search

mojohaus / appassembler

https://www.mojohaus.org/appassembler/
MIT License
93 stars 49 forks source link

Bump jetty-server from 8.1.4.v20120524 to 9.4.51.v20230217 in /appassembler-examples/appassembler-example-jsw #186

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 1 year ago

Bumps jetty-server from 8.1.4.v20120524 to 9.4.51.v20230217.

Release notes

Sourced from jetty-server's releases.

9.4.51.v20230217

Sponsored Release

This is a release of the End of Community Support Jetty 9.x series that was sponsored by a support contract from Webtide.com

Changelog

  • #9352 - Update / Fix CookieCutter
  • #9345 - Backport Multipart Fix for CVE-2023-26048
  • #9352 - Backport Cookie Parsing Fix for CVE-2023-26049

Dependencies

  • #9269 - Bump ant.version to 1.10.13
  • #9370 - Bump asciidoctorj-diagram to 2.2.4
  • #9364 - Bump eclipse-jarsigner-plugin to 1.4.2
  • #9251 - Bump infinispan.version to 11.0.17.Final
  • #9247 - Bump maven-checkstyle-plugin to 3.2.1
  • #9267 - Bump maven-dependency-plugin to 3.5.0
  • #9365 - Bump maven-deploy-plugin to 3.1.0
  • #9252 - Bump maven-enforcer-plugin to 3.2.1
  • #9363 - Bump maven-invoker-plugin to 3.5.0
  • #9266 - Bump maven-plugin-plugin to 3.7.1
  • #9263 - Bump maven.plugin-tools.version to 3.7.1
  • #9256 - Bump maven.resolver.version to 1.9.4
  • #9368 - Bump maven.surefire.plugin.version to 3.0.0-M9
  • #9362 - Bump maven.version to 3.9.0
  • #9100 - Bump org.apache.aries.spifly.dynamic.bundle to 1.3.6
  • #9103 - Bump org.eclipse.osgi to 3.18.200
  • #9110 - Bump org.eclipse.osgi.services to 3.11.100
  • #9262 - Bump spring-beans to 5.3.25

9.4.50.v20221201

Sponsored Release

This is a release of the End of Community Support Jetty 9.x series that was sponsored by a support contract from Webtide.com

Changelog

  • #8774 - Added SizeLimitHandler
  • #8678 - Jetty client is not responding to GO_AWAY packet received from (Jetty) Server and continue to send traffic on same connection

Dependencies

  • #8826 - Bump infinispan to 11.0.16.Final
  • #8847 - Bump jboss-logmanager to 2.1.19.Final
  • #8849 - Bump jboss-threads to 3.5.0.Final
  • #8961 - Bump jnr-constants to 0.10.4
  • #8951 - Bump protostream to 4.4.4.Final

... (truncated)

Commits
  • b45c405 Updating to version 9.4.51.v20230217
  • 3beaa81 Merge pull request #9368 from eclipse/dependabot/maven/jetty-9.4.x/maven.sure...
  • d382683 Merge pull request #9370 from eclipse/dependabot/maven/jetty-9.4.x/org.asciid...
  • d52d133 Bump maven.surefire.plugin.version from 3.0.0-M8 to 3.0.0-M9
  • 1bc959a Merge pull request #9365 from eclipse/dependabot/maven/jetty-9.4.x/org.apache...
  • 08c89c7 Merge pull request #9364 from eclipse/dependabot/maven/jetty-9.4.x/org.eclips...
  • 2a30aca Merge pull request #9363 from eclipse/dependabot/maven/jetty-9.4.x/org.apache...
  • 6ab783d Merge pull request #9362 from eclipse/dependabot/maven/jetty-9.4.x/maven.vers...
  • 722781d Issue #9181 NPE in SessionHandler (#9346)
  • 922b84b Bump asciidoctorj-diagram from 2.2.3 to 2.2.4
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mojohaus/appassembler/network/alerts).
dependabot[bot] commented 6 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.