api-manager Third Party Dependency Upgrades

Description

This task is created to track third party dependency upgrades to be done for the next APIM release.

Version

No response

Apr 21 '25 04:04 npamudika

Upgrade tomcat dependencies to 9.0.102 or higher. https://github.com/wso2/orbit/pull/1193

Apr 21 '25 04:04 npamudika

Upgrade json_3.0.0.wso2v1 to json_3.0.0.wso2v6

Apr 22 '25 04:04 Avishka-Shamendra

Upgrade minidev:json-smart to 2.5.2

Apr 22 '25 04:04 Avishka-Shamendra

Upgrade ballerina version in MGW 3.2.0. Upgrade libphonenumber version in MGW 3.2.0.

May 06 '25 10:05 thivindu

Upgrade kotlin-stdlib version to 2.1.21

Please check on https://github.com/wso2/api-manager/issues/3921 while upgrading the dependency

May 23 '25 09:05 AqeelMuhammad

apim-apps

Upgrade:

@asyncapi/react-component to v2.6.3 @stoplight/elements to v8.5.2 axios to v0.30.0 react-syntax-highlighter to v15.6.1 swagger-client to v3.34.4 swagger-ui-react to v5.21.0

Add:

path-to-regexp v1.9.0

May 23 '25 09:05 AqeelMuhammad

Log4j2 Upgrade

pax logging 2.2.9-wso2v1
log4j2 2.24.3

Jun 02 '25 04:06 Avishka-Shamendra

Beanutils Upgrade

commons-beanutils to 1.11.0-wso2V1
tiles-jsp 2.0.5-wso2V3

Jun 19 '25 09:06 Tharanidk

Zookeeper Upgrade (from v3.92 to v3.9.3) in Solr

Jun 20 '25 04:06 AqeelMuhammad

https://github.com/wso2/balana/pull/181 and https://github.com/wso2/carbon-kernel/pull/4322

Note: https://github.com/wso2/balana/pull/178#issue-2580489564 needs to be considered.

Jul 15 '25 05:07 sgayangi

Upgrade `solr_9.8.1.wso2v3`

Upgrade solr-core version to v9.8.1 or later
Upgrade jett-io version in solr_ orbit bundle to v10.0.25 or later

Jul 15 '25 05:07 SavinduDimal

Tomcat update https://github.com/wso2/carbon-kernel/pull/4355, https://github.com/wso2/orbit/pull/1239

