Encode values properly when rendering HTML pages #1533
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 tasks
juherr
approved these changes
Aug 4, 2024
goekay
deleted the
1532-encode-values-properly-when-rendering-html-pages
branch
faculoyarte
pushed a commit
to faculoyarte/steve
that referenced
this pull request
Sep 4, 2024
* use html encoder on page: chagepointDetails (steve-community#1532) * use html encoder on page: transactions (steve-community#1532) * use html encoder on page: transactionDetails (steve-community#1532) * use html encoder on page: ocppTags (steve-community#1532) * use html encoder on page: connectorStatus (steve-community#1532) * use html encoder on page: GetConfigurationResponse (steve-community#1532) * use html encoder on page: taskResult (steve-community#1532)
dakai-wei-of-shizen
added a commit
to shizen-connect/steve-forked
that referenced
this pull request
Nov 5, 2024
* Extract tag authorization in a dedicated service * Provide location for tag status * adding DB migration Baselinescript * Baseline-script: insert default data into settings table * main.yml: remove right "mysql -h 127.0.0.1 -P 3306 -uroot -proot -e "GRANT SELECT ON mysql.proc TO 'steve'@'%';" -v || true" * B1_0_5_stevedb.sql: removed auto_increment values * B1_0_5_stevedb.sql: change to maysqldump script * Baseline-script: insert default data into settings table * Baseline-script: removed unnecessary save, set and reset of DB-settings (executable comments); removed temporary tabels/views, because of that changed creation order of views transaction and ocpp_activity * Baseline-script: because Steve supports only mysql and mariadb the executable comments are changed to commands. except "/*!999999\- enable the sandbox mode */ " * Baseline-script: adding some comments * Baseline-script: formating the view creation code * Bump org.apache.maven.plugins:maven-dependency-plugin Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.7.0 to 3.7.1. - [Release notes](https://github.com/apache/maven-dependency-plugin/releases) - [Commits](https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.7.0...maven-dependency-plugin-3.7.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 Bumps [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin) from 3.4.1 to 3.4.2. - [Release notes](https://github.com/apache/maven-jar-plugin/releases) - [Commits](https://github.com/apache/maven-jar-plugin/compare/maven-jar-plugin-3.4.1...maven-jar-plugin-3.4.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-jar-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * remove pmd github action * main.yml: remove Grant Super priviliges; B1_0_5__stevedb.sql: remove definer statements in views * adapt docs after #1439 SUPER is not needed anymore * Bump org.junit:junit-bom from 5.10.2 to 5.10.3 Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.2 to 5.10.3. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.2...r5.10.3) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.5.0 to 4.8.6.2 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.5.0 to 4.8.6.2. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.8.5.0...spotbugs-maven-plugin-4.8.6.2) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jackson.version from 2.17.1 to 2.17.2 Bumps `jackson.version` from 2.17.1 to 2.17.2. Updates `com.fasterxml.jackson.core:jackson-databind` from 2.17.1 to 2.17.2 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.module:jackson-module-jaxb-annotations` from 2.17.1 to 2.17.2 - [Commits](https://github.com/FasterXML/jackson-modules-base/compare/jackson-modules-base-2.17.1...jackson-modules-base-2.17.2) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.17.1 to 2.17.2 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.datatype:jackson-datatype-joda` from 2.17.1 to 2.17.2 - [Commits](https://github.com/FasterXML/jackson-datatype-joda/compare/jackson-datatype-joda-2.17.1...jackson-datatype-joda-2.17.2) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.module:jackson-module-jaxb-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-joda dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump io.github.git-commit-id:git-commit-id-maven-plugin Bumps [io.github.git-commit-id:git-commit-id-maven-plugin](https://github.com/git-commit-id/git-commit-id-maven-plugin) from 9.0.0 to 9.0.1. - [Release notes](https://github.com/git-commit-id/git-commit-id-maven-plugin/releases) - [Commits](https://github.com/git-commit-id/git-commit-id-maven-plugin/compare/v9.0.0...v9.0.1) --- updated-dependencies: - dependency-name: io.github.git-commit-id:git-commit-id-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump flyway.version from 10.15.0 to 10.15.2 Bumps `flyway.version` from 10.15.0 to 10.15.2. Updates `org.flywaydb:flyway-mysql` from 10.15.0 to 10.15.2 Updates `org.flywaydb:flyway-maven-plugin` from 10.15.0 to 10.15.2 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.15.0...flyway-10.15.2) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update docker-compose.yml to add restart policies Added 'unless-stopped' restart policies to both the 'db' and 'app' services in docker-compose.yml to ensure they automatically restart unless explicitly stopped by the user. * Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.3.0 to 3.3.1. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.3.0...surefire-3.3.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump net.bytebuddy:byte-buddy from 1.14.17 to 1.14.18 Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.14.17 to 1.14.18. - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * refactor: move OcppTagRepository into AuthTagService * better msg if logs are unavailable (closes #1503) * Bump org.projectlombok:lombok from 1.18.32 to 1.18.34 Bumps [org.projectlombok:lombok](https://github.com/projectlombok/lombok) from 1.18.32 to 1.18.34. - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](https://github.com/projectlombok/lombok/compare/v1.18.32...v1.18.34) --- updated-dependencies: - dependency-name: org.projectlombok:lombok dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * nits and style changes * add license header where missing * extract interface reason: allow multiple implementations of the same interface to exist. therefore, another impl (for calling external EMSP service) and bean can exist with @Primary annotation which can take precedence * transaction detail page shows only energy meter values (#1514) * Bump flyway.version from 10.15.2 to 10.16.0 Bumps `flyway.version` from 10.15.2 to 10.16.0. Updates `org.flywaydb:flyway-mysql` from 10.15.2 to 10.16.0 Updates `org.flywaydb:flyway-maven-plugin` from 10.15.2 to 10.16.0 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.15.2...flyway-10.16.0) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-pmd-plugin from 3.23.0 to 3.24.0 Bumps [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.23.0 to 3.24.0. - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.23.0...maven-pmd-plugin-3.24.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * migrate to jakarta and upgrade spring, jetty, cxf * fix SecurityConfiguration * fix http client in GithubReleaseCheckService * fix test classes * fix dependencies * upgrade jetty from 11 to 12 * update ocpp-jaxb * fix jsp world * fix spring security signin page was causing too many redirects to itself. https://github.com/spring-projects/spring-security/issues/13285 * switch to openapi v3 plus: start offering swagger ui * version bump [ci skip] * version bump for snapshot [ci skip] * use ocpp-jaxb tag version * jooq: make DateTime operations through field's converter (#1520) * validate chargeBoxId for WS connections (#1526) * tighten regex of valid chargeBoxId definition (#1526) * switch logic to use blacklist of chars (#1526) * add flexibility to override default chargeBoxId validation regex (#1526) * add error logging for violating the pattern (#1526) * put chargeBoxId through html encoder in unknownList (#1526) * refactor * Encode values properly when rendering HTML pages (#1533) * use html encoder on page: chagepointDetails (#1532) * use html encoder on page: transactions (#1532) * use html encoder on page: transactionDetails (#1532) * use html encoder on page: ocppTags (#1532) * use html encoder on page: connectorStatus (#1532) * use html encoder on page: GetConfigurationResponse (#1532) * use html encoder on page: taskResult (#1532) * Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#1530) Bumps [org.hamcrest:hamcrest](https://github.com/hamcrest/JavaHamcrest) from 2.2 to 3.0. - [Release notes](https://github.com/hamcrest/JavaHamcrest/releases) - [Changelog](https://github.com/hamcrest/JavaHamcrest/blob/master/CHANGES.md) - [Commits](https://github.com/hamcrest/JavaHamcrest/compare/v2.2...v3.0) --- updated-dependencies: - dependency-name: org.hamcrest:hamcrest dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flyway.version from 10.16.0 to 10.17.0 (#1529) Bumps `flyway.version` from 10.16.0 to 10.17.0. Updates `org.flywaydb:flyway-mysql` from 10.16.0 to 10.17.0 Updates `org.flywaydb:flyway-maven-plugin` from 10.16.0 to 10.17.0 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.16.0...flyway-10.17.0) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jetty.version from 12.0.11 to 12.0.12 (#1528) Bumps `jetty.version` from 12.0.11 to 12.0.12. Updates `org.eclipse.jetty:jetty-server` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty.ee10:jetty-ee10-annotations` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty.ee10:jetty-ee10-apache-jsp` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty:jetty-rewrite` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty.websocket:jetty-websocket-jetty-client` from 