Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
11643: deps(maven): bump dmn-engine from 1.7.3 to 1.7.4 r=github-actions[bot] a=dependabot[bot]

Bumps dmn-engine from 1.7.3 to 1.7.4.


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.camunda.bpm.extension.dmn.scala:dmn-engine&package-manager=maven&previous-version=1.7.3&new-version=1.7.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

11647: deps(maven): bump junit-bom from 5.9.1 to 5.9.2 r=github-actions[bot] a=dependabot[bot]

Bumps [junit-bom](https://github.com/junit-team/junit5) from 5.9.1 to 5.9.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/junit-team/junit5/releases">junit-bom's releases</a>.</em></p>
<blockquote>
<p>JUnit 5.9.2 = Platform 1.9.2 + Jupiter 5.9.2 + Vintage 5.9.2</p>
<p>See <a href="http://junit.org/junit5/docs/5.9.2/release-notes/">Release Notes</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/junit-team/junit5/commit/8ed3c66c7eb20b835cf92f50a7bf8830838c462e"><code>8ed3c66</code></a> Release 5.9.2</li>
<li><a href="https://github.com/junit-team/junit5/commit/742f99fcce6d8b8fbd38c7f541c55bdda771e220"><code>742f99f</code></a> Prepare 5.9.2 release notes</li>
<li><a href="https://github.com/junit-team/junit5/commit/a9a3cf5fb75ad9adf8c197224981226db8f41181"><code>a9a3cf5</code></a> Fix bug and polish contribution</li>
<li><a href="https://github.com/junit-team/junit5/commit/825ea38857bff2dcbc200c6ceb7972dbc89482b0"><code>825ea38</code></a> Introduce new <code>`@MethodSource</code>` syntax to differentiate overloaded local factor...</li>
<li><a href="https://github.com/junit-team/junit5/commit/0c40f5ef057c90a8d4b2249dd9a0b6e289426424"><code>0c40f5e</code></a> Polish Javadoc</li>
<li><a href="https://github.com/junit-team/junit5/commit/7d54016421d611a13db8196ea9625dfe1d9036c8"><code>7d54016</code></a> Update codecov-action</li>
<li><a href="https://github.com/junit-team/junit5/commit/bfeeac4d4142a3680737626a0ccdb9a708cabb2a"><code>bfeeac4</code></a> Remove duplicate copyright comment</li>
<li><a href="https://github.com/junit-team/junit5/commit/b0d9083315426b69d2bf38153987cdeb83460257"><code>b0d9083</code></a> Format integration test projects with Spotless as well</li>
<li><a href="https://github.com/junit-team/junit5/commit/c4ed325cb2ff825ecd0bda3870cf8444bdf646f0"><code>c4ed325</code></a> Update copyright</li>
<li><a href="https://github.com/junit-team/junit5/commit/0e3a1d32e504c63a09dbafc8c1926b66df417774"><code>0e3a1d3</code></a> Update upload-artifact action</li>
<li>Additional commits viewable in <a href="https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.junit:junit-bom&package-manager=maven&previous-version=5.9.1&new-version=5.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

11648: deps(maven): bump spotbugs-annotations from 4.7.2 to 4.7.3 r=github-actions[bot] a=dependabot[bot]

Bumps [spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.7.2 to 4.7.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spotbugs/spotbugs/releases">spotbugs-annotations's releases</a>.</em></p>
<blockquote>
<h2>SpotBugs 4.7.3</h2>
<h2>CHANGELOG</h2>
<h3>Fixed</h3>
<ul>
<li>Fixed detector <code>DontUseFloatsAsLoopCounters</code> to prevent false positives. (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2126">#2126</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
<li>Fixed regression in <code>4.7.2</code> caused by (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/pull/2141">#2141</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
<li>improve compatibility with later version of jdk (&gt;= 13). (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2188">#2188</a>) <a href="https://github.com/Bluesbreaker45"><code>`@​Bluesbreaker45</code></a></li>`
<li>Fixed detector <code>UncallableMethodOfAnonymousClass</code> to not report unused methods of method-local enumerations and records (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2120">#2120</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
<li>Fixed detector <code>FindSqlInjection</code> to detect bug <code>SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE SQL</code> with high priority in case of unsafe appends also in Java 11 and above (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2183">#2183</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
<li>Fixed detector <code>StringConcatenation</code> to detect bug <code>SBSC_USE_STRINGBUFFER_CONCATENATION</code> also in Java 11 and above (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2182">#2182</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
<li>Fixed <code>OpcodeStackDetector</code> to to handle propagation of taints properly in case of string concatenation in Java 9 and above (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2195">#2195</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
<li>Bump up log4j2 binding to <code>2.19.0</code></li>
<li>Bump ObjectWeb ASM from 9.3 to 9.4 supporting JDK 20 (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/pull/2200">#2200</a>)</li>
<li>Bump up commons-text to 1.10.0 (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/pull/2197">#2197</a>)</li>
<li>Fixed debug detector <code>ViewCFG</code> to generate file names that are also valid on Windows (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2209">#2209</a>) <a href="https://github.com/baloghadamsoftware"><code>`@​baloghadamsoftware</code></a></li>`
</ul>
<h2>CHECKSUM</h2>
<table>
<thead>
<tr>
<th>file</th>
<th>checksum (sha256)</th>
</tr>
</thead>
<tbody>
<tr>
<td>spotbugs-4.7.3-javadoc.jar</td>
<td>d2ba03077ea35bdac56ff4c45f8a00d0b334c3a6a3855da61d3712b4146472cf</td>
</tr>
<tr>
<td>spotbugs-4.7.3-sources.jar</td>
<td>1fd011390e107d57c7c758539a8f79908d022709920171a91d27d3b88634087c</td>
</tr>
<tr>
<td>spotbugs-4.7.3.tgz</td>
<td>f02e2f1135b23f3edfddb75f64be0491353cfeb567b5a584115aa4fd373d4431</td>
</tr>
<tr>
<td>spotbugs-4.7.3.zip</td>
<td>dffd3f41fdc2a4cfda547d4ce700585136340e7d0803aeeb2e7ca6cf8c4a6898</td>
</tr>
<tr>
<td>spotbugs-annotations-4.7.3-javadoc.jar</td>
<td>392b57d03cb24664dd9ba856287b38a8668c3926eabdfa0f0663fad8fa7d0f44</td>
</tr>
<tr>
<td>spotbugs-annotations-4.7.3-sources.jar</td>
<td>b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad</td>
</tr>
<tr>
<td>spotbugs-annotations.jar</td>
<td>c0fd1ac2e22acdd46913a2ff74551b71f124457199688698204af4bf3d43165d</td>
</tr>
<tr>
<td>spotbugs-ant-4.7.3-javadoc.jar</td>
<td>8591f80cf058830d5b824adc68b820cd901d630b9b55557c48fe4cca6ccdd2fe</td>
</tr>
<tr>
<td>spotbugs-ant-4.7.3-sources.jar</td>
<td>ce7cfbed848ccb0e3765cec6b9c60c458699aa51f60ad9216cf89dbf38d8d793</td>
</tr>
<tr>
<td>spotbugs-ant.jar</td>
<td>b866a2a89a03b49e60b5f27e0f5987eb8c12c2d2aefc6e9ddcbcdae345c765db</td>
</tr>
<tr>
<td>spotbugs.jar</td>
<td>df37eab21a7d04aa807808a33e9f7c081451cb02c14b4a2c33119976be498520</td>
</tr>
<tr>
<td>test-harness-4.7.3-javadoc.jar</td>
<td>4008cc377288c53b4725f43a519a701eb91226a99ab340e997694ade20ed243e</td>
</tr>
<tr>
<td>test-harness-4.7.3-sources.jar</td>
<td>7efb06093ea5f6f330a7bd76b894f396d6cb466665fcefc01a3743b07910dc29</td>
</tr>
<tr>
<td>test-harness-4.7.3.jar</td>
<td>50b4a72c668ea7d29bf1234b4aa380df903374216f68b0a87f7ca28d4fa225f3</td>
</tr>
<tr>
<td>test-harness-core-4.7.3-javadoc.jar</td>
<td>486c16fa3ed7c1d99d8ddcdc8e1a6aecf925911d6b473d73aeab40f1639dda52</td>
</tr>
<tr>
<td>test-harness-core-4.7.3-sources.jar</td>
<td>f8aab3c5cdd456d6b6d632e9fc65897e657447a2e925b6b3f61bd2d15c22cb24</td>
</tr>
<tr>
<td>test-harness-core-4.7.3.jar</td>
<td>7165f7f45a6e82e8a6d6a0a4033b6473b310c14f645cb62ebc2fbc6ce5338350</td>
</tr>
<tr>
<td>test-harness-jupiter-4.7.3-javadoc.jar</td>
<td>5a011955082b4e27bcdeeb56b6bc6fae21f87015b354bc5ffb80442495b919b9</td>
</tr>
<tr>
<td>test-harness-jupiter-4.7.3-sources.jar</td>
<td>210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315</td>
</tr>
<tr>
<td>test-harness-jupiter-4.7.3.jar</td>
<td>18095fec31b85981ecaafdef86ca9ae1e9588e1b9bc6d209f82829cf9d0c13f4</td>
</tr>
</tbody>
</table>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md">spotbugs-annotations's changelog</a>.</em></p>
<blockquote>
<h2>4.7.3 - 2022-10-15</h2>
<h3>Fixed</h3>
<ul>
<li>Fixed detector <code>DontUseFloatsAsLoopCounters</code> to prevent false positives. (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2126">#2126</a>)</li>
