Skip to content
This repository has been archived by the owner on Oct 8, 2024. It is now read-only.

Bump the gradle group with 7 updates #270

Closed
wants to merge 1 commit into from
Closed

Bump the gradle group with 7 updates #270

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 3, 2024
edited
Loading

Bumps the gradle group with 7 updates:

Package From To
no.nav.security:token-validation-ktor-v2 3.2.0 4.1.4
org.apache.pdfbox:pdfbox 3.0.1 3.0.2
org.apache.pdfbox:pdfbox-io 3.0.1 3.0.2
org.apache.pdfbox:pdfbox-io 3.0.1 3.0.2
io.ktor:ktor-server-test-host 2.3.7 2.3.9
no.nav.security:mock-oauth2-server 2.1.0 2.1.2
jvm 1.9.21 1.9.23
org.sonarqube 4.4.1.3373 5.0.0.4638

Updates no.nav.security:token-validation-ktor-v2 from 3.2.0 to 4.1.4

Release notes

Sourced from no.nav.security:token-validation-ktor-v2's releases.

4.1.4

What's Changed

⬆️ Dependency upgrades

  • build(deps): bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.1 to 3.2.2 (#869) @​dependabot
  • build(deps): bump commons-logging:commons-logging from 1.3.0 to 1.3.1 (#868) @​dependabot
  • build(deps): bump dependabot/fetch-metadata from 1 to 2 (#867) @​dependabot
  • build(deps): bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.0 to 3.2.1 (#865) @​dependabot
  • build(deps): bump spring-boot.version from 3.2.3 to 3.2.4 (#866) @​dependabot
  • build(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.16.2 to 2.17.0 (#863) @​dependabot
  • build(deps): bump com.fasterxml.jackson.module:jackson-module-kotlin from 2.16.2 to 2.17.0 (#864) @​dependabot
  • build(deps): bump com.fasterxml.jackson.module:jackson-module-kotlin from 2.16.1 to 2.16.2 (#861) @​dependabot
  • build(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.16.1 to 2.16.2 (#862) @​dependabot
  • build(deps): bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.0 (#860) @​dependabot
  • build(deps): bump kotest.version from 5.8.0 to 5.8.1 (#859) @​dependabot
  • build(deps): bump kotlin.version from 1.9.22 to 1.9.23 (#858) @​dependabot
  • build(deps): bump kotlin.version from 1.9.22 to 1.9.23 (#857) @​dependabot
  • build(deps): bump org.jetbrains.dokka:dokka-maven-plugin from 1.9.10 to 1.9.20 (#856) @​dependabot
  • build(deps): bump ktor.version from 2.3.8 to 2.3.9 (#855) @​dependabot
  • build(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.10 to 11.10.1 (#852) @​dependabot
  • build(deps): bump org.wiremock:wiremock-standalone from 3.4.1 to 3.4.2 (#853) @​dependabot
  • build(deps): bump spring-boot.version from 3.2.2 to 3.2.3 (#851) @​dependabot
  • build(deps): bump org.wiremock:wiremock-standalone from 3.4.0 to 3.4.1 (#850) @​dependabot
  • build(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.9.1 to 11.10 (#849) @​dependabot
  • build(deps): bump org.wiremock:wiremock-standalone from 3.3.1 to 3.4.0 (#848) @​dependabot
  • build(deps): bump no.nav.security:mock-oauth2-server from 2.1.1 to 2.1.2 (#847) @​dependabot
  • build(deps-dev): bump org.junit.jupiter:junit-jupiter-engine from 5.10.1 to 5.10.2 (#845) @​dependabot
  • build(deps): bump release-drafter/release-drafter from 5 to 6 (#844) @​dependabot

4.1.3

What's Changed

  • No changes

4.1.2

What's Changed

⬆️ Dependency upgrades

  • build(deps): bump advanced-security/maven-dependency-submission-action from 3 to 4 (#842) @​dependabot

4.1.1

What's Changed

⬆️ Dependency upgrades

... (truncated)