12.0.11 to 12.0.12 Updates `org.eclipse.jetty.ee10:jetty-ee10-jspc-maven-plugin` from 12.0.11 to 12.0.12 --- updated-dependencies: - dependency-name: org.eclipse.jetty:jetty-server dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-apache-jsp dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty:jetty-rewrite dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.websocket:jetty-websocket-jetty-client dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-jspc-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix ObjectMapper used for API endpoint errors reason: warnings like the following [WARN ] 2024-08-08 23:34:20,844 org.eclipse.jetty.ee10.servlet.ServletChannel (qtp739264372-28) - handleException /steve/api/v1/transactions com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Joda date/time type `org.joda.time.DateTime` not supported by default: add Module "com.fasterxml.jackson.datatype:jackson-datatype-joda" to enable handling (through reference chain: de.rwth.idsg.steve.web.api.ApiControllerAdvice$ApiErrorResponse["timestamp"]) ApiDocsConfiguration activates JacksonAutoConfiguration which creates a default/primary ObjectMapper that is different from our ObjectMapper. this came with the spring 6.x migration since OpenApi integration was massively refactored with that as well. * add authorization support to open-api and swagger-ui (#1043) * refactor instead of creating a 2nd ObjectMapper with a custom qualifier, override the default that comes from JacksonAutoConfiguration. * Bump org.slf4j:slf4j-bom from 2.0.13 to 2.0.16 Bumps [org.slf4j:slf4j-bom](https://github.com/qos-ch/slf4j) from 2.0.13 to 2.0.16. - [Commits](https://github.com/qos-ch/slf4j/compare/v_2.0.13...v_2.0.16) --- updated-dependencies: - dependency-name: org.slf4j:slf4j-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update mysql-connector-j (#1537) * pom: adapted changes in mysql-connector dependency location: mysql --> com.mysql; mysql-connector-java -> mysql-connector-j, version update to 8.4.0 * pom: mysql.jdbc.version update to 9.0.0 --------- Co-authored-by: brosi <brosi@fam2n005.fkfs.de> * exclude websocket paths from spring security (#1523) * disable CSRF for SOAP endpoints * enable spring security for all profiles reason: so far, spring security was enabled only for prod profile. the tests were running with test profile. therefore, any security-related issue/regression was not detected. * Implement database-based multi user system for Web UI (#1539) * add UserDetailsService impl using Jooq * improve impl such that it is in a working condition * refactor: make github action checks happy * force data type JSON in Jooq for web_user.authorities reason: our build matrix fails for mysql, but succeeds for mariadb. Jooq infers data type org.jooq.JSON for web_user.authorities for mysql. on the other hand, it is String for mariadb. example: https://github.com/steve-community/steve/actions/runs/10339451112 * tighten json logic * add check for validating that "authorities" is an array * store a sorted set of authorities without duplicates * add method to delete web user by database id reason: to be used by web pages. a better way than doing with username, and is consistent with other delete operations we do. * PR feedback: skip default admin user creation, if "any" admin already exists * refactor: PR feedback * prepare database for #1540 * PR feedback * add license header where missing * Bump jooq.version from 3.19.10 to 3.19.11 (#1552) Bumps `jooq.version` from 3.19.10 to 3.19.11. Updates `org.jooq:jooq-meta` from 3.19.10 to 3.19.11 Updates `org.jooq:jooq-codegen` from 3.19.10 to 3.19.11 Updates `org.jooq:jooq` from 3.19.10 to 3.19.11 Updates `org.jooq:jooq-codegen-maven` from 3.19.10 to 3.19.11 --- updated-dependencies: - dependency-name: org.jooq:jooq-meta dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jooq:jooq-codegen dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jooq:jooq dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jooq:jooq-codegen-maven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.google.guava:guava from 33.2.1-jre to 33.3.0-jre (#1551) Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.2.1-jre to 33.3.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api (#1550) Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases) - [Commits](https://github.com/eclipse-ee4j/jstl-api/commits) --- updated-dependencies: - dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.junit:junit-bom from 5.10.3 to 5.11.0 (#1549) Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.3 to 5.11.0. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.3...r5.11.0) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump net.bytebuddy:byte-buddy from 1.14.18 to 1.14.19 (#1548) Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.14.18 to 1.14.19. - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.18...byte-buddy-1.14.19) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flyway.version from 10.17.0 to 10.17.1 (#1547) Bumps `flyway.version` from 10.17.0 to 10.17.1. Updates `org.flywaydb:flyway-mysql` from 10.17.0 to 10.17.1 Updates `org.flywaydb:flyway-maven-plugin` from 10.17.0 to 10.17.1 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.17.0...flyway-10.17.1) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * switch to basic auth for API access (#1545) * switch to basic auth for API access * PR feedback * add cache for API users * PR feedback * start setting/updating api_password * refactor: undo moveApiTokenFromConfigToDatabase prep * switch open-api spec to basic auth (#1540) * refactor DataSource * make DataSource a spring bean * move checkJavaAndMySQLOffsets() into GenericRepository * necessary consequential changes * Bump org.owasp.encoder:encoder-jakarta-jsp from 1.3.0 to 1.3.1 Bumps [org.owasp.encoder:encoder-jakarta-jsp](https://github.com/owasp/owasp-java-encoder) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/owasp/owasp-java-encoder/releases) - [Commits](https://github.com/owasp/owasp-java-encoder/compare/v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: org.owasp.encoder:encoder-jakarta-jsp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump flyway.version from 10.17.1 to 10.17.2 Bumps `flyway.version` from 10.17.1 to 10.17.2. Updates `org.flywaydb:flyway-mysql` from 10.17.1 to 10.17.2 Updates `org.flywaydb:flyway-maven-plugin` from 10.17.1 to 10.17.2 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.17.1...flyway-10.17.2) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-dependency-plugin Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.7.1 to 3.8.0. - [Release notes](https://github.com/apache/maven-dependency-plugin/releases) - [Commits](https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.7.1...maven-dependency-plugin-3.8.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump net.bytebuddy:byte-buddy from 1.14.19 to 1.15.0 Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.14.19 to 1.15.0. - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.19...byte-buddy-1.15.0) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring.security.version from 6.3.1 to 6.3.3 Bumps `spring.security.version` from 6.3.1 to 6.3.3. Updates `org.springframework.security:spring-security-web` from 6.3.1 to 6.3.3 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/6.3.1...6.3.3) Updates `org.springframework.security:spring-security-config` from 6.3.1 to 6.3.3 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/6.3.1...6.3.3) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-web dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-config dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-checkstyle-plugin Bumps [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.4.0 to 3.5.0. - [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.4.0...maven-checkstyle-plugin-3.5.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.4.0 Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.3.1 to 3.4.0. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.3.1...surefire-3.4.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api) from 3.0.1 to 3.0.2. - [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases) - [Commits](https://github.com/eclipse-ee4j/jstl-api/commits) --- updated-dependencies: - dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-surefire-plugin from 3.4.0 to 3.5.0 Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.4.0...surefire-3.5.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump net.bytebuddy:byte-buddy from 1.15.0 to 1.15.1 Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.15.0 to 1.15.1. - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.15.0...byte-buddy-1.15.1) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-pmd-plugin from 3.24.0 to 3.25.0 Bumps [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.24.0 to 3.25.0. - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.24.0...maven-pmd-plugin-3.25.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.mockito:mockito-junit-jupiter from 5.12.0 to 5.13.0 Bumps [org.mockito:mockito-junit-jupiter](https://github.com/mockito/mockito) from 5.12.0 to 5.13.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.12.0...v5.13.