Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade 3rd party dependencies (Q3 2023) #29

Merged
merged 7 commits into from
Oct 17, 2023
Merged

Upgrade 3rd party dependencies (Q3 2023) #29

merged 7 commits into from
Oct 17, 2023

Conversation

gmartinez3werfen
Copy link
Contributor

@gmartinez3werfen gmartinez3werfen commented Oct 16, 2023
edited
Loading

PR Details

Updates dependencies for the following libraries:

  • jasperreports (6.17.0 --> 6.20.6)
  • jasperreports-fonts (6.17.0 --> 6.20.6)
  • lombok (1.18.12 --> 1.18.30)
  • poi (5.1.0 --> 5.2.4)
  • poi-ooxml (5.1.0 --> 5.2.4)
  • junit-jupiter-api (5.3.2 --> 5.10.0)
  • junit-jupiter-engine (5.3.2 --> 5.10.0)
  • java-report-test-utilities (1.2.0 --> 1.3.0)

Motivation and Context

This change is required by Cybersecurity team in order to keep dependencies updated for reducing surface attack caused by known vulnerabilities.

Implementation

Updated pom.xml versions for dependencies to the latest available.

How Has This Been Tested

All existing tests were ran without any issue.

Types of changes

  • Docs change / refactoring / dependency upgrade
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • New release version
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist

  • I have read the CONTRIBUTING document
  • My code follows the code style of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • There are component tests for new/changed code (or a good explanation why this was not possible) and all of them passed. I have also added tests to cover my changes
  • All CI builders have indicated success (Give them the needed time to notice the pull request)
  • The Pull request title has the type of change ended with a slash (bugfix/feature/...), Jira issue numbers separated by spaces (if any), a space, and then a short, but descriptive summary
  • Commit messages are well formed: A note about Git commit messages
  • New public packages, classes, and methods are documented. (Strongly consider documenting private classes and methods)
  • A new branch needs to be created from master to evolve previous versions
  • Increase version in pom.xml following Semantic Versioning
  • Squash merge as a recommended merge strategy in Bitbucket

QuimNotoTrilla
QuimNotoTrilla approved these changes Oct 16, 2023
View reviewed changes
Copy link
Contributor

@QuimNotoTrilla QuimNotoTrilla left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good be updated

joaquimvila
joaquimvila reviewed Oct 16, 2023
View reviewed changes
pom.xml Outdated Show resolved Hide resolved
@joaquimvila
Copy link
Contributor

I miss linking this PR with the issue #28, so when closing it, the issue should be closed too.

joaquimvila
joaquimvila requested changes Oct 16, 2023
View reviewed changes
ATTRIBUTION.md Outdated Show resolved Hide resolved
@joaquimvila joaquimvila changed the title Feature/beasw 15376/main Upgrade 3rd party dependencies Oct 17, 2023
@joaquimvila joaquimvila changed the title Upgrade 3rd party dependencies Upgrade 3rd party dependencies (Q3 2023) Oct 17, 2023
@gmartinez3werfen gmartinez3werfen merged commit 67c15ef into master Oct 17, 2023
1 check passed
@gmartinez3werfen gmartinez3werfen deleted the feature/BEASW-15376/main branch October 17, 2023 07:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joaquimvila joaquimvila joaquimvila approved these changes

@QuimNotoTrilla QuimNotoTrilla QuimNotoTrilla approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gmartinez3werfen @joaquimvila @QuimNotoTrilla