Update dependency io.rest-assured:rest-assured to v4 (main)

[mend-for-github-com[bot]]

This PR contains the following updates:

Package	Type	Update	Change
io.rest-assured:rest-assured (source)	compile	major	3.0.6 -> 4.0.0

By merging this PR, the issue #146 will be automatically resolved and closed:

Severity	CVSS Score	Vulnerability	Reachability
Medium	5.5	CVE-2020-17521

---

Release Notes

rest-assured/rest-assured (io.rest-assured:rest-assured)

v4.0.0

• Fix duplication of content type in the Spring MockMvc module (thanks to Gemini Kim for pull request)
• Fixed issue with overwriting FailureConfig on settings other configs (#​1127) (thanks to Victor Orlovsky for pull request)
• Added version range for the Groovy dependency for the osgi module to be between 2.4 and less than 2.5. This is because the API has changed in Groovy 2.5. (thanks to Rikske54 for pull request)
• Fixed so that using a ResponseSpecBuilder doesn't overwrite the configured config implicitly (issue 1128)
• Add Apache Johnzon object mapper support (thanks to Andriy Redko for pull request)
• Add support for MatcherConfig in RestAssuredMockMvcConfig (#​1071) (thanks to Jurriaan Pruijs for pull request)
• Supported for logging when assertion errors thrown from internal matcher #​1129 (thanks to Gemini Kim for pull request)
• Fixed so that there no longer are multiple versions of org.springframework:spring-web:jar, leading to inconsistent semantic behaviors (#​1143) (thanks to HelloCoCooo for pull request)
• Fixed issues with the use of maven-bundle-plugin which created duplicate classes in the distributed jar-files (#​1117) (big thanks to Milen Dyankov, Steven Huypens and Mark Kolich for the help!)
• Breaking changes introduced when solving #​1117:
  • io.restassured.mapper.TypeRef has been moved to io.restassured.common.mapper.TypeRef
  • io.restassured.mapper.DataToDeserialize has been moved to io.restassured.common.mapper.DataToDeserialize
  • io.restassured.mapper.ObjectDeserializationContext has been moved to io.restassured.common.mapper.ObjectDeserializationContext
  • io.restassured.mapper.factory.GsonObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.GsonObjectMapperFactory
  • io.restassured.mapper.factory.Jackson1ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.Jackson1ObjectMapperFactory
  • io.restassured.mapper.factory.Jackson2ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.Jackson2ObjectMapperFactory
  • io.restassured.mapper.factory.DefaultGsonObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.DefaultGsonObjectMapperFactory
  • io.restassured.mapper.factory.DefaultJackson1ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.DefaultJackson1ObjectMapperFactory
  • io.restassured.mapper.factory.DefaultJackson2ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.DefaultJackson2ObjectMapperFactory
  • io.restassured.mapper.resolver.ObjectMapperResolver has been moved to io.restassured.common.mapper.resolver.ObjectMapperResolver
  • io.restassured.exception.PathException has been moved to io.restassured.common.exception.PathException
• Removed deprecated methods:
  • io.restassured.RestAssured
    • withArguments
    • withNoArguments
  • io.restassured.builder.ResponseSpecBuilder
    • expectContent
  • io.restassured.builder.RequestSpecBuilder
    • setContent
    • addParameters
    • addParameter
    • addQueryParameters
    • addQueryParameter
    • addFormParameters
    • addFormParameter
    • addPathParameter
    • addPathParameters
    • setAuthentication
  • io.restassured.specification.ResponseSpecification
    • content
    • specification
  • io.restassured.specification.RequestSpecification
    • content
    • formParameters
    • formParameter
    • pathParameter
    • pathParameters
    • authentication
    • specification
    • parameters
    • parameter
    • queryParameter
    • queryParameters
• Deprecations
  • Deprecated all short versions of "root", for example "root(..)", "appendRoot(..)", "detachRoot(..)". Use "rootPath(..)", "appendRootPath(..)", "detachRootPath(..)" instead. This was introduced for better consistency and clearer intention..
  • JsonPath#setRoot(..) - Use JsonPath#setRootPath(..) instead
  • XmlPath#setRoot(..) - Use XmlPath#setRootPath(..) instead
• Rest Assured now requires Java 8 (previously Java 6 was required)
• Removed io.restassured.function.RestAssuredFunction - use java.util.function.Function instead
• Made io.restassured.matcher.ResponseAwareMatcher a proper annotated functional interface
• Made io.restassured.filter.Filter a proper annotated functional interface
• Made io.restassured.listener.ResponseValidationFailureListener a proper annotated functional interface
• Made io.restassured.module.mockmvc.intercept.MockHttpServletRequestBuilderInterceptor a proper annotated functional interface
• Made io.restassured.path.json.mapping.JsonPathObjectDeserializer a proper annotated functional interface
• Upgraded Groovy dependency from 2.4.15 to 2.5.6
• Removed io.restassured.response.ValidatableResponseOptions#specification(..), use io.restassured.response.ValidatableResponseOptions#spec instead
• Removed io.restassured.response.ValidatableResponseOptions#content(..), use io.restassured.response.ValidatableResponseOptions#body(..) instead
• Upgraded Hamcrest from version 1.3 to 2.1
• Made it possible to specify a multi-expectation body with arguments. For example: when(). get("/jsonStore"). then(). rootPath("store.book.find { it.author == '%s' }"). body( "price", withArgs("Nigel Rees"), is(8.95f), "price", withArgs("Evelyn Waugh"), is(12.99f) ); (issue #​1154)
• MockMvc module now supports using MediaType for Accept header value (issue #​1142). Thanks to Gemini Kim for pull request.
• Support for using "HttpStatus" when validating response status when using MockMvc module. Thanks to Gemini Kim for pull request.
• MockMvc module now supports using MediaType for Accept header in WebTestClientRequest. Thanks to Gemini Kim for pull request.
• Upgraded spring-webmvc dependency from version 4.3.19.RELEASE to 4.3.23.RELEASE (issue #​1161)

