pentaho-hadoop-shims icon indicating copy to clipboard operation
pentaho-hadoop-shims copied to clipboard

Published 20 hours ago verified publisher icon pentaho

Bump jetty-server from 9.3.20.v20170531 to 9.4.51.v20230217 in /shims/cdh61/driver

Open dependabot[bot] opened this issue 1 year ago • 2 comments

Bumps jetty-server from 9.3.20.v20170531 to 9.4.51.v20230217.

Release notes

Sourced from jetty-server's releases.

9.4.51.v20230217

Sponsored Release

This is a release of the End of Community Support Jetty 9.x series that was sponsored by a support contract from Webtide.com

Changelog

  • #9352 - Update / Fix CookieCutter
  • #9345 - Backport Multipart Fix for CVE-2023-26048
  • #9352 - Backport Cookie Parsing Fix for CVE-2023-26049

Dependencies

  • #9269 - Bump ant.version to 1.10.13
  • #9370 - Bump asciidoctorj-diagram to 2.2.4
  • #9364 - Bump eclipse-jarsigner-plugin to 1.4.2
  • #9251 - Bump infinispan.version to 11.0.17.Final
  • #9247 - Bump maven-checkstyle-plugin to 3.2.1
  • #9267 - Bump maven-dependency-plugin to 3.5.0
  • #9365 - Bump maven-deploy-plugin to 3.1.0
  • #9252 - Bump maven-enforcer-plugin to 3.2.1
  • #9363 - Bump maven-invoker-plugin to 3.5.0
  • #9266 - Bump maven-plugin-plugin to 3.7.1
  • #9263 - Bump maven.plugin-tools.version to 3.7.1
  • #9256 - Bump maven.resolver.version to 1.9.4
  • #9368 - Bump maven.surefire.plugin.version to 3.0.0-M9
  • #9362 - Bump maven.version to 3.9.0
  • #9100 - Bump org.apache.aries.spifly.dynamic.bundle to 1.3.6
  • #9103 - Bump org.eclipse.osgi to 3.18.200
  • #9110 - Bump org.eclipse.osgi.services to 3.11.100
  • #9262 - Bump spring-beans to 5.3.25

9.4.50.v20221201

Sponsored Release

This is a release of the End of Community Support Jetty 9.x series that was sponsored by a support contract from Webtide.com

Changelog

  • #8774 - Added SizeLimitHandler
  • #8678 - Jetty client is not responding to GO_AWAY packet received from (Jetty) Server and continue to send traffic on same connection

Dependencies

  • #8826 - Bump infinispan to 11.0.16.Final
  • #8847 - Bump jboss-logmanager to 2.1.19.Final
  • #8849 - Bump jboss-threads to 3.5.0.Final
  • #8961 - Bump jnr-constants to 0.10.4
  • #8951 - Bump protostream to 4.4.4.Final

... (truncated)

Commits
  • b45c405 Updating to version 9.4.51.v20230217
  • 3beaa81 Merge pull request #9368 from eclipse/dependabot/maven/jetty-9.4.x/maven.sure...
  • d382683 Merge pull request #9370 from eclipse/dependabot/maven/jetty-9.4.x/org.asciid...
  • d52d133 Bump maven.surefire.plugin.version from 3.0.0-M8 to 3.0.0-M9
  • 1bc959a Merge pull request #9365 from eclipse/dependabot/maven/jetty-9.4.x/org.apache...
  • 08c89c7 Merge pull request #9364 from eclipse/dependabot/maven/jetty-9.4.x/org.eclips...
  • 2a30aca Merge pull request #9363 from eclipse/dependabot/maven/jetty-9.4.x/org.apache...
  • 6ab783d Merge pull request #9362 from eclipse/dependabot/maven/jetty-9.4.x/maven.vers...
  • 722781d Issue #9181 NPE in SessionHandler (#9346)
  • 922b84b Bump asciidoctorj-diagram from 2.2.3 to 2.2.4
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] avatar Jun 13 '23 22:06 dependabot[bot]

:white_check_mark: Build finished in 4m 40s

Build command:

mvn clean verify -B -e -Daudit -amd -pl shims/cdh61/driver

:exclamation: No tests found!

:information_source: This is an automatic message

buildguy avatar Jun 13 '23 22:06 buildguy

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

hitachivantarasonarqube[bot] avatar Jun 13 '23 22:06 hitachivantarasonarqube[bot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Sep 24 '24 17:09 dependabot[bot]