84) #### New Contributors - [@​hboutemy](https://togithub.com/hboutemy) made their first contribution in [https://github.com/netplex/json-smart-v2/pull/101](https://togithub.com/netplex/json-smart-v2/pull/101) - [@​tobi5775](https://togithub.com/tobi5775) made their first contribution in [https://github.com/netplex/json-smart-v2/pull/125](https://togithub.com/netplex/json-smart-v2/pull/125) **Full Changelog**: https://github.com/netplex/json-smart-v2/compare/2.4.8...2.4.9