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-junit-jupiter dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jetty.version from 12.0.12 to 12.0.13 Bumps `jetty.version` from 12.0.12 to 12.0.13. Updates `org.eclipse.jetty:jetty-server` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty.ee10:jetty-ee10-annotations` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty.ee10:jetty-ee10-apache-jsp` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty:jetty-rewrite` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty.websocket:jetty-websocket-jetty-client` from 12.0.12 to 12.0.13 Updates `org.eclipse.jetty.ee10:jetty-ee10-jspc-maven-plugin` from 12.0.12 to 12.0.13 --- updated-dependencies: - dependency-name: org.eclipse.jetty:jetty-server dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-apache-jsp dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty:jetty-rewrite dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.websocket:jetty-websocket-jetty-client dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-jspc-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.logging.log4j:log4j-bom from 2.23.1 to 2.24.0 Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.23.1 to 2.24.0. - [Release notes](https://github.com/apache/logging-log4j2/releases) - [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc) - [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.23.1...rel/2.24.0) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-bom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.2 to 4.8.6.3 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.2 to 4.8.6.3. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.8.6.2...spotbugs-maven-plugin-4.8.6.3) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Warn about security risks Related to #100 * Bump flyway.version from 10.17.2 to 10.18.0 Bumps `flyway.version` from 10.17.2 to 10.18.0. Updates `org.flywaydb:flyway-mysql` from 10.17.2 to 10.18.0 Updates `org.flywaydb:flyway-maven-plugin` from 10.17.2 to 10.18.0 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.17.2...flyway-10.18.0) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * add APIs link to navigation header * set ram percentage in Dockerfile default is 25% which is too conservative. details: https://developers.redhat.com/articles/2022/04/19/java-17-whats-new-openjdks-container-awareness#tuning_defaults_for_containers * Bump org.apache.httpcomponents.client5:httpclient5 from 5.3.1 to 5.4 Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.3.1 to 5.4. - [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt) - [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.3.1...rel/v5.4) --- updated-dependencies: - dependency-name: org.apache.httpcomponents.client5:httpclient5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump joda-time:joda-time from 2.12.7 to 2.13.0 Bumps [joda-time:joda-time](https://github.com/JodaOrg/joda-time) from 2.12.7 to 2.13.0. - [Release notes](https://github.com/JodaOrg/joda-time/releases) - [Changelog](https://github.com/JodaOrg/joda-time/blob/main/RELEASE-NOTES.txt) - [Commits](https://github.com/JodaOrg/joda-time/compare/v2.12.7...v2.13.0) --- updated-dependencies: - dependency-name: joda-time:joda-time dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.3 to 4.8.6.4 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.3 to 4.8.6.4. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.8.6.3...spotbugs-maven-plugin-4.8.6.4) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump flyway.version from 10.18.0 to 10.18.2 Bumps `flyway.version` from 10.18.0 to 10.18.2. Updates `org.flywaydb:flyway-mysql` from 10.18.0 to 10.18.2 Updates `org.flywaydb:flyway-maven-plugin` from 10.18.0 to 10.18.2 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.18.0...flyway-10.18.2) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jackson.version from 2.17.2 to 2.18.0 Bumps `jackson.version` from 2.17.2 to 2.18.0. Updates `com.fasterxml.jackson.core:jackson-databind` from 2.17.2 to 2.18.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations` from 2.17.2 to 2.18.0 - [Commits](https://github.com/FasterXML/jackson-modules-base/compare/jackson-modules-base-2.17.2...jackson-modules-base-2.18.0) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.17.2 to 2.18.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.datatype:jackson-datatype-joda` from 2.17.2 to 2.18.0 - [Commits](https://github.com/FasterXML/jackson-datatype-joda/compare/jackson-datatype-joda-2.17.2...jackson-datatype-joda-2.18.0) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-joda dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.google.guava:guava from 33.3.0-jre to 33.3.1-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.3.0-jre to 33.3.