v3.3.0

• Upgraded json-schema-validator from version 2.2.6 to 2.2.10 (thanks to thorin for pull request)

• Added io.restassured.mapper.TypeRef class that allows you to deserialize the response to a container with generic type. For example: List<Map<String, Object>> products = get("/products").as(new TypeRef<List<Map<String, Object>>>() {}); Currently this only works for JSON :(

• Add logging functionality to the ResponseSpecBuilder, i.e. you can now do: ResponseSpecification spec = new ResponseSpecBuilder().log(LogDetail.ALL).build(); (issue 579). Thanks to Aleksandr Podkutin for pull request!

• httpmime dependency is updated to version 4.5.3 and is now consistent with httpclient (thanks to Rüdiger Herrmann for pull request).

• Updated commons-fileupload from 1.3.1 to 1.3.3 to fix security issues

• Added a new artifact, rest-assured-all, which you can depend on instead of rest-assured to avoid split packages in Java 9+. (thanks to Tomasz Gaweda for pull request)

• Introduces custom listeners on test validation failures. This makes it possible to hook into Rest Assured and get a callback when the test fails with full access to the request/response specification as well as the response. You can do this by implementing the "io.restassured.listener.ResponseValidationFailureListener" and add it to the new "FailureConfig". For example:

  given().config(RestAssured.config().failureConfig(failureConfig().with().failureListeners((requestSpec, responseSpec, response) -> log.info("Rest Assured validation failed!")).when(). ..
  

  (issue 1093) (thanks to Daniel Dyląg for pull request).

v3.2.0

• Added OSGi support (thanks to ponziani for pull request)
• Make it clear that junit is only a test scope dependency (thanks to Eric Pabst for pull request)
• Changed MockMvcParamConfig.attributeUpdateStrategy() to actually return the attributeUpdateStrategy and not the formParamsUpdateStrategy.
• Added a spring-web-test-client module which let's you unit test Spring Webflux Controllers using the REST Assured DSL. Depend on artifact id "spring-web-test-client" using group id "io.rest-assured" from Maven to use it. Then use io.restassured.module.webtestclient.RestAssuredWebTestClient to get started (thanks to Olga Maciaszek-Sharma for pull request)
• Upgraded to from Groovy 2.4.12 to 2.4.15
• Upgraded Scala from version 2.11.12 to 2.12.7, this also means that the Scala support module now requires Java 8.
• Rest Assured now requires Java 6 (previously Java 5 was required).
• Moved XmlAssertion from io.restassured.assertion package to io.restassured.internal.path.xml since it's an internal class (issue 1051)