<li>Fixed regression in <code>4.7.2</code> caused by (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/pull/2141">#2141</a>)</li>
<li>improve compatibility with later version of jdk (&gt;= 13). (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2188">#2188</a>)</li>
<li>Fixed detector <code>UncallableMethodOfAnonymousClass</code> to not report unused methods of method-local enumerations and records (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2120">#2120</a>)</li>
<li>Fixed detector <code>FindSqlInjection</code> to detect bug <code>SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE SQL</code> with high priority in case of unsafe appends also in Java 11 and above (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2183">#2183</a>)</li>
<li>Fixed detector <code>StringConcatenation</code> to detect bug <code>SBSC_USE_STRINGBUFFER_CONCATENATION</code> also in Java 11 and above (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2182">#2182</a>)</li>
<li>Fixed <code>OpcodeStackDetector</code> to to handle propagation of taints properly in case of string concatenation in Java 9 and above (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2195">#2195</a>)</li>
<li>Bump up log4j2 binding to <code>2.19.0</code></li>
<li>Bump ObjectWeb ASM from 9.3 to 9.4 supporting JDK 20 (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/pull/2200">#2200</a>)</li>
<li>Bump up commons-text to 1.10.0 (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/pull/2197">#2197</a>)</li>
<li>Fixed debug detector <code>ViewCFG</code> to generate file names that are also valid on Windows (<a href="https://github-redirect.dependabot.com/spotbugs/spotbugs/issues/2209">#2209</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/spotbugs/spotbugs/commit/fa9e53ac7d969e8f945ee8a90365173c31ce6f8a"><code>fa9e53a</code></a> release v4.7.3</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/838bf77781ab57b56fa159136635b9f8991df327"><code>838bf77</code></a> build(deps): bump com.gradle.enterprise from 3.11.1 to 3.11.2</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/1515e4c342892c0c00bcdd1158a7906566277211"><code>1515e4c</code></a> build(deps): bump joda-time from 2.11.2 to 2.12.0</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/393345b1fcfda17444dc55abe92dc7ed5c41270a"><code>393345b</code></a> build(deps): bump error_prone_annotations from 2.15.0 to 2.16</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/119956bce1c594cf21052a1c541df2ed90e6b696"><code>119956b</code></a> Fix for detector <code>UncallableMethodOfAnonymousClass</code> to not report unused meth...</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/96d50b588c00760339389777be2304a19cd4db0c"><code>96d50b5</code></a> Fix detector FindSqlInjection to detect bug SQL_NONCONSTANT_STRING_PASSED_TO_...</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/35dddba3ce5bfed401805773ddc832facd609f2c"><code>35dddba</code></a> build(deps): bump groovy-all from 4.0.4 to 4.0.5</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/b4560e0f5d87b703c0055fdee1d37ae3adf02891"><code>b4560e0</code></a> Fix detector StringConcatenation to detect bug SBSC_USE_STRINGBUFFER_CONCATEN...</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/c4c26c1967010e74008fe87f9e05da7ebea3662c"><code>c4c26c1</code></a> Fix for test detector ViewCFG</li>
<li><a href="https://github.com/spotbugs/spotbugs/commit/77b7da773886cfccc742c44d6c42892ba4b331d2"><code>77b7da7</code></a> Fix OpcodeStack to handle propagation of taints properly in case of string co...</li>
<li>Additional commits viewable in <a href="https://github.com/spotbugs/spotbugs/compare/4.7.2...4.7.3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.spotbugs:spotbugs-annotations&package-manager=maven&previous-version=4.7.2&new-version=4.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
zeebe-bors-camunda[bot] and dependabot[bot] authored Feb 14, 2023
4 parents 2287134 + e2d4749 + a2f4f7b + 74fd694 commit 4e950c4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions parent/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@
<version.jackson>2.14.0</version.jackson>
<version.java-grpc-prometheus>0.5.0</version.java-grpc-prometheus>
<version.jna>5.12.1</version.jna>
<version.junit>5.9.1</version.junit>
<version.junit>5.9.2</version.junit>
<version.junit4>4.13.2</version.junit4>
<version.log4j>2.18.0</version.log4j>
<version.minlog>1.3.1</version.minlog>
Expand All @@ -86,7 +86,7 @@
<version.netflix.concurrency>0.3.6</version.netflix.concurrency>
<version.zeebe-test-container>3.5.1</version.zeebe-test-container>
<version.feel-scala>1.15.3</version.feel-scala>
<version.dmn-scala>1.7.3</version.dmn-scala>
<version.dmn-scala>1.7.4</version.dmn-scala>
<version.rest-assured>5.2.0</version.rest-assured>
<version.spring>5.3.23</version.spring>
<version.spring-boot>2.7.4</version.spring-boot>
Expand All @@ -105,7 +105,7 @@
<version.servlet-api>2.5</version.servlet-api>
<version.osgi>6.0.0</version.osgi>
<version.findbugs-annotations>3.0.1u2</version.findbugs-annotations>
<version.spotbugs>4.7.2</version.spotbugs>
<version.spotbugs>4.7.3</version.spotbugs>
<version.archunit>0.23.1</version.archunit>
<version.easy-random>5.0.0</version.easy-random>
<version.jcip>1.0</version.jcip>
Expand Down

0 comments on commit 4e950c4

Please sign in to comment.