android-library icon indicating copy to clipboard operation
android-library copied to clipboard
verified publisher icon nextcloud

Update dependency org.bouncycastle:bcpkix-jdk18on to v1.78

Open renovate[bot] opened this issue 1 year ago • 11 comments

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.bouncycastle:bcpkix-jdk18on (source) 1.75 -> 1.78 age adoption passing confidence

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • [ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] avatar Jan 24 '24 13:01 renovate[bot]

SpotBugs

CategoryBaseNew
Bad practice77
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance55
Total130130

github-actions[bot] avatar Jan 24 '24 13:01 github-actions[bot]

Codecov Report

Merging #1323 (4773dfb) into master (0219681) will increase coverage by 0.06%. Report is 2 commits behind head on master. The diff coverage is n/a.

Additional details and impacted files 
@@             Coverage Diff              @@
##             master    #1323      +/-   ##
============================================
+ Coverage     48.93%   49.00%   +0.06%     
- Complexity      995      997       +2     
============================================
  Files           206      206              
  Lines          7826     7826              
  Branches       1018     1018              
============================================
+ Hits           3830     3835       +5     
+ Misses         3446     3443       -3     
+ Partials        550      548       -2

see 3 files with indirect coverage changes

codecov[bot] avatar Jan 24 '24 13:01 codecov[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Jan 26 '24 21:01 github-actions[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Jan 29 '24 18:01 github-actions[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Feb 01 '24 14:02 github-actions[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Mar 01 '24 14:03 github-actions[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Mar 01 '24 19:03 github-actions[bot]

matching PR to https://github.com/nextcloud/android/pull/12495

AndyScherzinger avatar Mar 04 '24 11:03 AndyScherzinger

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Mar 04 '24 11:03 github-actions[bot]

@tobiasKaminsky valid lint issue

/home/runner/.gradle/caches/modules-2/files-2.1/org.bouncycastle/bcpkix-jdk18on/1.77/ed953791ba0229747dd0fd9911e3d76a462acfd3/bcpkix-jdk18on-1.77.jar: Error: checkServerTrusted is empty, which could cause insecure network traffic due to trusting arbitrary TLS/SSL certificates presented by peers [TrustAllX509TrustManager]

 Explanation for issues of type "TrustAllX509TrustManager":
 This check looks for X509TrustManager implementations whose
 checkServerTrusted or checkClientTrusted methods do nothing (thus trusting
 any certificate chain) which could result in insecure network traffic
 caused by trusting arbitrary TLS/SSL certificates presented by peers.

 https://goo.gle/TrustAllX509TrustManager

AndyScherzinger avatar Mar 04 '24 13:03 AndyScherzinger

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Apr 06 '24 12:04 github-actions[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Apr 18 '24 09:04 github-actions[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Apr 22 '24 05:04 github-actions[bot]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

renovate[bot] avatar Apr 22 '24 06:04 renovate[bot]

SpotBugs

CategoryBaseNew
Bad practice3535
Correctness3434
Dodgy code2626
Internationalization66
Malicious code vulnerability4949
Multithreaded correctness33
Performance88
Total161161

github-actions[bot] avatar Apr 22 '24 06:04 github-actions[bot]