Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Bump json-path to a version 2.9.0 #216

Merged
merged 1 commit into from
Feb 29, 2024
Merged

chore(deps): Bump json-path to a version 2.9.0 #216

merged 1 commit into from
Feb 29, 2024

Conversation

venetrius
Copy link
Member

@venetrius venetrius added dependencies Pull requests that update a dependency file bot:java-dependency-check When assigned to a PR, generates SBOMs for the PR and base branch and compares them. labels Feb 27, 2024
@venetrius venetrius self-assigned this Feb 27, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 27, 2024
edited by venetrius
Loading

Java dependency diff

🔄 camunda-spin-root: 1.23.0-SNAPSHOT => 1.23.0-SNAPSHOT  
 ├─ 🔄 camunda-spin-dataformat-json-jackson: 1.23.0-SNAPSHOT => 1.23.0-SNAPSHOT  
 │   └─ ⬆ json-path: 2.8.0 ✔ => 2.9.0 ✔  
 │       └─ ⬆ json-smart: 2.4.10 ✔ => 2.5.0 ✔  
 │           └─ ⬆ accessors-smart: 2.4.9 ✔ => 2.5.0 ✔  
 └─ 🔄 camunda-spin-dataformat-all: 1.23.0-SNAPSHOT => 1.23.0-SNAPSHOT  
     └─ 🔄 camunda-spin-dataformat-json-jackson: 1.23.0-SNAPSHOT => 1.23.0-SNAPSHOT  
         └─ (Repeating subtree omitted)

Module details

accessors-smart:2.4.9

Declared licenses:

  • Apache-2.0 ✔

Links:

accessors-smart:2.5.0

Declared licenses:

  • Apache-2.0 ✔

Links:

json-smart:2.4.10

Declared licenses:

  • Apache-2.0 ✔

Links:

json-smart:2.5.0

Declared licenses:

  • Apache-2.0 ✔

Links:

json-path:2.8.0

Declared licenses:

  • Apache-2.0 ✔

Links:

json-path:2.9.0

Declared licenses:

  • Apache-2.0 ✔

Links:

Checklist

Unique changes

Unique additions

Developer comments

Glossary

Limitations

  • The reported transitive dependencies may not always be accurate in a multi-module project.
    The SBOM file format represents a unique dependency (coordinates + type) only once. In a multi-module
    project a dependency can be declared in multiple locations with different exclusions of transitive dependencies
    or different version overrides for transitive dependencies.

Emojies

  • ✔: All licenses are on the Go list
  • ⚠: (At least one) license is on the Caution list
  • ❌: (At least one) license is on the Stop list
  • ❓: (At least one) license cannot be determined or is unknown
  • ‼: Dependency has multiple licenses declared
  • ⬆: New dependency version is higher than previous
  • ⬇: New dependency version is lower than previous
  • 🔄: Dependency version is equal and the dependencies of this component changed (e.g. when comparing snapshots)
  • 🤷: The change of the dependency version can not be determined further (e.g. because the version does not follow semantic versioning)

@venetrius
Copy link
Member Author

venetrius commented Feb 28, 2024
edited
Loading

License check:

  • json-path remains Apache 2.0.
  • json-smart remains Apache 2.0.
  • accessors-smart remains Apache 2.0.

@venetrius venetrius mentioned this pull request Feb 28, 2024
Closed
1 task
yanavasileva
yanavasileva approved these changes Feb 28, 2024
View reviewed changes
Copy link
Member

@yanavasileva yanavasileva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Looks good.

@venetrius venetrius merged commit 793b407 into master Feb 29, 2024
5 checks passed
@venetrius venetrius deleted the 4052-Bump-json-path-to-2_9_0 branch February 29, 2024 09:58
venetrius added a commit that referenced this pull request Feb 29, 2024
@venetrius
chore(deps): Bump json-path to a version 2.9.0 (#216)
b09558f 
Related to: camunda/camunda-bpm-platform/issues/4052
venetrius added a commit that referenced this pull request Feb 29, 2024
@venetrius
chore(deps): Bump json-path to a version 2.9.0 (#216)
b843663 
Related to: camunda/camunda-bpm-platform/issues/4052
venetrius added a commit that referenced this pull request Feb 29, 2024
@venetrius
chore(deps): Bump json-path to a version 2.9.0 (#216)
aa44dd8 
Related to: camunda/camunda-bpm-platform/issues/4052
@venetrius venetrius mentioned this pull request Mar 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yanavasileva yanavasileva yanavasileva approved these changes

Assignees

@venetrius venetrius

Labels
bot:java-dependency-check When assigned to a PR, generates SBOMs for the PR and base branch and compares them. dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@venetrius @yanavasileva