Aug 13 '25 18:08 AnuGayan

Summary of Dependency Updates Across PRs

https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/2894
- saml.common.util.version: 1.3.0 → 1.3.1
- waffle-jna.wso2.version: 1.6.wso2v6 → 1.6.wso2v7
- net.minidev.accessors-smart.version: 2.5.2 → 2.6.0
https://github.com/wso2-extensions/identity-inbound-auth-openid/pull/111
- json-smart.version: 2.5.2 → 2.6.0
- net.minidev.accessors-smart.version: 2.5.2 → 2.6.0
https://github.com/wso2/carbon-analytics-common/pull/880
- log4j-api: 2.17.1 → 2.24.3 (in components/org.wso2.carbon.databridge.agent/pom.xml)
- log4j-core: 2.17.1 → 2.24.3 (in components/org.wso2.carbon.databridge.agent/pom.xml)
- log4j-slf4j-impl: 2.17.1 → 2.24.3 (in components/org.wso2.carbon.databridge.agent/pom.xml)
- log4j-api: 2.12.0 → 2.24.3 (in main pom.xml)
- log4j-core: 2.12.0 → 2.24.3 (in main pom.xml)
https://github.com/wso2/carbon-business-messaging/pull/729
- orbit.version.commons.beanutils: 1.9.4.wso2v1 → 1.11.0-wso2v1
- commons-beanutils.version: 1.9.4 → 1.11.0
https://github.com/wso2/carbon-deployment/pull/418
- org.apache.cxf.version: 3.6.5 → 3.6.8
https://github.com/wso2/carbon-deployment/pull/420
- carbon.analytics-common.version: 5.3.7 → 5.3.27
https://github.com/wso2/carbon-identity-framework/pull/7325
- saml.common.util.version: 1.3.0 → 1.3.1
- pax.logging.api.version: 2.2.1-wso2v2 → 2.3.0-wso2v1
- pax.logging.log4j2.version: 2.2.1-wso2v2 → 2.3.0-wso2v1
https://github.com/wso2/carbon-identity-framework/pull/7357
- org.wso2.carbon.registry.version: 4.8.12 → 4.8.46
- log4j.api.version: 2.17.1 → 2.24.3
- log4j.core.version: 2.17.1 → 2.24.3
- log4j.slf4j.version: 2.19.0 → 2.24.3
https://github.com/wso2/carbon-kernel/pull/4368
- orbit.version.tiles: 2.0.5.wso2v2 → 2.0.5.wso2v3
- bouncycastle.version: 1.78.1.wso2v1 → 1.81.0.wso2v1
- version.commons.fileupload: 1.5.0.wso2v2 → 1.6.0.wso2v1
https://github.com/wso2/carbon-kernel/pull/4376
- pax.logging.api.version: 2.2.1-wso2v2 → 2.3.0-wso2v1
- pax.logging.log4j2.version: 2.2.1-wso2v2 → 2.3.0-wso2v1
- version.log4j.core: 2.17.1 → 2.24.3
- version.log4j.jul: 2.17.1 → 2.24.3
https://github.com/wso2/carbon-mediation/pull/1782
- carbon.analytics.common.version: 5.3.23 → 5.3.27
- synapse.version: 4.0.0-wso2v240 → 4.0.0-wso2v245
- json.smart.version: 2.5.2 → 2.6.0
- netty.version: 4.1.118.Final → 4.1.126.Final
- saml.common.util.version: 1.3.0 → 1.3.1
- transport.http.netty: 6.3.53 → 6.3.55
https://github.com/wso2/carbon-multitenancy/pull/307
- orbit.version.json: 3.0.0.wso2v1 → 3.0.0.wso2v7
- pax.logging.api.version: 2.2.1-wso2v2 → 2.3.0-wso2v1
https://github.com/wso2/carbon-multitenancy/pull/308
- bcprov-jdk18.version: 1.78.1.wso2v1 → 1.81.0.wso2v1
- bcpkix-jdk18.version: 1.78.1.wso2v1 → 1.81.0.wso2v1
https://github.com/wso2/orbit/pull/1241
- None (This PR adds new orbit bundles for okhttp 4.12.0.wso2v4 and okio 3.16.0.wso2v1, but does not update existing dependencies.)
https://github.com/wso2/transport-http/pull/477
- netty.version: 4.1.118.Final → 4.1.126.Final
https://github.com/wso2/transport-http/pull/479
- None (This PR renews expired OCSP certificates and modifies certificate files, but no dependency versions were updated.)
https://github.com/wso2/wso2-synapse/pull/2382
- org.bouncycastle.version: 1.78.1.wso2v1 → 1.81.0.wso2v1
- net.minidev.accessors-smart.version: 2.5.2 → 2.6.0
- json.smart.version: 2.5.2 → 2.6.0
- okhttp.wso2.version: 4.12.0.wso2v2 → 4.12.0.wso2v4
- okio.wso2.version: 3.9.0.wso2v2 → 3.16.0.wso2v1
https://github.com/wso2/wso2-synapse/pull/2390
- log4j2.version: 2.17.1 → 2.24.3
- io.netty.version: 4.1.118.Final → 4.1.126.Final
- transport.http.netty.version: 6.3.53 → 6.3.55

Sep 16 '25 06:09 DakshithaS

Third Party Dependency Upgrades

Description

Version

apim-apps

Log4j2 Upgrade

Beanutils Upgrade

Upgrade solr_9.8.1.wso2v3

Summary of Dependency Updates Across PRs

Upgrade `solr_9.8.1.wso2v3`