Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade org.slf4j:slf4j-api from 1.7.30 to 1.7.36 #3034

Closed
wants to merge 189 commits into from

Conversation

jumperchen
Copy link
Member

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade org.slf4j:slf4j-api from 1.7.30 to 1.7.36.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 6 versions ahead of your current version.
  • The recommended version was released 2 years ago, on 2022-02-08.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

jumperchen and others added 30 commits September 16, 2022 12:18
…ightCeil,offsetTopCeil,offsetLeftCeil}Ceil due to ZK-5029
2. add a missing span element for zul.xsd
Added more information to the @deprectated field of the javadoc, following customer feedback that the reason to deprecate was unclear
…ents tomcat graceful stop, threads remain after stop
ZK-5159: Firefox Windows 11 scrollbar doesn't have height, cause missing scrollbar
ZK-5029: sporadic text wrapping in listbox/grid/tree cells since chrome 90
ZK-5220: a listbox without ROD causes a websocket connection to close
ZK-5140: ZK loads vulnerable commons-io transitively
Bumps [engine.io](https://github.com/socketio/engine.io) to 6.2.0 and updates ancestor dependencies [engine.io](https://github.com/socketio/engine.io), [browser-sync](https://github.com/BrowserSync/browser-sync) and [socket.io](https://github.com/socketio/socket.io). These dependencies need to be updated together.


Updates `engine.io` from 3.5.0 to 6.2.0
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](socketio/engine.io@3.5.0...6.2.0)

Updates `browser-sync` from 2.26.14 to 2.27.10
- [Release notes](https://github.com/BrowserSync/browser-sync/releases)
- [Changelog](https://github.com/BrowserSync/browser-sync/blob/master/CHANGELOG.md)
- [Commits](BrowserSync/browser-sync@v2.26.14...v2.27.10)

Updates `socket.io` from 4.1.2 to 4.5.2
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](socketio/socket.io@4.1.2...4.5.2)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
- dependency-name: browser-sync
  dependency-type: direct:development
- dependency-name: socket.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [axios](https://github.com/axios/axios) and [localtunnel](https://github.com/localtunnel/localtunnel). These dependencies needed to be updated together.

Updates `axios` from 0.21.1 to 0.21.4
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v0.21.4/CHANGELOG.md)
- [Commits](axios/axios@v0.21.1...v0.21.4)

Updates `localtunnel` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/localtunnel/localtunnel/releases)
- [Changelog](https://github.com/localtunnel/localtunnel/blob/master/CHANGELOG.md)
- [Commits](localtunnel/localtunnel@v2.0.1...v2.0.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: indirect
- dependency-name: localtunnel
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
ZK-5170: borderlayout title css rules are missing under sapphire theme
ZK-5155: bandbox closes its popup when switching active page
kuotsanhsu and others added 25 commits April 28, 2023 17:59
ZK-5216: cannot change to am of a day under Spanish locale
ZK-5427: missing context menu after ZK-4835 on hybrid mouse / touch d…
ZK-5379: Floating scrollbar prevent anchornav from scrolling
…sion compiled in jdk 11)

add jar name in config for zktest deployment
Refine ZK-4194, upgrade closure-compiler to v20220601
Unconditionally escaping strings in ZK-5260 conflicts with the documentation for ItemRenderer::render and ZK-2691.

`model.add("[email protected] <aerror");` should be allowed because "`ItemRenderer::render` renders the data to the corresponding HTML fragment, and returns the HTML `fragment.model." See
https://www.zkoss.org/javadoc/latest/zk/org/zkoss/zul/ItemRenderer.html
Add release date in the release-note
Bumps [engine.io](https://github.com/socketio/engine.io) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.

Updates `engine.io` from 6.2.1 to 6.4.2
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](socketio/engine.io@6.2.1...6.4.2)

Updates `socket.io` from 4.5.2 to 4.6.1
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](socketio/socket.io@4.5.2...4.6.1)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
- dependency-name: socket.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.3.
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](socketio/socket.io-parser@4.2.1...4.2.3)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@github-actions github-actions bot added need-config.properties Pull requests that need config.properties need-release-note Pull requests that need release-note labels Aug 29, 2023
@jumperchen jumperchen closed this Dec 4, 2023
@jumperchen jumperchen deleted the snyk-upgrade-b09a0e4ffc233264cebb591b97149d1a branch December 4, 2023 03:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
need-config.properties Pull requests that need config.properties need-release-note Pull requests that need release-note
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants