search

vaadin / framework

Vaadin 6, 7, 8 is a Java framework for modern Java web applications.
http://vaadin.com/
Other
1.77k stars 729 forks source link

Bump jetty-webapp from 9.4.43.v20210629 to 9.4.44.v20210927 #12537

Open dependabot[bot] opened 2 years ago

dependabot[bot] commented 2 years ago

Bumps jetty-webapp from 9.4.43.v20210629 to 9.4.44.v20210927.

Release notes

Sourced from jetty-webapp's releases.

9.4.44.v20210927

Changelog

  • #6883 - Welcome file redirects do not honor the relativeRedirectAllowed option
  • #6870 - Encode control characters in URIUtil.encodePath
  • #6869 - Correct Content-Type within HTML error pages
  • #6860 - IPv6 format
  • #6652 - Improve ReservedThreadExecutor dump
  • #6618 - ID token azp claim should not be required if aud is single value array
  • #6617 - Add basic auth support for OpenId token endpoint (client_secret_basic)
  • #6603 - HTTP/2 max local stream count exceeded
  • #6562 - HttpOutput.write(ByteBuffer buffer)
  • #6558 - Allow to configure return type in JSON array parsing
  • #6554 - Allow creation of DefaultIdentityService without realmName.
  • #6553 - Review usage of Authentication.UNAUTHENTICATED in SecurityHandler
  • #6535 - Non blocking ReservedThreadExecutor
  • #6520 - Error page has HTML error when writePoweredBy is enabled.
  • #6487 - Expose ServletHolder getter in ServletHandler$ChainEnd for auditing libraries to use

Updated Dependencies

  • #6922 - Bump hawtio-default from 2.13.5 to 2.14.0
  • #6919 - Bump jamon.version from 2.81 to 2.82
  • #6906 - Bump google-cloud-datastore from 2.1.0 to 2.1.2
  • #6903 - Bump grpc-core from 1.40.1 to 1.41.0
  • #6865 - Bump jnr-unixsocket from 0.38.10 to 0.38.11
  • #6858 - Bump guice from 4.2.2 to 5.0.1
  • #6857 - Bump org.eclipse.osgi.services from 3.10.100 to 3.10.200
  • #6847 - Bump org.eclipse.osgi.util from 3.6.0 to 3.6.100
  • #6841 - Bump org.eclipse.osgi from 3.16.300 to 3.17.0
  • #6816 - Bump mariadb-java-client from 2.7.0 to 2.7.4
  • #6786 - Bump org.eclipse.osgi from 3.16.0 to 3.16.300
  • #6772 - Update to asm 9.2
  • #6746 - Bump hazelcast.version from 3.12.10 to 3.12.12
  • #6739 - Bump jmh.version from 1.26 to 1.33
  • #6671 - Update to apache jsp 8.5.70
Commits
  • 8da8330 Updating to version 9.4.44.v20210927
  • 1d542be Issue #6558 - Allow configuring return type in JSON array parsing.
  • 992f9a5 Merge pull request #6922 from eclipse/dependabot/maven/jetty-9.4.x/io.hawt-ha...
  • 855b753 Merge pull request #6919 from eclipse/dependabot/maven/jetty-9.4.x/jamon.vers...
  • 4cc0af9 Bump hawtio-default from 2.13.5 to 2.14.0
  • 4dfbf72 Bump jamon.version from 2.81 to 2.82
  • b286497 Issue #3514 backport of mod files filtering (#6897)
  • 9b47247 Merge pull request #6906 from eclipse/dependabot/maven/jetty-9.4.x/com.google...
  • 7791a92 Merge pull request #6903 from eclipse/dependabot/maven/jetty-9.4.x/io.grpc-gr...
  • 84a9b30 Merge pull request #6898 from eclipse/dependabot/maven/jetty-9.4.x/junit.vers...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vaadin/framework/network/alerts).