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.jetbrains:annotations from 24.1.0 to 25.0.0 Bumps [org.jetbrains:annotations](https://github.com/JetBrains/java-annotations) from 24.1.0 to 25.0.0. - [Release notes](https://github.com/JetBrains/java-annotations/releases) - [Changelog](https://github.com/JetBrains/java-annotations/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/java-annotations/compare/24.1.0...25.0.0) --- updated-dependencies: - dependency-name: org.jetbrains:annotations dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.mockito:mockito-junit-jupiter from 5.13.0 to 5.14.1 Bumps [org.mockito:mockito-junit-jupiter](https://github.com/mockito/mockito) from 5.13.0 to 5.14.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.13.0...v5.14.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-junit-jupiter dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.junit:junit-bom from 5.11.0 to 5.11.2 Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.0 to 5.11.2. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.2) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump plugin.license-maven.version from 4.5 to 4.6 Bumps `plugin.license-maven.version` from 4.5 to 4.6. Updates `com.mycila:license-maven-plugin-git` from 4.5 to 4.6 - [Release notes](https://github.com/mathieucarbou/license-maven-plugin/releases) - [Commits](https://github.com/mathieucarbou/license-maven-plugin/compare/license-maven-plugin-4.5...license-maven-plugin-4.6) Updates `com.mycila:license-maven-plugin` from 4.5 to 4.6 - [Release notes](https://github.com/mathieucarbou/license-maven-plugin/releases) - [Commits](https://github.com/mathieucarbou/license-maven-plugin/compare/license-maven-plugin-4.5...license-maven-plugin-4.6) --- updated-dependencies: - dependency-name: com.mycila:license-maven-plugin-git dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.mycila:license-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump flyway.version from 10.18.2 to 10.19.0 Bumps `flyway.version` from 10.18.2 to 10.19.0. Updates `org.flywaydb:flyway-mysql` from 10.18.2 to 10.19.0 Updates `org.flywaydb:flyway-maven-plugin` from 10.18.2 to 10.19.0 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.18.2...flyway-10.19.0) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.0 to 3.5.1 Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.5.0 to 3.5.1. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.0...surefire-3.5.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.logging.log4j:log4j-bom from 2.24.0 to 2.24.1 Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.24.0 to 2.24.1. - [Release notes](https://github.com/apache/logging-log4j2/releases) - [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc) - [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.24.0...rel/2.24.1) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.zaxxer:HikariCP from 5.1.0 to 6.0.0 Bumps [com.zaxxer:HikariCP](https://github.com/brettwooldridge/HikariCP) from 5.1.0 to 6.0.0. - [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES) - [Commits](https://github.com/brettwooldridge/HikariCP/compare/HikariCP-5.1.0...HikariCP-6.0.0) --- updated-dependencies: - dependency-name: com.zaxxer:HikariCP dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.mysql:mysql-connector-j from 9.0.0 to 9.1.0 Bumps [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j) from 9.0.0 to 9.1.0. - [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGES) - [Commits](https://github.com/mysql/mysql-connector-j/compare/9.0.0...9.1.0) --- updated-dependencies: - dependency-name: com.mysql:mysql-connector-j dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.jetbrains:annotations from 25.0.0 to 26.0.1 Bumps [org.jetbrains:annotations](https://github.com/JetBrains/java-annotations) from 25.0.0 to 26.0.1. - [Release notes](https://github.com/JetBrains/java-annotations/releases) - [Changelog](https://github.com/JetBrains/java-annotations/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/java-annotations/compare/25.0.0...26.0.1) --- updated-dependencies: - dependency-name: org.jetbrains:annotations dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump net.bytebuddy:byte-buddy from 1.15.1 to 1.15.7 Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.15.1 to 1.15.7. - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.15.1...byte-buddy-1.15.7) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jetty.version from 12.0.13 to 12.0.14 Bumps `jetty.version` from 12.0.13 to 12.0.14. Updates `org.eclipse.jetty:jetty-server` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty.ee10:jetty-ee10-annotations` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty.ee10:jetty-ee10-apache-jsp` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty:jetty-rewrite` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty.websocket:jetty-websocket-jetty-client` from 12.0.13 to 12.0.14 Updates `org.eclipse.jetty.ee10:jetty-ee10-jspc-maven-plugin` from 12.0.13 to 12.0.14 --- updated-dependencies: - dependency-name: org.eclipse.jetty:jetty-server dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-apache-jsp dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty:jetty-rewrite dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.websocket:jetty-websocket-jetty-client dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-jspc-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * adjust checkstyle [ci skip] inline conditionals are fine in some cases. more compact and less verbose. * migrate "header value" as "api password" to database (#1540) * Bump org.springframework.security:spring-security-web Bumps [org.springframework.security:spring-security-web](https://github.com/spring-projects/spring-security) from 6.3.3 to 6.3.4. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/6.3.3...6.3.4) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-web dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.mockito:mockito-junit-jupiter from 5.14.1 to 5.14.2 Bumps [org.mockito:mockito-junit-jupiter](https://github.com/mockito/mockito) from 5.14.1 to 5.14.2. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.14.1...v5.14.2) --- updated-dependencies: - dependency-name: org.mockito:mockito-junit-jupiter dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jackson.version from 2.18.0 to 2.18.1 Bumps `jackson.version` from 2.18.0 to 2.18.1. Updates `com.fasterxml.jackson.core:jackson-databind` from 2.18.0 to 2.18.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations` from 2.18.0 to 2.18.1 - [Commits](https://github.com/FasterXML/jackson-modules-base/compare/jackson-modules-base-2.18.0...jackson-modules-base-2.18.1) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.18.0 to 2.18.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.datatype:jackson-datatype-joda` from 2.18.0 to 2.18.1 - [Commits](https://github.com/FasterXML/jackson-datatype-joda/compare/jackson-datatype-joda-2.18.0...jackson-datatype-joda-2.18.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-joda dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.4 to 4.8.6.5 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.4 to 4.8.6.5. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.8.6.4...spotbugs-maven-plugin-4.8.6.5) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump flyway.version from 10.19.0 to 10.20.1 Bumps `flyway.version` from 10.19.0 to 10.20.1. Updates `org.flywaydb:flyway-mysql` from 10.19.0 to 10.20.1 Updates `org.flywaydb:flyway-maven-plugin` from 10.19.0 to 10.20.1 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.19.0...flyway-10.20.1) --- updated-dependencies: - dependency-name: org.flywaydb:flyway-mysql dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.flywaydb:flyway-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-dependency-plugin Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.8.0 to 3.8.1. - [Release notes](https://github.com/apache/maven-dependency-plugin/releases) - [Commits](https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.8.0...maven-dependency-plugin-3.8.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.httpcomponents.client5:httpclient5 from 5.4 to 5.4.1 Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.4 to 5.4.1. - [Changelog](https://github.com/apache/httpcomponents-client/blob/rel/v5.4.1/RELEASE_NOTES.txt) - [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.4...rel/v5.4.1) --- updated-dependencies: - dependency-name: org.apache.httpcomponents.client5:httpclient5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump net.bytebuddy:byte-buddy from 1.15.7 to 1.15.9 Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.15.7 to 1.15.9. - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.15.7...byte-buddy-1.15.9) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-checkstyle-plugin Bumps [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.5.0 to 3.6.0. - [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.5.0...maven-checkstyle-plugin-3.6.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-pmd-plugin from 3.25.0 to 3.26.0 Bumps [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.25.0 to 3.26.0. - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.25.0...maven-pmd-plugin-3.26.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.junit:junit-bom from 5.11.2 to 5.11.3 Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.2 to 5.11.3. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Julien Herr <juherr@bornerecharge.fr> Co-authored-by: fnkbsi <135032168+fnkbsi@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sevket Gökay <sevketgokay@gmail.com> Co-authored-by: Andrei <1183822+bibz0r@users.noreply.github.com> Co-authored-by: Julien Herr <julien@herr.fr> Co-authored-by: brosi <brosi@fam2n005.fkfs.de> Co-authored-by: Julien Herr <contact@juherr.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.