Commits
  • 9d0c43a compensate for lacking dep-mgmt
  • 2f970f9 build(deps): bump org.apache.maven.plugins:maven-gpg-plugin (#869)
  • 16f7862 build(deps): bump commons-logging:commons-logging from 1.3.0 to 1.3.1 (#868)
  • b28a6ed build(deps): bump dependabot/fetch-metadata from 1 to 2 (#867)
  • 5471e2c build(deps): bump org.apache.maven.plugins:maven-gpg-plugin (#865)
  • fb34156 build(deps): bump spring-boot.version from 3.2.3 to 3.2.4 (#866)
  • 33bd79b build(deps): bump com.fasterxml.jackson.core:jackson-databind (#863)
  • 4ac3280 build(deps): bump com.fasterxml.jackson.module:jackson-module-kotlin (#864)
  • aaf7ae7 build(deps): bump com.fasterxml.jackson.module:jackson-module-kotlin (#861)
  • 7a1dd95 build(deps): bump com.fasterxml.jackson.core:jackson-databind (#862)
  • Additional commits viewable in compare view

Updates org.apache.pdfbox:pdfbox from 3.0.1 to 3.0.2

Updates org.apache.pdfbox:pdfbox-io from 3.0.1 to 3.0.2

Updates org.apache.pdfbox:pdfbox-io from 3.0.1 to 3.0.2

Updates io.ktor:ktor-server-test-host from 2.3.7 to 2.3.9

Release notes

Sourced from io.ktor:ktor-server-test-host's releases.

2.3.9

Published 4 March 2024

Improvements

  • Allow to set secure cookie even with http scheme (KTOR-3159)

Bugfixes

  • ContentNegotiation: the plugin appends duplicated MIME type to Accept header (KTOR-6684)

2.3.8

Published 31 January 2024

Bugfixes

  • "KeyStoreException: JKS not found" exception on Android when configuring secure connection (KTOR-6720)
  • URLBuilder crashes on React Native platforms (KTOR-6576)
  • CIO: Unable to perform WebSocket upgrade when Content-Type header is sent in the request (KTOR-6366)
  • ContentNegotiation: Adding charset to content type of JacksonConverter breaks request matching (KTOR-6420)
  • High Native Server Memory Usage (KTOR-6321)
  • Server ContentNegotiation no longer allows multiple decoders for one Content-Type (KTOR-5410)
  • Logging plugin blocks response body streaming when level is BODY (KTOR-6482)
  • WebSockets: Confusing error message when server doesn't respond with Upgrade (KTOR-6397)
  • {...} (tailcard) does not match URLs ending with '/' (KTOR-2121)
  • HttpCache: NumberFormatException for cache-control with max age more than Int.MAX_VALUE (KTOR-6505)
  • CORS: allowHost without the second argument doesn't allow the secure host (KTOR-6494)
  • "ReferenceError: 'self' is not defined" when using URLBuilder in a custom JS engine (KTOR-5978)
  • MDC diagnostic value is changed during logging of the request (KTOR-6528)
  • WebSocket doesn't get terminated when runBlocking is used (KTOR-6664)
  • CIO: "getSubjectAlternativeNames(...) must not be null" error on Android when using CA without SAN since 2.3.5 (KTOR-6396)
  • RequestConnectionPoint should implement toString() (KTOR-6577)
Changelog

Sourced from io.ktor:ktor-server-test-host's changelog.

2.3.9

Published 4 March 2024

Improvements

  • Allow to set secure cookie even with http scheme (KTOR-3159)

Bugfixes

  • ContentNegotiation: the plugin appends duplicated MIME type to Accept header (KTOR-6684)