v3.1.1

• Ensure RequestSpecBuilder picks up static config (issue 1012). (thanks to Peter Major for pull request)
• Support multiple 'Set-Cookie' headers in a response (issue 1016). (thanks to runtarinn for pull request)
• Fixed OAuth 1 for GET requests (thanks to Corneliu Duplachi for pull request)
• Add detailed cookie matching to RequestSpecBuilder (thanks to Peter Major for pull request)
• Add File Size to InputStreamEntity (issue 988) (thanks to vjykumar for pull request)
• Properly encodes JSON from InputStream (issue 1040) (thanks to Maksymilian Pawlak for pull request)
• Implemented ability to add headers to a multipart using the MultiPartSpecBuilder

v3.1.0

• Fixed generics handling of the detailed cookie matcher (thanks to Rafał Siwiec for pull request)

• Now using Type instead of Class in the API for mapping to Java Objects. For users of the REST Assured API the change is most prominent in the "ResponseBodyExtractionOptions" interface where the "as" method now takes a "java.lang.Type" instead of "java.lang.Class". This should not cause any backward incompatibilities. However this change also applies to ObjectMapperFactory's where there is a chance of backward incompatibilities to arise. For example if you previously had a custom JAXBObjectMapperFactory that looked like this:

  public class MyJAXBObjectMapperFactory implements JAXBObjectMapperFactory { public JAXBContext create(Class cls, String charset) { ... } }

  you now need to change it to:

  public class MyJAXBObjectMapperFactory implements JAXBObjectMapperFactory { public JAXBContext create(Type cls, String charset) { ... } }

  (note the change from Class to Type). This was needed for swagger integration (issue 980). (thanks to Victor Orlovsky for pull request)

• Add better integration for standard HTTP methods with Apache HttpClient which also solves an issue content-type header being generated for empty GET requests (issue 974) (thanks to Daniel Dyląg for pull request)

• No longer using DEF_CONTENT_CHARSET from Apache HttpClient since it caused compatibility issues (issue 757)

• Fix for #​979 Removing Authorization header when setting auth().none() (issue 979) (thanks to jovanovicivan for pull request)

• Fixed so that header equals is case-insensitive (issue 999) (thanks to Todd Bradley for pull request)

• Allow querying (extracting values out of) a request specification using the io.restassured.specification.SpecificationQuerier. For example: RequestSpecification spec = ... QueryableRequestSpecification queryable = SpecificationQuerier.query(spec); String headerValue = queryable.getHeaders().getValue("header"); String param = queryable.getFormParams().get("someparam");

• Fixed so that it's possible to specify arguments to root paths in multi expectation blocks such as: get("/jsonStore").then() .root("store.book.find { it.author == '%s' }.price") .body( withArgs("Nigel Rees"), is(8.95f), withArgs("Evelyn Waugh"), is(12.99f), withArgs("Herman Melville"), is(8.99f), withArgs("J. R. R. Tolkien"), is(22.99f) );

• It's now possible to automatically include additional input fields when using form authentication. Just use the FormAuthConfig and specify the additional values to include using: given().auth().form("username", "password", formAuthConfig().withAdditionalFields("firstInputField", "secondInputField"). .. REST Assured will automatically parse the HTML page, find the values for the additional fields and include them as form parameters in the login request.

v3.0.7

• CookieFilter now conforms to RFC6265 standard by only copying expected cookies instead of all (thanks to Maciej Ciszewski for pull request) (issue 956).
• Prettifier can now prettify empty xml body (issue 960)
• Introduced a "detailed cookie matcher" that allows you to verify more detailed aspects of a cookie, for example: given(). get("/multiCookie"). then() cookie("cookie1", detailedCookie().maxAge(1234567)); (thanks to Rafał Siwiec for pull request)

---

• [ ] If you want to rebase/retry this PR, check this box