2.3.8

Published 31 January 2024

Bugfixes

  • "KeyStoreException: JKS not found" exception on Android when configuring secure connection (KTOR-6720)
  • URLBuilder crashes on React Native platforms (KTOR-6576)
  • CIO: Unable to perform WebSocket upgrade when Content-Type header is sent in the request (KTOR-6366)
  • ContentNegotiation: Adding charset to content type of JacksonConverter breaks request matching (KTOR-6420)
  • High Native Server Memory Usage (KTOR-6321)
  • Server ContentNegotiation no longer allows multiple decoders for one Content-Type (KTOR-5410)
  • Logging plugin blocks response body streaming when level is BODY (KTOR-6482)
  • WebSockets: Confusing error message when server doesn't respond with Upgrade (KTOR-6397)
  • {...} (tailcard) does not match URLs ending with '/' (KTOR-2121)
  • HttpCache: NumberFormatException for cache-control with max age more than Int.MAX_VALUE (KTOR-6505)
  • CORS: allowHost without the second argument doesn't allow the secure host (KTOR-6494)
  • "ReferenceError: 'self' is not defined" when using URLBuilder in a custom JS engine (KTOR-5978)
  • MDC diagnostic value is changed during logging of the request (KTOR-6528)
  • WebSocket doesn't get terminated when runBlocking is used (KTOR-6664)
  • CIO: "getSubjectAlternativeNames(...) must not be null" error on Android when using CA without SAN since 2.3.5 (KTOR-6396)
  • RequestConnectionPoint should implement toString() (KTOR-6577)
Commits
  • 623ab3f Add changelog for 2.3.9 (#3994)
  • ca6bdff Disable test for jakarta tomcat certificates
  • 82b1acb Fix for missing import
  • 5dee0f9 Revert "Bump io.swagger.parser.v3:swagger-parser from 2.1.19 to 2.1.20 (#3945)"
  • 1d72b84 Bump version 2.3.9; resolve API change
  • 3375463 Disable failing test (#3990)
  • 5fd337e KTOR-6684 Fix duplicate Accept Header in ContentNegotiation (#3984)
  • 4633438 Add better description of TLSConfigBuilder.addCertificateChain()
  • 1a53599 fix(deps): update jetty.jakarta.version to v11.0.20
  • 722950d KTOR-3159 Allow secure cookie with unencrypted response (#3932)
  • Additional commits viewable in compare view

Updates no.nav.security:mock-oauth2-server from 2.1.0 to 2.1.2

Release notes

Sourced from no.nav.security:mock-oauth2-server's releases.

2.1.2

What's Changed

⬆️ Dependency upgrades

2.1.1

What's Changed

  • feat: add id-token to password grant token response (#610) @​jp7677

⬆️ Dependency upgrades

Commits
  • 983dfcd chore(deps): bump transitive dep jsonpath to 2.9.0 (#640)
  • 3cbb107 refactor: replace use of deprecated queryParameters with bodyAsFormParameters
  • 6763539 ci: add permissions write for dependency graph submission
  • 8de3aee chore(deps): bump the github group with 22 updates (#639)
  • afed39c Merge pull request #634 from navikt/dependabot/github_actions/release-drafter...
  • bcaf553 Merge branch 'master' into dependabot/github_actions/release-drafter/release-...
  • 083d73f group dependency updates
  • 3ec6391 Merge branch 'master' into dependabot/github_actions/release-drafter/release-...
  • 6719c85 Merge pull request #622 from navikt/dependabot/gradle/com.nimbusds-oauth2-oid...
  • 696a643 chore(deps): bump release-drafter/release-drafter from 5 to 6
  • Additional commits viewable in compare view

Updates jvm from 1.9.21 to 1.9.23

Release notes

Sourced from jvm's releases.

Kotlin 1.9.23

1.9.23

Apple Ecosystem

  • KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

  • KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

  • KT-53478 Could not load module
  • KT-66044 JDK's new API is used over Kotlin's SDK functions
  • KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
  • KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
  • KT-65634 K/N: data race during monolithic cache creation
  • KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
  • KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

  • KT-65792 Add JSON build report
  • KT-65091 Update compiler metrics in build reports
  • KT-62490 KGP dropping resource directories

Tools. Gradle. JS

  • KT-64119 K/JS: Migrate package manager from Yarn onto NPM
  • KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

  • KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

  • KT-64573 Default value for produceUnpackedKlib was not provided

Kotlin 1.9.22

Changelog

JavaScript

  • KT-63719 KJS: Test results ignored for ES module kind
  • KT-63808 compileTestDevelopmentExecutableKotlinJs failed in JsIntrinsicTransformers

Native

... (truncated)

Changelog

Sourced from jvm's changelog.

1.9.23

Apple Ecosystem

  • KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

  • KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

  • KT-53478 Could not load module
  • KT-66044 JDK's new API is used over Kotlin's SDK functions
  • KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
  • KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
  • KT-65634 K/N: data race during monolithic cache creation
  • KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
  • KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

  • KT-65792 Add JSON build report
  • KT-65091 Update compiler metrics in build reports
  • KT-62490 KGP dropping resource directories

Tools. Gradle. JS

  • KT-64119 K/JS: Migrate package manager from Yarn onto NPM
  • KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

  • KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

  • KT-64573 Default value for produceUnpackedKlib was not provided

1.9.22

JavaScript

  • KT-63719 KJS: Test results ignored for ES module kind
  • KT-63808 compileTestDevelopmentExecutableKotlinJs failed in JsIntrinsicTransformers

Native

  • KT-64139 Weird bug with while and coroutine in Kotlin Native

... (truncated)

Commits
  • 4c571ac Edit changelog for 1.9.23
  • 1ca6f32 Revert "[Wasm] Implement IrLinkageError end enable partial linker"
  • 3b90682 Add changelog for 1.9.23
  • f327391 Add validation for empty kotlin.build.report.json.directory property
  • 2f19d2e Add JSON output type for build reports
  • 666a2f2 [Wasm] Implement IrLinkageError end enable partial linker
  • 4dc6689 [Native] Support Xcode 15.3 — add back the TargetConditional.h macros
  • d3b2c6f K1: change depr. level of List.getFirst to HIDDEN but don't force it on overr...
  • c041815 K1/K2: add tests for KT-65441 current behavior
  • c262b97 K1: introduce BUILDER_INFERENCE_STUB_PARAMETER_TYPE to prevent compiler crashes
  • Additional commits viewable in compare view

Updates org.sonarqube from 4.4.1.3373 to 5.0.0.4638

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gradle group with 7 updates
17d8b2c 
Bumps the gradle group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [no.nav.security:token-validation-ktor-v2](https://github.com/navikt/token-support) | `3.2.0` | `4.1.4` |
| org.apache.pdfbox:pdfbox | `3.0.1` | `3.0.2` |
| org.apache.pdfbox:pdfbox-io | `3.0.1` | `3.0.2` |
| org.apache.pdfbox:pdfbox-io | `3.0.1` | `3.0.2` |
| [io.ktor:ktor-server-test-host](https://github.com/ktorio/ktor) | `2.3.7` | `2.3.9` |
| [no.nav.security:mock-oauth2-server](https://github.com/navikt/mock-oauth2-server) | `2.1.0` | `2.1.2` |
| [jvm](https://github.com/JetBrains/kotlin) | `1.9.21` | `1.9.23` |
| org.sonarqube | `4.4.1.3373` | `5.0.0.4638` |


Updates `no.nav.security:token-validation-ktor-v2` from 3.2.0 to 4.1.4
- [Release notes](https://github.com/navikt/token-support/releases)
- [Commits](navikt/token-support@3.2.0...4.1.4)

Updates `org.apache.pdfbox:pdfbox` from 3.0.1 to 3.0.2

Updates `org.apache.pdfbox:pdfbox-io` from 3.0.1 to 3.0.2

Updates `org.apache.pdfbox:pdfbox-io` from 3.0.1 to 3.0.2

Updates `io.ktor:ktor-server-test-host` from 2.3.7 to 2.3.9
- [Release notes](https://github.com/ktorio/ktor/releases)
- [Changelog](https://github.com/ktorio/ktor/blob/2.3.9/CHANGELOG.md)
- [Commits](ktorio/ktor@2.3.7...2.3.9)

Updates `no.nav.security:mock-oauth2-server` from 2.1.0 to 2.1.2
- [Release notes](https://github.com/navikt/mock-oauth2-server/releases)
- [Commits](navikt/mock-oauth2-server@2.1.0...2.1.2)

Updates `jvm` from 1.9.21 to 1.9.23
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.23/ChangeLog.md)
- [Commits](JetBrains/kotlin@v1.9.21...v1.9.23)

Updates `org.sonarqube` from 4.4.1.3373 to 5.0.0.4638

---
updated-dependencies:
- dependency-name: no.nav.security:token-validation-ktor-v2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gradle
- dependency-name: org.apache.pdfbox:pdfbox
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.apache.pdfbox:pdfbox-io
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.apache.pdfbox:pdfbox-io
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: io.ktor:ktor-server-test-host
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: no.nav.security:mock-oauth2-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: jvm
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.sonarqube
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gradle
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner April 3, 2024 21:43
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 3, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 5, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 5, 2024
@dependabot dependabot bot deleted the dependabot/gradle/gradle-62f9b82e26 branch April 5, 2024 21:16
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants